The Department of Tourism, Culture and Sports of the Sumenep Regency is a regional apparatus as the organizer of the implementation of regional government, led by the Head of the Service who is under and responsible to the Regent in carrying out some government affairs in Sumenep Regency. However, one government in Sumenep district, namely the Youth and Sports Tourism Office, has not implemented procedures on information asset security so that there are often problems with deletion of goods, loss of data and damage to computers which result in less than optimal public services. Therefore, it is necessary to make improvements from internal parties in building a quality service process management according to the standards set. In this study, the final result obtained is the preparation of a standard procedure in the form of a SOP (Standard Operating Procedure) document on information asset security management for the Tourism Office, Culture, Youth and Sports using the COBIT 5 and ISO 27001:2013 framework.