Audit Keamanan dan Manajemen Risiko pada e-Learning Universitas Sangga Buana
Abstract
Universitas Sangga Buana is an educational institution that continues to develop the following technological advances by creating an e-learning system for students to facilitate distance learning. This system is relatively new and still being developed, allowing there are still many gaps that others can exploit, especially on the security side of the system. To reduce system security vulnerabilities and data loss risks, it is necessary to conduct an audit of the e-learning system at the Universitas Sangga Buana. The stages used to determine security system vulnerabilities and risk management in e-learning systems use the NIST framework and the Acunetix application as a system security testing tool. The final result of the e-learning system audit is that the e-learning system of the University of Sangga Buana is at a reasonable level with no high system vulnerabilities found and well-implemented risk management.
References
H. Tohidi, "The Role of Risk Management in IT systems of organizations," Procedia Computer Science, vol. 3, pp. 881-887, 2011.
E. Supristiowadi dan Y.G. Sucahyo, "Manajemen Risiko Keamanan Informasi Pada Sistem Aplikasi Keuangan Tingkat Instansi (SAKTI) Kementerian Keuangan," Indonesian Treasury Review: Jurnal Perbendaharaan, Keuangan Negara dan Kebijakan Publik, vol. 3, no. 1, pp. 23-33, 2018.
R. S. Perdana, “Audit Keamanan Sistem Informasi Akademik Menggunakan Framework NIST SP 800-26 (Studi Kasus: Universitas Sangga Buana YPKP Bandung),†J. Infotronik, 2018.
A. Rezakhani, A. Hajebi, and N. Mohammadi. "Standardization of all information security management systems," International Journal of Computer Applications, vol.18 no. 8, pp. 4-8, 2011.
D. A. Jakaria, R. T. Dirgahayu, and Hendrik, “Manajemen Risiko Sistem Informasi Akademik pada Perguruan Tinggi Menggunakan Metoda Octave Allegro,†in Seminar Nasional Aplikasi Teknologi Informasi (SNATI), 2013, pp. E37–E42.
H. M. Jogiyanto, “Analisa dan Desain Sistem Informasi, edisi kedua,†Yogyakarta Andi Offset, 2005.
E. Maria and E. Haryani, “Audit Model Development Of Academic Information System: Case Study On Academic Information System Of Satya Wacana,†J. Arts, Sci. Commer., E-Vol.– I, no. Issue –2, p. ISSN 2229-4686, ISSN 2231-4172.
ISACA (Information System Audit and Control Association), IT Standards, Guidelines, and Tools and Techniques for Audit and Assurance Control Professionals. 2010.
M. Swanson, “Security Self-Assessment Guide for Information Technology Systems,†NIST Spec. Publ. 800-26, 2001.
E. Jonsson and L. Pirzadeh, "Identifying Suitable Attributes for Security and Dependability Metrication," SECURWARE 2013 The Seventh International Conference on Emerging Security Information, Systems and Technologies, pp. 1-7, 2013.
et al Stoneburner, “Risk Management Guide for Information Technology Systems,†NIST Spec. Publ. 800-30, 2002.
R. L. dan D. R. V. Krutz, The CISSP Prep Guide – Mastering the Ten Domains of Computer Security. CA: Wiley Computer Publishing John Wiley & Sons, Inc, 2006.
K. Praktis, “Pengertian dan Proses Kuliah Online - Sistem Perkuliahan Berbasis Daring,†2018. https://www.komunikasipraktis.com/2018/05/pengertian-proses-kuliah-online-daring.html (accessed Aug. 07, 2020).
Acunetix, “Introduction to Acunetix - Why You Need To Secure Your Web Applications.†https://www.acunetix.com/support/docs/introduction/ (accessed Aug. 07, 2020).
Centerklik, “Amankan Website Dengan Acunetix Web Vulnerability Scanner,†2016. https://www.centerklik.com/amankan-website-dengan-acunetix-web-vulnerability-scanner (accessed Aug. 07, 2020).
