UNLIMITED FREE
ACCESS TO THE WORLD'S BEST IDEAS

SUBMIT
Already a GlobalSpec user? Log in.

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

Customize Your GlobalSpec Experience

Select Your Free Newsletters

Industry Newsletters

Select Your Free Product Alerts

Finish!
Privacy Policy

This is embarrasing...

An error occurred while processing the form. Please try again in a few minutes.

NEN-ISO/IEC 27014

Information security, cybersecurity and privacy protection - Governance of information security

active, Most Current
Organization: NEN
Publication Date: 1 June 2022
Status: active
Page Count: 26
ICS Code (IT Security): 35.030
scope:

This Recommendation | International Standard provides guidance on concepts, objectives and processes for the governance of information security, by which organizations can evaluate, direct, monitor and communicate the information security-related processes within the organization.

The intended audience for this document is:

• governing body and top management;

• those who are responsible for evaluating, directing and monitoring an information security management system (ISMS) based on ISO/IEC 27001;

• those responsible for information security management that takes place outside the scope of an ISMS based on ISO/IEC 27001, but within the scope of governance.

This Recommendation | International Standard is applicable to all types and sizes of organizations.

All references to an ISMS in this document apply to an ISMS based on ISO/IEC 27001.

This Recommendation | International Standard focuses on the three types of ISMS organizations given in Annex B. However, it can also be used by other types of organizations.

Document History

NEN-ISO/IEC 27014
June 1, 2022
Information security, cybersecurity and privacy protection - Governance of information security
This Recommendation | International Standard provides guidance on concepts, objectives and processes for the governance of information security, by which organizations can evaluate, direct, monitor...
NEN-ISO/IEC 27014
December 1, 2020
Information security, cybersecurity and privacy protection - Governance of information security
This document provides guidance on concepts, objectives and processes for the governance of information security, by which organizations can evaluate, direct, monitor and communicate the information...
NEN-ISO/IEC 27014
May 1, 2013
Information technology - Security techniques - Governance of information security
This Recommendation

References

This document references:
ISO 37001 - Anti-bribery management systems - Requirements with guidance for use
Published by ISO on October 15, 2016
This document specifies requirements and provides guidance for establishing, implementing, maintaining, reviewing and improving an anti-bribery management system. The system can be standalone or can...
This document references:
ISO 9001 - Quality management systems — Requirements
Published by ISO on September 15, 2015
This International Standard specifies requirements for a quality management system when an organization: a) needs to demonstrate its ability to consistently provide products and services that meet...
This document references:
ISO GUIDE 73 - Risk management — Vocabulary
Published by ISO on January 1, 2009
This Guide provides the definitions of generic terms related to risk management. It aims to encourage a mutual and consistent understanding of, and a coherent approach to, the description of...
This document references:
ISO/IEC 38500 - Information technology - Governance of IT for the organization
Published by ISO on February 15, 2015
This International Standard provides guiding principles for members of governing bodies of organizations (which can comprise owners, directors, partners, executive managers, or similar) on the...
This document references:
ITU-T X.1051 - Information technology – Security techniques - Code of practice for information security controls based on ISO/IEC 27002 for telecommunications organizations
Published by ITU-T on April 1, 2016
The scope of this Recommendation | International Standard is to define guidelines supporting the implementation of information security controls in telecommunications organizations. The adoption of...
This document references:
ISO/IEC 27000 - Information technology - Security techniques - Information security management systems - Overview and vocabulary
Published by ISO on February 1, 2018
This document provides the overview of information security management systems (ISMS). It also provides terms and definitions commonly used in the ISMS family of standards. This document is...
This document references:
ISO/IEC 27001 - Information technology - Security techniques - Information security management systems - Requirements
Published by ISO on October 1, 2013
This International Standard specifies the requirements for establishing, implementing, maintain and continually improving an information security management system within the context of the...
This document references:
ISO/IEC 27002 - Information technology - Security techniques - Code of practice for information security controls TECHNICAL CORRIGENDUM 2
Published by ISO on November 15, 2015
A description is not available for this item.
This document references:
ISO/IEC 27011 - Information technology - Security techniques - Code of practice for Information security controls based on ISO/IEC 27002 for telecommunications organizations TECHNICAL CORRIGENDUM 1
Published by ISO on September 1, 2018
A description is not available for this item.
View Less
View All
Advertisement