Title :
Information Technology Risk Measurement Using NIST (Case Study at Pt. Pintraco)
Author :
Gui, Anderes ; Kristanto, Robbyn ; Haron, Hasnah ; Adrian, Ega
Author_Institution :
Computerized Accounting Dept., Bina Nusantara Univ., Jakarta, Indonesia
Abstract :
The purpose of this study is to measure how big the risk level associated existing information technology at PT. Phintraco and how to minimize the risk of information technology. The research methodology used involves library research, documentation studies and interviews, collected data were analyzed using the NIST method. Results from this study indicate there are 13 types of risks that might occur, one of them at high risk (Malicious code) and there are two risks with a medium risk level (Information theft, server hangs). The conclusion was that risk controls has been applied quite good but still there are some weaknesses in it, among others: the password is not changed periodically, there is no documentation about the system, the right of access to the IT division is too free, antivirus programs inadequate.
Keywords :
document handling; information retrieval; information technology; risk analysis; NIST method; antivirus programs inadequate; documentation studies; information technology; library research; risk measurement; Companies; Hardware; Information technology; NIST; Risk management; Security; Servers; Information Technology; Measurement; NIST; Risk;
Conference_Titel :
Advances in Computing, Control and Telecommunication Technologies (ACT), 2010 Second International Conference on
Conference_Location :
Jakarta
Print_ISBN :
978-1-4244-8746-2
Electronic_ISBN :
978-0-7695-4269-0
DOI :
10.1109/ACT.2010.57
