Analisis Manajemen Risiko Infrastruktur Dengan Metode NIST (National Institute of Standards and Technology) SP 800-30 (Studi Kasus : STMIK Rosma)
DOI:
https://doi.org/10.51903/elkom.v14i1.387Keywords:
Information Security, NIST SP 800-30, Infrastructure, Risk AssessmentAbstract
Infrastructure is an important thing in an organization/company that is used to support activities carried out within the organization. Infrastructure that includes STMIK Rosma, including hardware, software, data, and information, and human resources that support information systems. Hardware resources include PCs that are used for clients with application program software. Windows 10 professional 32 and 64 bit as the operating system. While the software on the server uses Linux OS and PHP programming language. Data and information include infrastructure data, device data, server data and data on staff, students and lecturers at STMIK Rosma. So the need for the sustainability of this system is increasingly important. Problems that have existed in the STMIK Rosma infrastructure, such as those related to information security vulnerabilities. If this problem cannot be fixed in a sustainable manner, it will have an impact or risk on the sustainability of this infrastructure, especially the academic community. This study uses NIST SP 800-30 as the method used to solve these problems.
Keywords: Information Security, NIST SP 800-30, Infrastructure, Risk Assessment