ABSTRACTThis study aims to conduct risk assessment on information vulnerabilities, to get the level of information vulnerabilities, and to generate strategic recommendations to overcome information vulnerabilities in the X Library using OCTAVE Allegro as a method. The result showed that from 4 categories, information vulnerabilities at X Library is at category 3 or vulnerable enough with 22 areas of concern or equal to 42.31%. The risk assessment carried out in X Library turns the result that there are 10 assets information held by the Head of Central Library, Adminisration Services Unit, Cataloging and Classifying Unit, Circulation Services Unit, Reference Services Unit. The second result is contained threats to information assets by 52 areas of concern that conducted by internal X Library are 14 actors, by internal X are 13 actors, and by external are 2 actors. The third result is there are 62 consequences of 52 information assets with at the most consequences found in electronic document collections X-ana which from 6 areas of concern produce 10 consequences. The strategic recommendations to overcome the information vulnerabilities in X Library is adjusted according to the risk mitigation that carried out in each area of concern which is called the control or risk control. From the results of this risk assessment that can be done is to reduce or eliminate risk (mitigate) as many as 21 areas of concern, to transfer or mitigate risk as many as 16 areas of concern, to defer the risk a total of 12 areas of concern, and to receive risk (accept) or defer as much as 3 areas of concern.
