Monday, November 14, 2005

ISO 27001 Officially Published

Information security is a complex area, demanding standards to address specific aspects. These are currently addressed by ISO 17799 and the emerging ISO 27001.

ISO 17799 is a code of practice for information security. It details hundreds of specific controls which may be applied to secure information and related assets. It comprises 115 pages organized over 15 major sections.

ISO 27001 is a specification for an Information Security Management System, sometimes abbreviated to ISMS. It is the foundation for third party audit and certification. It comprises 34 pages over 8 major sections.

Both standards are intended to apply to all organizations, whether commercial or otherwise, and should assist anyone with responsibility for managing information security

http://17799.standardsdirect.org/

0 Comments:

© Blogger Templates | Webtalks