Improving the quality of services today is played by the adoption of ICT in various scopes, so that the aspect that emerges is the issue of information security in the administration of governance. This study aims to develop information security management guidelines with the integration of 3 frameworks which include COBIT 5, ITIL V3 and ISO/IEC 27001:2013. The object of research is the Jombang District Communication and Information Service. There are 3 stages of research, namely the preparation of guidelines, verification, validation and improvement. The results of the first stage were obtained from each framework starting from COBIT 5 using APO13 with 10 activities, ITIL V3 service design sub domain Information Security Management with 7 activities, and ISO/IEC 27001:2013 clause A.11 15 activities. COBIT sub domain 5 APO13.01 mapped with 9 clauses ISO/IEC 27001:2013 and 3 activities ITIL, APO13.02 mapped with 4 clauses ISO/IEC 27001:2013 and 1 activity ITIL, APO13.03 mapped with 2 clauses ISO/IEC 27001:2013 and 3 ITIL activities. The results of the verification showed that 66.7% of the interviewees rated the guidelines in language and terms as being quite clear, easy to understand and implement. Meanwhile, 100% of the interviewees considered that the division of roles was appropriate and able to answer agency needs. The results of the guideline expert judgment validation were declared valid.

Afrianto, I., Suryana, T., & Sufa’atin. (2014). Pengukuran Keamanan Informasi pada Aplikasi dan Sistem Informasi Pendukung Akademik Menggunakan SNI ISO/IEC 27001:2009 (p. 7). Unikom.

Akraman, R., & Priyadi, Y. (2018). Pengukuran Kesadaran Keamanan Informasi dan Privasi Pada Pengguna Smartphone Android di Indonesia. 02, 115–122.

Andry, J. F., Lee, F. S., Darma, W., Rosadi, P., & Ekklesia, R. (2022).

Audit Sistem Informasi Menggunakan Cobit 5 Pada Perusahaan Penyedia Layanan Internet. Jurnal Ilmiah Rekayasa Dan Manajemen Sistem Informasi, 8(1), 17. https://doi.org/10.24014/rmsi.v8i1.14761

Bakri, M., & Irmayana, N. (2017). Analisis Dan Penerapan Sistem Manajemen Keamanan Informasi Simhp Bpkp Menggunakan Standar Iso 27001. Jurnal Tekno Kompak, 11(2), 41. https://doi.org/10.33365/jtk.v11i2.162

Ernawati, L., & Santoso, H. B. (2016). Tata Kelola Teknologi Informasi Di Lingkungan Perguruan Tinggi: Hambatan, Tantangan, Dan Peluang. Seminar Nasional APTIKOM (SEMNASTIKOM), 2(1), 806–811.

Fdis, I. E. C. (2013). INTERNATIONAL STANDARD ISO / IEC 27001:2013 Information technology — Security techniques — Information security management systems — Requirements. 2013.

Handoko, Y. (2017). Pemanfaatan ITIL v3 untuk Mengatasi Masalah Layanan TI pada Sistem Terintegrasi di Perguruan Tinggi Using ITIL v3 to Solve IT Service Problem in Integration System at Universities. Prosiding SAINTIKS FTIK UNIKOM, 2.

Lenawati, M., Winarno, W. W., & Amborowati, A. (2017). Tata Kelola Keamanan Informasi pada PDAM Menggunakan ISO/IEC 27001:2013 dan COBIT 5. Sentra Penelitian Engineering Dan Edukasi, 9(1), 44–49. http://speed.web.id/jurnal/index.php/speed/article/view/220

Milkovich, A. (2012). A Business Framework for the Governance and Management of Enterprise IT.

Moonda, P. A., & Norita, B. (2020). Audit Tata Kelola Teknologi Informasi Menggunakan Framework Cobit 5 (Studi Kasus : PT. Jamkrida Provinsi Jawa Tengah). Jurnal Masyarakat Informatika, 11(1), 1–21. https://doi.org/10.14710/jmasif.11.1.31449

Noviarti, & Yosi Stefhani. (2022). Analisis Tata Kelola Perusahaan, Dan Nilai Perusahaan. Jurnal Manajemen, 6(2), 73–82. https://doi.org/10.54964/manajemen.v6i2.205

Nurul, S., Anggrainy, S., & Aprelyani, S. (2022). Faktor-Faktor Yang Mempengaruhi Keamanan Sistem Informasi : Keamanan Informasi , Teknologi Informasi Dan Network ( Literature Review Sim ). Jurnal Ekonomi Manajemen Sistem Informasi (Jemsi), Vol. 3(No. 5), 564–573.

Pratama, E. R., & Perdana kusuma, A. R. (2018). Evaluasi Tata Kelola Sistem Keamanan Teknologi Informasi Menggunakan Indeks KAMI dan ISO 27001. 2(11), 5911–5920.

Pratiwi, W. A. (2019). Perencanaan Sistem Manajemen Keamanan Informasi Berdasarkan Standar ISO 27001:2013 pada Kominfo Provinsi Jawa Timur. 1–168. https://repository.dinamika.ac.id/id/eprint/3310/1/14410100156-2019-STIKOMSURABAYA.pdf

Pribadi, M. R. (2013). Penerapan Tata Kelola Teknologi Informasi Dengan Menggunakan Cobit Framework 4.1 (Studi Kasus Pada Pt. Vaksincom). Jurnal Eksplora Informatika, 1(November), 115–124. http://digilib.esaunggul.ac.id/UEU-Undergraduate-200883091/408

Sulaiman Naibaho, R. (2017). PERANAN DAN PERENCANAAN TEKNOLOGI INFORMASI DALAM PERUSAHAAN. April. https://media.neliti.com/media/publications/290731-peranan-dan-perencanaan-teknologi-inform-ad00d595.pdf

Tambotoh, J. J., Augie David Manuputty, M., & Kristen Satya Wacana Salatiga, U. (2015). Pengukuran Tingkat Kapabilitas Tata kelola TI Menggunakan Kerangka kerja COBIT 5 (Studi Kasus: PT. PDA. Net Kota Cirebon) Artikel Ilmiah Peneliti: Rininta Ayunigdiah (682011607). 5.

Taylor, S., Lloyd, V., & Rudd, C. (n.d.). ITIL Version 3 Service Design. OGC.

Wibowo, A. M. (n.d.). Service Design IT Infrastructure Library Versi 3.

Widya, D. R. (2016). PENGARUH FAKTOR PENDIDIKAN, PELATIHAN DAN PENGUASAAN KOMPUTER STAF BAGIAN KEUANGAN TERHADAP KUALITAS PENYAJIAN INFORMASI AKUNTANSI. In http://repository.unpas.ac.id/.