Main Article Content
Polytechnic TEDC Bandung is a private polytechnic located in Pesantren Street KM 02 Cimahi. It is a Polytechnic with 12 study programs and has more than 1300 students. Information systems are a necessity for educational institutions such as Polytechnic TEDC Bandung because in this globalization era, service and business processes that are qualified to become a necessity in the midst of business competition with another universities. Academic Information System (Siakad) in Polytechnic TEDC Bandung has been used since 2012 and has helped and accommodated academic’s data, it is mean the level of risk also increases along with the development of this academic information system. virus attacks and server failures have been dominated for almost past 3 years. Because of that, analysis of security system for information systems is very necessary to do to be able to maintain the system and data contained in it to know the mitigation steps that must be done when the threat or risk attacking the system. This security analysis and risk management uses the NIST SP 800-30 method with three main approaches: Risk Assessment, Risk Mitigation and Evaluation Assessment.