IT Governance is the structure of process relationships that guide and control an organization to achieve its vision and mission by adding value that will balance risks with IT and its processes. The analytical method used in this research is quantitative and qualitative risk analysis. The Quantitative Risk Analysis (QRA) approach focuses on analyzing the maintenance of IT resources to find risk factors that need serious consideration and treatment. For the qualitative risk analysis method, NIST SP 800-30 is used to analyze the various threat and risk attributes to provide guidelines for managing IT installations at XYZ Campus. Based on the QRA risk assessment, Internal HR who has access to the server is calculated as the highest potential campus loss. This can be seen in the risk aspect where losses caused by Internal HR who play the role of server admins have the greatest potential for losses. Qualitative assessment of risk management finds sources of threats with high risk are Internal HR and IT Infrastructure Systems. This level of risk can be detected during the hazard source classification process. The presentation of all risk analysis results can provide risk recommendations that will be communicated to campus IT management. To then be able to assist the campus in making a decision that includes policies, procedures, budgets, system operations, and change management.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.
hi@scite.ai
10624 S. Eastern Ave., Ste. A-614
Henderson, NV 89052, USA
Copyright © 2024 scite LLC. All rights reserved.
Made with 💙 for researchers
Part of the Research Solutions Family.