TY - THES N1 - Dr. Ir. Bambang Sugiantoro, S.Si., M.T., ID - digilib47013 UR - https://digilib.uin-suka.ac.id/id/eprint/47013/ A1 - Muhammad Ghifari Abdillah, NIM. 17106050013 Y1 - 2021/08/18/ N2 - The rapid development of technology makes threats to information systems increasing. Management and service performance can be disrupted if there are problems related to information security. The Blora Regency Library as a public service, using information technology as a convenience in its services, of course stores important data and information related to data on books and member data. Avoiding misuse and theft of data and information, this study aims to analyze system security based on ISO/IEC 27001:2013 which is a standard for managing information security management systems and penetration testing as a testing tool on systems for security vulnerabilities. Analysis based on questionnaire data from audit implementation based on ISO/IEC 27001:2013 on information security management in Blora Regency Library and analysis based on system testing results using penetration testing. The audit results show that the maturity level of Blora Regency Library management is on a scale of 2.98 and is at maturity level 2 (Managed) which means that existing projects have been planned, carried out, measured, and controlled. And for planning and performance measurement is done in an almost standard way. While the results of penetration testing on the information system of the Blora Regency Library, found 14 open ports scanned using Nmap, OWASP ZAP found 13 vulnerabilities. Uniscan found 6 Blind SQL Injection and 3 Cross-site Scripting. SQL injection exploitation and Cross-Site Scripting attacks did not penetrate the system. Ettercap failed to read the data packets from the login attempt but Wireshark can easily read the data. PB - UIN SUNAN KALIJAGA YOGYAKARTA KW - Security Audit KW - ISO 27001: 2013 KW - Maturity Level KW - Penetration Testing. M1 - skripsi TI - ANALISIS KEAMANAN SISTEM INFORMASI PERPUSTAKAAN KABUPATEN BLORA BERDASARKAN STANDAR ISO 27001:2013 AV - restricted EP - 228 ER -