OCTAVE ALLEGRO FRAMEWORK PROCESS IMPROVEMENT IN DETERMINING INFORMATION ASSET RISK MITIGATION PRIORITIES USING MULTI-CRITERIA DECISION MAKING (MCDM) METHOD
The OCTAVE Allegro is one of the frameworks that provides clear, step-by-step guidance for the information security risk assessment process. This framework is also equipped with a worksheet, making it easier for both large and small organizational leaders to identify potential risks within their...
Saved in:
| Main Author: | |
|---|---|
| Format: | Theses |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/80135 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:80135 |
|---|---|
| spelling |
id-itb.:801352024-01-18T16:24:56ZOCTAVE ALLEGRO FRAMEWORK PROCESS IMPROVEMENT IN DETERMINING INFORMATION ASSET RISK MITIGATION PRIORITIES USING MULTI-CRITERIA DECISION MAKING (MCDM) METHOD Yuli Pratiwi, Annisa Indonesia Theses MCDM, OCTAVE Allegro, risk assessment, SAW, TOPSIS, VIKOR, WPM. INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/80135 The OCTAVE Allegro is one of the frameworks that provides clear, step-by-step guidance for the information security risk assessment process. This framework is also equipped with a worksheet, making it easier for both large and small organizational leaders to identify potential risks within their organizations. However, the framework lacks a measurable mechanism for determining information security risk mitigation priorities. As a solution to this issue, research has been conducted to combine the OCTAVE Allegro framework with two Multi- Criteria Decision Making (MCDM) methods: Simple Additive Weighting (SAW) and Analytic Hierarchy Process (AHP). The combination of OCTAVE Allegro- MCDM has generated a better list of information security risk mitigation priorities than using only a relative risk matrix. Nevertheless, further improvement and examination using other MCDM methods is still needed. To complement previous research, this study reanalyzes the performance of the SAW method and three other MCDM methods—WPM, TOPSIS, and VIKOR—to generate a prioritized list of risk mitigation. The risk data used in this study were obtained from the BPS Provinsi Kalimantan Utara as a case study object through online questionnaire submissions. From the collected data, 24 lists of information security risks were processed using the four examined MCDM methods. The risk ranking results from these methods tend to be similar or not significantly different. This is proven by the similarity analysis results using the Pearson correlation method, which shows correlation values above 0.9 or close to 1 for each pair of MCDM methods. Additionally, sensitivity analysis on the model revealed that the criteria weight values significantly influence the ranking results. Furthermore, the same analysis indicates that the combination of OCTAVE Allegro-WPM is the most robust model compared to the other three methods. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
The OCTAVE Allegro is one of the frameworks that provides clear, step-by-step
guidance for the information security risk assessment process. This framework is
also equipped with a worksheet, making it easier for both large and small
organizational leaders to identify potential risks within their organizations.
However, the framework lacks a measurable mechanism for determining
information security risk mitigation priorities. As a solution to this issue, research
has been conducted to combine the OCTAVE Allegro framework with two Multi-
Criteria Decision Making (MCDM) methods: Simple Additive Weighting (SAW)
and Analytic Hierarchy Process (AHP). The combination of OCTAVE Allegro-
MCDM has generated a better list of information security risk mitigation priorities
than using only a relative risk matrix. Nevertheless, further improvement and
examination using other MCDM methods is still needed. To complement previous
research, this study reanalyzes the performance of the SAW method and three other
MCDM methods—WPM, TOPSIS, and VIKOR—to generate a prioritized list of risk
mitigation. The risk data used in this study were obtained from the BPS Provinsi
Kalimantan Utara as a case study object through online questionnaire submissions.
From the collected data, 24 lists of information security risks were processed using
the four examined MCDM methods. The risk ranking results from these methods
tend to be similar or not significantly different. This is proven by the similarity
analysis results using the Pearson correlation method, which shows correlation
values above 0.9 or close to 1 for each pair of MCDM methods. Additionally,
sensitivity analysis on the model revealed that the criteria weight values
significantly influence the ranking results. Furthermore, the same analysis
indicates that the combination of OCTAVE Allegro-WPM is the most robust model
compared to the other three methods. |
| format |
Theses |
| author |
Yuli Pratiwi, Annisa |
| spellingShingle |
Yuli Pratiwi, Annisa OCTAVE ALLEGRO FRAMEWORK PROCESS IMPROVEMENT IN DETERMINING INFORMATION ASSET RISK MITIGATION PRIORITIES USING MULTI-CRITERIA DECISION MAKING (MCDM) METHOD |
| author_facet |
Yuli Pratiwi, Annisa |
| author_sort |
Yuli Pratiwi, Annisa |
| title |
OCTAVE ALLEGRO FRAMEWORK PROCESS IMPROVEMENT IN DETERMINING INFORMATION ASSET RISK MITIGATION PRIORITIES USING MULTI-CRITERIA DECISION MAKING (MCDM) METHOD |
| title_short |
OCTAVE ALLEGRO FRAMEWORK PROCESS IMPROVEMENT IN DETERMINING INFORMATION ASSET RISK MITIGATION PRIORITIES USING MULTI-CRITERIA DECISION MAKING (MCDM) METHOD |
| title_full |
OCTAVE ALLEGRO FRAMEWORK PROCESS IMPROVEMENT IN DETERMINING INFORMATION ASSET RISK MITIGATION PRIORITIES USING MULTI-CRITERIA DECISION MAKING (MCDM) METHOD |
| title_fullStr |
OCTAVE ALLEGRO FRAMEWORK PROCESS IMPROVEMENT IN DETERMINING INFORMATION ASSET RISK MITIGATION PRIORITIES USING MULTI-CRITERIA DECISION MAKING (MCDM) METHOD |
| title_full_unstemmed |
OCTAVE ALLEGRO FRAMEWORK PROCESS IMPROVEMENT IN DETERMINING INFORMATION ASSET RISK MITIGATION PRIORITIES USING MULTI-CRITERIA DECISION MAKING (MCDM) METHOD |
| title_sort |
octave allegro framework process improvement in determining information asset risk mitigation priorities using multi-criteria decision making (mcdm) method |
| url |
https://digilib.itb.ac.id/gdl/view/80135 |
| _version_ |
1822996680253898752 |