Risk Management of Credit Card Payment Gateway using Octave Allegro Methodology At Electronic Payment Provider Institution
Nilo Legowo1, Kemas Airlangga Saputra2
1Nilo Legowo *, Information Systems Management Department, Binus Graduate Program-Master of Information Systems Management, Bina Nusantara University,Jakarta Indonesia.
2Kemas Airlangga Saputra, Information Systems Management Department, Binus Graduate Program-Master of Information Systems Management, Bina Nusantara University, Jakarta Indonesia.
Manuscript received on November 17., 2019. | Revised Manuscript received on November 24 2019. | Manuscript published on 30 November, 2019. | PP: 11831-11838 | Volume-8 Issue-4, November 2019. | Retrieval Number: D9514118419/2019©BEIESP | DOI: 10.35940/ijrte.D9514.118419
Open Access | Ethics and Policies | Cite | Mendeley | Indexing and Abstracting
© The Authors. Blue Eyes Intelligence Engineering and Sciences Publication (BEIESP). This is an open access article under the CC-BY-NC-ND license (http://creativecommons.org/licenses/by-nc-nd/4.0/)
Abstract: The use of internet technology is growing very fast which is driving the development of businesses in Indonesia, one of which is in the eCommerce sector. To support payment transactions conducted by e-commerce, in conducting this business, it is necessary to collaborate with business partner engaged in the payment gateways sector. Company partner engaged in the payment gateways sector to provide solutions to electronic financial transactions where one product is a credit card payment gateways. The purpose of this research is to make a risk assessment and risk management for audit certification credit card payment gateway Company. Risk assessment can help to know what are the risks that may occur, how big the impact of these risks, as well as recommendations related control measures must be carried out if the impact of these risks occur. This research using OCTAVE Allegro methodology to identify and evaluate information security risks credit card payment gateway. This research is qualitative research consisting of observation, conducting group discussion with the respondents. The respondend of this research are VP Development and Service Provisioning, VP Operation and Infrastructure, Manager Front End 1, Manager Back End 2, and Senior Programmer. Results of this research are 9 critical information assets in credit card payment gateway in COMPANY, such as : Card Holder Data & Customer Credential, Data Center, Physical Devices, Logical Storage, Logical Network, Supporting Software, Core Application, Encryption Key, and Human Resources. There are 21 risks that may occur during in credit card payment gateway. From 21 risks that were identified, obtained 15 risks are defer, 3 risks to be acceptable, and 3 risks should be mitigate.
Keywords: Risk Management, OCTAVE Allegro, Credit Card Payment Gateway.
Scope of the Article: Simulation Optimization and Risk Management.