There are currently, 21 guest(s) and 0 member(s) that are online.
You are Anonymous user. You can register for free by clicking here
Select Interface Language:
ISO 17799 Resources
There are now quite a few BS7799, ISO27001 and ISO 17799 portals on the web offering commercial tools & products. Possibly the most complete is ISO 17799 and ISO 27001 Central.
Call for Papers
We are shortly to launch a content section for papers and articles on ISO 17799 implementation, BS7799, AS4444, ISO 27001, UNE71502, and information security generally. If you have produced a paper and would like us to publish it, please contact us via the feedback form above.
ISO 27001, ISO 27002 & ISO17799 User Group: Forums
17799.Com :: View topic - 10.8.5 Business Information systems
Policies and procedures should be developed and implemented to protect information associated with
the interconnection of business information systems.
Consideration given to the security and business implications of interconnecting such facilities should
a) known vulnerabilities in the administrative and accounting systems where information is
shared between different parts of the organization;
b) vulnerabilities of information in business communication systems, e.g. recording phone
calls or conference calls, confidentiality of calls, storage of facsimiles, opening mail,
distribution of mail;
c) policy and appropriate controls to manage information sharing;
d) excluding categories of sensitive business information and classified documents if the
system does not provide an appropriate level of protection
e) restricting access to diary information relating to selected individuals, e.g. personnel
working on sensitive projects;
f) categories of personnel, contractors or business partners allowed to use the system and the
locations from which it may be accessed
g) restricting selected facilities to specific categories of user;
h) identifying the status of users, e.g. employees of the organization or contractors in
directories for the benefit of other users;
i) retention and back-up of information held on the system
j) fallback requirements and arrangements
Office information systems are opportunities for faster dissemination and sharing of business
information using a combination of: documents, computers, mobile computing, mobile
communications, mail, voice mail, voice communications in general, multimedia, postal
services/facilities and facsimile machines.
You cannot post new topics in this forum You cannot reply to topics in this forum You cannot edit your posts in this forum You cannot delete your posts in this forum You cannot vote in polls in this forum