BS ISO/IEC 27014:2020:2022 Edition

$142.49

Information security, cybersecurity and privacy protection. Governance of information security

Published By	Publication Date	Number of Pages
BSI	2022	24

Guaranteed Safe Checkout

Categories: 03.100.70 - Management systems, BSI

If you have any questions, feel free to reach out to our online customer service team by clicking on the bottom right corner. We’re here to assist you 24/7.
Email:[email protected]

Description

This document provides guidance on concepts, objectives and processes for the governance of information security, by which organizations can evaluate, direct, monitor and communicate the information security-related processes within the organization.

The intended audience for this document is:

governing body and top management;
those who are responsible for evaluating, directing and monitoring an information security management system (ISMS) based on ISO/IEC 27001 ;
those responsible for information security management that takes place outside the scope of an ISMS based on ISO/IEC 27001 , but within the scope of governance.

This document is applicable to all types and sizes of organizations.

All references to an ISMS in this document apply to an ISMS based on ISO/IEC 27001.

This document focuses on the three types of ISMS organizations given in Annex B. However, this document can also be used by other types of organizations.

PDF Catalog

PDF Pages	PDF Title
2	undefined
3	INTERNATIONAL STANDARD ISO/IEC 27014 RECOMMENDATION ITU-T X.1054 (04/2021) Information security, cybersecurity and privacy protection – Governance of information security
5	ISO FOREWORD
7	Summary History
8	FOREWORD
9	CONTENTS
10	Introduction
11	1 Scope 2 Normative references 3 Definitions
12	4 Abbreviations 5 Use and structure of this Recommendation \| International Standard 6 Governance and management standards 6.1 Overview 6.2 Governance activities within the scope of an ISMS
13	6.3 Other related standards 6.4 Thread of governance within the organization
14	7 Entity governance and information security governance 7.1 Overview 7.2 Objectives 7.2.1 Objective 1: Establish integrated comprehensive entity-wide information security 7.2.2 Objective 2: Make decisions using a risk-based approach 7.2.3 Objective 3: Set the direction of acquisition 7.2.4 Objective 4: Ensure conformance with internal and external requirements
15	7.2.5 Objective 5: Foster a security-positive culture 7.2.6 Objective 6: Ensure the security performance meets current and future requirements of the entity 7.3 Processes 7.3.1 General
16	7.3.2 Evaluate 7.3.3 Direct 7.3.4 Monitor
17	7.3.5 Communicate 8 The governing body’s requirements on the ISMS 8.1 Organization and ISMS
18	8.2 Scenarios (see Annex B) 8.2.1 Type A: The ISMS organization is the whole entity 8.2.2 Type B: The ISMS organization forms a part of a larger entity 8.2.3 Type C: The ISMS organization includes parts of several entities
20	Annex A Governance relationship
21	Annex B Types of ISMS organization
22	Annex C Examples of communication
23	Bibliography

Additional information

Status	Definitive
Title	Information security, cybersecurity and privacy protection. Governance of information security
Corrects	BS ISO/IEC 27014:2020
Replaces	BS ISO/IEC 27014:2013
Publisher	BSI
Committee	IST/33/1
Pages	24
Publication Date	2022-08-09
ISBN	978 0 539 23130 4
Standard Number	BS ISO/IEC 27014:2020
Identical National Standard Of	ISO/IEC 27014:2020
Descriptors	Computer technology, Computer networks, Data processing, Management, Data security, Documents, Data storage protection, Classification systems, Computers, Anti-burglar measures, Information systems, Maintenance, Information exchange, Technical documents, Records (documents)
ICS Codes	03.100.70 - Management systems

Preview PDF


PDF Format	Searchable	Printable	Preview Now

BS ISO/IEC 27014:2020:2022 Edition

PDF Catalog

Related products