Skip to main content
Back

ISO/IEC 27014:2020

Information security, cybersecurity and privacy protection — Governance of information security (Corrected version 2022-04)

General information

Valid from 15.12.2020
Directives or regulations
None

Standard history

Status
Date
Type
Name
15.12.2020
Main
23.04.2013
Main
This document provides guidance on concepts, objectives and processes for the governance of information security, by which organizations can evaluate, direct, monitor and communicate the information security-related processes within the organization.
The intended audience for this document is:
- governing body and top management;
- those who are responsible for evaluating, directing and monitoring an information security management system (ISMS) based on ISO/IEC 27001;
- those responsible for information security management that takes place outside the scope of an ISMS based on ISO/IEC 27001, but within the scope of governance.
This document is applicable to all types and sizes of organizations.
All references to an ISMS in this document apply to an ISMS based on ISO/IEC 27001.
This document focuses on the three types of ISMS organizations given in Annex B. However, this document can also be used by other types of organizations.

Required fields are indicated with *

*
*
*
PDF
125.87 € incl tax
Paper
125.87 € incl tax
Standard monitoring

Customers who bought this item also bought

Main

EVS-EN ISO/IEC 27001:2017

Information technology - Security techniques - Information security management systems - Requirements (ISO/IEC 27001:2013 including Cor 1:2014 and Cor 2:2015)
Withdrawn from 15.08.2023
Main

EVS-EN ISO/IEC 27000:2020

Information technology - Security techniques - Information security management systems - Overview and vocabulary (ISO/IEC 27000:2018)
Newest version Valid from 19.03.2020
Main

ISO/IEC 27009:2020

Information security, cybersecurity and privacy protection -- Sector-specific application of ISO/IEC 27001 -- Requirements
Newest version Withdrawn from 03.05.2023
Main

EVS-EN ISO/IEC 27002:2017

Information technology - Security techniques - Code of practice for information security controls (ISO/IEC 27002:2013 including Cor 1:2014 and Cor 2:2015)
Withdrawn from 01.12.2022