Search
Topics
  Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
Modules
· Home
· Downloads
· FAQ
· Feedback
· Forums
· Papers
· Statistics
· Surveys
· Top 10
· Topics
· Web Links
· Your Account

Who's Online
There are currently, 26 guest(s) and 3 member(s) that are online.

You are Anonymous user. You can register for free by clicking here

ISO17799 Search



Languages
Select Interface Language:


ISO 17799 Resources
There are now quite a few BS7799, ISO27001 and ISO 17799 portals on the web offering commercial tools & products. Possibly the most complete is ISO 17799 and ISO 27001 Central.

Call for Papers
We are shortly to launch a content section for papers and articles on ISO 17799 implementation, BS7799, AS4444, ISO 27001, UNE71502, and information security generally. If you have produced a paper and would like us to publish it, please contact us via the feedback form above.

Latest ISO 27001 and ISO 27002 FAQ
Posted on Tuesday, September 02 @ 05:22:26 EDT by sarahol

ISO 27001 and ISO 27002 Community Portal
The latest edition of this FAQ has been published, and contains the following additional frequently asked questions:

1) Why has ISO 17799 been renamed to ISO 27002?
The rename was initiated by ISO, who wanted to align the information security standards under a common naming structure (the 'ISO 27000 series').

2) Which ISO27002 controls are most important?
That largely depends upon the individual organization. However, ISO27002 does give some guidance, in the form of 'legislative essentials' and 'common best practice' under the IS "starting point" section. These are:
- intellectual property rights (12.1.2)
- safeguarding of organizational records (12.1.3)
- data protection and privacy of personal information (12.1.4)
- information security policy document (3.1.1)
- allocation of information security responsibilities (4.1.3)
- information security education and training (6.2.1)
- reporting security incidents (6.3.1)
- business continuity management (11.1)

3) What is a Certification body?
An accredited certification body is a third party organization that assesses/certifies the IS management system against the standard (BS7799-2 / ISO 27001).

4) Who are the Accredited Certification bodies for the standard?
There are a growing number of organizations accredited to grant certification against ISO27001. The following are amongst them: BSI, Certification Europe, DNV, JACO IS, KEMA, KPMG, SFS-Sertifiointi Oy, SGS, STQC, SAI Global Limited, UIMCert GmbH

5) How do I become a certified auditor?
The International Register for Certified Auditors operates a certification scheme for ISMS auditors.

6) How does this standard fit with ISO 9000?
ISO27001 is actually being "harmonized" with other management standards, including ISO 9000 and ISO 14000. Watch this space!

7) Who originally wrote the security standard?
Originally a BSI/DISC committee, which included representatives from a wide section of industry/commerce. It was reviewed subsequently by an ISO (International Standards Organization)committee and ultimately emerged through the ISO publication process.

8) What is the ISO 27000 Toolkit?
This is the main support resource for the standard, including the standard itself, ISO 27002 policy, etc. See top right panel for a more complete description.

9) What is ISO/IEC Guide 62?
This is largely for those bodies operating certification schemes and contains general requirements applicable to them.

10) What is ISO 27001?
BS7799-2, the original specification for an information security management system, was 'fast tracked' by ISO to become ISO 27001 in 2005.



 
Login
Nickname

Password

Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

Related Links
· More about ISO 27001 and ISO 27002 Community Portal
· News by sarahol
Most read story about ISO 27001 and ISO 27002 Community Portal:
Latest ISO 27001 and ISO 27002 FAQ


Article Rating
Average Score: 3.37
Votes: 59


Please take a second and vote for this article:

Excellent
Very Good
Good
Regular
Bad



Options

 Printer Friendly Page  Printer Friendly Page

 Send to a Friend  Send to a Friend


Sorry, Comments are not available for this article.

 
The ISO 17799 Implementation Forum: A BS7799 / ISO27001, ISO17799 and ISO 27000 User Group
All logos and trademarks are property of their respective owner. Comments are property of their posters. The rest © 2005 ISO17799 / ISO 27002 Forum
AKA: BS 7799, SPE 20003, SS 627799, JIS X 5080, AS/NZS 4444, ISO 27001. Other links: UKAS accreditation body. SV
Website source phpnuke.org (c) 2003, and is Free Software under GNU / GPL licence. All Rights Are Reserved.