Information Capital Readliness (ICR) is one of bound performance in technology and information sector at PT Pembangkit Jawa Bali Unit Pembangkit Gresik which is functioned in supporting company’s strategy. Information security is an important thing of ICR’s performance, because the information resulted must have confidentially, integrity, and availability to support the business process. In ICR, there is assessment of bound performance which supports directness of the business process.

Nowadays, ICR cannot fulfill the requirements of bound performance yet because there is no good processing yet in planning information security. A solution to figure out that issue is making a good management in planning information security management system or SMKI based on standard ISO/IEC 27001:2005 which will result management in planning information security of ICR. Scope of the information security management system  in the ICR include infrastructure and application.

The result of this planning information security management system can be concluded into document of planning information security management system which contains risk assessment report with server’s high value of risk level is 35.52 and asset fyber optic cable’s low value of risk level is 11.2, policy, procedure, work instruction and other related documents. Those documents are used in handling planning process of ICR’s information security, so the requirements of bound performance can be fulfilled.