Abstract
Utilization of Information Technology (IT) in companies today is an important element to support the effectiveness & efficiency of business processes. This research set PT ABC as a case study place. In utilizing its IT assets, the company has a division that is responsible for managing and managing the company's IT assets, namely the IT Asset division. The IT Asset Division of the Company has never conducted a security risk analysis on its IT assets. In helping companies to determine the level of information security of their IT assets, an analysis of the information security risks of these assets will be carried out. This study uses the OCTAVE Allegro method in analyzing the company's IT assets. OCTAVE Allegro consists of eight stages and is grouped into four phases. The research resulted in 5 risks from 7 IT assets which were analyzed and made into a Risk Register document. Furthermore, the researcher recommends ISO 27002:2014 control of the IT asset risk as a mitigation measure.
Keywords: IT Assets, Risk, Risk Analysis, OCTAVE Allegro, ISO 27002:2014