Find in Library

Purpose of the research is to identify the risk of IT in the company, to assess all the risk, and take security actions to solve the problem. Research methods used are data collection method and analysis method. Data collection is conducted with literature review and field studies by interview and observation. Analysis is conducted using Operationally Critical Threat, Asset, and Vulnerability (OCTAVE)-S method. The expected result is the risk identification in IT of the company. Index Terms - IT, Risk Assessment, Octave-S