The goal of the study was to audit the information security system at the Library of Yogyakarta City based on ISO 27001 standards. The researchers assessed various procedures such as security policies, asset management, access control, and incident management to ensure the security of the information system. The findings showed that the security level of the library's information system was at a maturity scale of 2.6, indicating that security measures were documented, communicated, and followed according to operational standards. The audit aimed to provide solutions for enhancing the security of the information system at the Yogyakarta City Library.