Revisions to ISO/IEC 17799
An improved version of the joint ISO/IEC standard that has become the burgeoning e-commerce community's international benchmark for information security management has just been published. The revised ISO/IEC 17799 ‘Information technology, security techniques, code of practice for information security management’ integrates the latest developments in the field to maintain it as the international standard code of practice.
Ted Humphreys, convenor of the ISO/IEC working group that developed ISO/IEC 17799:2005, said: ‘The revised version of this standard provides organizations with many state-of-the-art additions and improvements in information security best practice.’ It addresses the security of information in its widest sense, providing best business practice, guidelines and general principles for implementing, maintaining and managing information security in any organization, producing and using information in any form.
While this is a code of practice for information security management, not a certification standard, a specification standard, ISO/IEC 27001 ‘Information security management system requirements’, is expected to be published in November 2005 which will be able to be used for certification.
For more information about ISO/IEC 17799:2005 click here
 |
|
 |
|
 |
|
 |
 |
 |
|
 |