{"id":361961,"date":"2024-10-20T01:38:28","date_gmt":"2024-10-20T01:38:28","guid":{"rendered":"https:\/\/pdfstandards.shop\/product\/uncategorized\/bs-iso-iec-270142020\/"},"modified":"2024-10-26T02:33:39","modified_gmt":"2024-10-26T02:33:39","slug":"bs-iso-iec-270142020","status":"publish","type":"product","link":"https:\/\/pdfstandards.shop\/product\/publishers\/bsi\/bs-iso-iec-270142020\/","title":{"rendered":"BS ISO\/IEC 27014:2020"},"content":{"rendered":"<p>This document provides guidance on concepts, objectives and processes for the governance of information security, by which organizations can evaluate, direct, monitor and communicate the information security-related processes within the organization.<\/p>\n<p>The intended audience for this document is:<\/p>\n<ul>\n<li>\n<p>governing body and top management;<\/p>\n<\/li>\n<li>\n<p>those who are responsible for evaluating, directing and monitoring an information security management system (ISMS) based on <span class=\"std\"> <span class=\"std-ref\">ISO\/IEC&nbsp;27001<\/span><\/span> ;<\/p>\n<\/li>\n<li>\n<p>those responsible for information security management that takes place outside the scope of an ISMS based on <span class=\"std\"> <span class=\"std-ref\">ISO\/IEC&nbsp;27001<\/span><\/span> , but within the scope of governance.<\/p>\n<\/li>\n<\/ul>\n<p>This document is applicable to all types and sizes of organizations.<\/p>\n<p>All references to an ISMS in this document apply to an ISMS based on <span class=\"std\"> <span class=\"std-ref\">ISO\/IEC&nbsp;27001<\/span><\/span>.<\/p>\n<p>This document focuses on the three types of ISMS organizations given in <span class=\"xref\">Annex&nbsp;B<\/span>. However, this document can also be used by other types of organizations.<\/p>\n<h4>PDF Catalog<\/h4>\n<table border=\"1px\" class=\"des-table\">\n<tr>\n<th>PDF Pages<\/th>\n<th>PDF Title<\/th>\n<\/tr>\n<tr>\n<td><b>2<b><\/td>\n<td>National foreword  <\/td>\n<\/tr>\n<tr>\n<td><b>6<b><\/td>\n<td>Foreword  <\/td>\n<\/tr>\n<tr>\n<td><b>7<b><\/td>\n<td>Introduction  <\/td>\n<\/tr>\n<tr>\n<td><b>9<b><\/td>\n<td>1 Scope <br \/> 2 Normative references <br \/> 3 Terms and definitions  <\/td>\n<\/tr>\n<tr>\n<td><b>10<b><\/td>\n<td>4 Abbreviated terms <br \/> 5 Use and structure of this document <br \/> 6 Governance and management standards <br \/> 6.1 Overview  <\/td>\n<\/tr>\n<tr>\n<td><b>11<b><\/td>\n<td>6.2 Governance activities within the scope of an ISMS  <\/td>\n<\/tr>\n<tr>\n<td><b>12<b><\/td>\n<td>6.3 Other related standards <br \/> 6.4 Thread of governance within the organization <br \/> 7 Entity governance and information security governance <br \/> 7.1 Overview  <\/td>\n<\/tr>\n<tr>\n<td><b>13<b><\/td>\n<td>7.2 Objectives <br \/> 7.2.1 Objective 1: Establish integrated comprehensive entity-wide information security <br \/> 7.2.2 Objective 2: Make decisions using a risk-based approach <br \/> 7.2.3 Objective 3: Set the direction of acquisition <br \/> 7.2.4 Objective 4: Ensure conformance with internal and external requirements  <\/td>\n<\/tr>\n<tr>\n<td><b>14<b><\/td>\n<td>7.2.5 Objective 5: Foster a security-positive culture <br \/> 7.2.6 Objective 6: Ensure the security performance meets current and future requirements of the entity <br \/> 7.3 Processes <br \/> 7.3.1 General  <\/td>\n<\/tr>\n<tr>\n<td><b>15<b><\/td>\n<td>7.3.2 Evaluate  <\/td>\n<\/tr>\n<tr>\n<td><b>16<b><\/td>\n<td>7.3.3 Direct <br \/> 7.3.4 Monitor  <\/td>\n<\/tr>\n<tr>\n<td><b>17<b><\/td>\n<td>7.3.5 Communicate <br \/> 8 The governing body\u2019s requirements on the ISMS <br \/> 8.1 Organization and ISMS  <\/td>\n<\/tr>\n<tr>\n<td><b>18<b><\/td>\n<td>8.2 Scenarios (see Annex B)  <\/td>\n<\/tr>\n<tr>\n<td><b>20<b><\/td>\n<td>Annex A (informative) Governance relationship  <\/td>\n<\/tr>\n<tr>\n<td><b>21<b><\/td>\n<td>Annex B (informative) Types of ISMS organization  <\/td>\n<\/tr>\n<tr>\n<td><b>23<b><\/td>\n<td>Annex C (informative) Examples of communication  <\/td>\n<\/tr>\n<tr>\n<td><b>24<b><\/td>\n<td>Bibliography  <\/td>\n<\/tr>\n<\/table>\n","protected":false},"excerpt":{"rendered":"<p><b>Information security, cybersecurity and privacy protection. Governance of information security<\/b><\/p>\n<table class=\"shortdes-table\" style=\"width: 100%\" border=\"0\" cellspacing=\"0\" cellpadding=\"0\">\n<tbody>\n<tr>\n<td>Published By<\/td>\n<td>Publication Date<\/td>\n<td>Number of Pages<\/td>\n<\/tr>\n<tr>\n<td><a href=\"https:\/\/pdfstandards.shop\/product-category\/publishers\/bsi\/\"><b>BSI<\/b><\/a><\/td>\n<td>2020<\/td>\n<td>24<\/td>\n<\/tr>\n<\/tbody>\n<\/table>\n","protected":false},"featured_media":361970,"template":"","meta":{"rank_math_lock_modified_date":false,"ep_exclude_from_search":false},"product_cat":[91,2641],"product_tag":[],"class_list":{"0":"post-361961","1":"product","2":"type-product","3":"status-publish","4":"has-post-thumbnail","6":"product_cat-03-100-70","7":"product_cat-bsi","9":"first","10":"instock","11":"sold-individually","12":"shipping-taxable","13":"purchasable","14":"product-type-simple"},"_links":{"self":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product\/361961","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product"}],"about":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/types\/product"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media\/361970"}],"wp:attachment":[{"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/media?parent=361961"}],"wp:term":[{"taxonomy":"product_cat","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_cat?post=361961"},{"taxonomy":"product_tag","embeddable":true,"href":"https:\/\/pdfstandards.shop\/wp-json\/wp\/v2\/product_tag?post=361961"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}