STUDIA INFORMATIKA: JURNAL SISTEM INFORMASI

National Agency for the Placement and Protection of Indonesian  Overseas Workers (BNP2TKI) managing labor data are vital such as  data placement and data arrival so required security information. At  the Center for Research and Development Information (Puslitfo) are the head of information systems in charge of sub-areas of system  development and maintenance of the system. Of the two sub-areas  that many threats that occur as the incident that led to the demise of  electricity damaged server so that services should be in real time was inhibited. The study began with a check (analysis of current conditions),  Act (Self-assessment based index WE) is an evaluation of the role and the importance of ICT as well as V (five) the completeness of the information security area, namely governance, risk management, framework, asset management, and technology and information security, Plan (Creating Risk Management Plan) which has an output Inventory asset, threat list, list of potential weakness, value possible threats, the impact value, and the value of risk and level of risk. And the last one is Do (Implement controls planned). From the results, the role and the  importance of ICT with a score of 31, which has a higher category. For completeness of information security level still needs to be  improved, and the maturity level of information security is at the first  level categories (initial conditions). Of V (five) area evaluation, information security risk management has not reached the minimum, so that made the Risk Management Plan and the policies and controls  in the Risk Management Plan.

Keywords: Risk Management Plan, Assets, Threats, Weaknesses, Value Possible Threat, Impact Analysis, Risk Value.