Information security, cybersecurity and privacy protection - Governance of information security |
|
Recommendation ITU-T X.1054 | International Standard ISO/IEC 27014 provides guidance on the governance of information security. Information security is a key issue for organizations, amplified by rapid advances in attack methodologies and technologies, and corresponding increased regulatory pressures. The failure of an organization's information security controls can have many adverse impacts on an organization and its interested parties including but not limited to the undermining of trust. Governance of information security is the use of resources to ensure effective implementation of information security, and provides assurance that: • directives concerning information security will be followed; and • the governing body will receive reliable and relevant reporting about information security related activities. This assists the governing body to make decisions concerning the strategic objectives for the organization by providing information about information security that may affect these objectives. It also ensures that information security strategy aligns with the overall objectives of the entity. Managers and others working in organizations need to understand: • the governance requirements that affect their work; and • how to meet governance requirements that require them to take action.
|
|
Citation: |
https://handle.itu.int/11.1002/1000/14248 |
Series title: |
X series: Data networks, open system communications and security X.1000-X.1099: Information and network security X.1050-X.1079: Security management |
Approval date: |
2021-04-30 |
Identical standard: | ISO/IEC 27014:2022 (Common) |
Provisional name: | X.isgf |
Approval process: | TAP |
Status: |
In force |
Maintenance responsibility: |
ITU-T Study Group 17 |
Further details: |
Patent statement(s)
Development history
|
|
|
|
ITU-T Supplement
|
Title
|
Status
|
Summary
|
Table of contents
|
Download
|
X Suppl. 27 (09/2016)
|
ITU-T X.1054 - Supplement on best practice for governance of information security - Case of Burkina Faso
|
In force
|
here
|
here
|
here
|
Title |
Approved on |
Download |
Guidelines for identity-based cryptosystems used for cross-domain secure communications
|
2023
|
here
|
Overview of hybrid approaches for key exchange with quantum key distribution
|
2022
|
here
|
Guidelines for security management of using artificial intelligence technology
|
2022
|
here
|
Successful use of security standards (2nd edition)
|
2020
|
here
|
Description of the incubation mechanism and ways to improve it
|
2020
|
here
|
Strategic approaches to the transformation of security studies
|
2020
|
here
|
|