BS ISO/IEC 27014:2013 Information technology. Security techniques. Governance of information security

BS ISO/IEC 27014:2013

Information technology. Security techniques. Governance of information security

Status : Superseded, Withdrawn   Published : May 2013 Replaced By : BS ISO/IEC 27014:2020

*To ask about withdrawn titles contact the
Customer Relations, +44 345 086 9001

What is this standard about?

It provides guidance on the governance of information security. 

Who is this standard for?

Governing bodies in all types and sizes of organization.

Why should you use this standard? 

Information security has become a key issue for organizations. Not only are there increasing regulatory requirements but the failure of an organization’s information security measures can have a direct impact on an organization’s reputation.

Therefore, the governing body, as part of its governance responsibilities, is increasingly required to oversee information security to ensure the objectives of the organization are achieved.

To that end, this standard provides guidance on concepts and principles for the governance of information security, helping organizations evaluate, direct, monitor and communicate information security related activities within the organization. It provides the mandate essential for driving information security initiatives through the organization. 

Furthermore, an effective governance of information security ensures that the governing body receives relevant reporting framed in a business context about information security-related activities.

This standard will help organizations achieve an agile approach to decision-making about information risks and allow organizations to make pertinent and timely decisions about information security issues in support of the strategic objectives of the organization.

BS ISO/IEC 27014:2013 allows users to:

  • Align information security objectives with business strategy
  • Deliver value to stakeholders and governing bodies
  • Ensure information risk is being adequately addressed
  • Provide visibility on information security status
  • Make efficient and effective investments on information security
  • Achieve compliance with external requirements (legal, regulatory or contractual)

Standard NumberBS ISO/IEC 27014:2013
TitleInformation technology. Security techniques. Governance of information security
StatusSuperseded, Withdrawn
Publication Date31 May 2013
Withdrawn Date17 December 2020
Normative References(Required to achieve compliance to this standard)ISO/IEC 27000:2009
Informative References(Provided for Information)ISO/IEC 27001:2005, ISO/IEC 27011:2008, ITGI, Information Security Governance framework:2009, ITU-T Recommendation X.1051:2008, ISO/IEC 27005:2011, ISO/IEC 27002:2005, ISO/IEC 38500:2008
Replaced ByBS ISO/IEC 27014:2020
International RelationshipsISO/IEC 27014:2013
Draft Superseded By12/30209825 DC
DescriptorsInformation exchange, Data security, Management, Technical documents, Data processing, Information systems, Classification systems, Computer technology, Computers, Anti-burglar measures, Maintenance, Documents, Records (documents), Data storage protection, Computer networks
Title in FrenchTechnologies de l'information. Techniques de sécurité. Gouvernance de la sécurité de l'information
ISBN978 0 580 69147 8
File Size1.307 MB

*To ask about withdrawn titles contact the
Customer Relations, +44 345 086 9001
 Your basket
Your basket is empty

Multi-user access to over 3,500 medical device standards, regulations, expert commentaries and other documents

Develop a PAS

Develop a fast-track standardization document in 9-12 months

Worldwide Standards
We can source any standard from anywhere in the world

Tracked Changes

Understand the changes made to a standard with our new Tracked Changes version

Customers who bought this product also bought

  • BS ISO/IEC 27005:2011
    Information technology. Security techniques. Information security risk management
  • BS ISO/IEC 27032:2012
    Information technology. Security techniques. Guidelines for cybersecurity
  • BS ISO/IEC 27033-5:2013
    Information technology. Security techniques. Network security Securing communications across networks using Virtual Private Networks (VPNs)
  • PD ISO/IEC TR 27016:2014
    Information technology. Security techniques. Information security management. Organizational economics