|
Posted by Sue Thomas on June 17, 2005, 3:55 am
If you were Registered and logged in, you could reply and use other advanced thread options
The latest revision of ISO 17799, has been under development for
several years, is now available. It introduces a number of fundamental
changes to the standard. The old version, ISO17799:2000, has been
withdrawn.
ISO 17799 now contains eleven 'core' chapters, as opposed to the
previous ten, with existing chapters also being re-organized. The new
setup is as follows:
- Security Policies
- Organizing Information Security
- Asset Management
- Human Resources Security
- Physical and Environmental Security
- Information Security Incident Management
- Communications and Operations Management
- Access Control
- Information Systems Acquisition, Development and Maintenance
- Business Continuity Management
- Compliance.
ISO 17799 2005 also introduces controls to address security related
issues not previously covered. These include outsourcing provision,
patch management and others. Other issues have been extended or
re-written (eg: employment termination, and mobile comms).
Steps have also been taken to imprive the end user friendliness of the
document itself.
OFFICIAL SOURCES
The following official outlet (via BSI) has been updated to provide
downloads of the new standard:
http://www.standardsdirect.org/iso17799.htm
The ISO 17799 Toolkit, the standard's support kit, has also been
updated to include the 2005 version:
http://www.17799-toolkit.com
For more information see the ISO17799 Newsletter archive site:
http://17799-news.the-hamster.com
Kind regards,
Sue
| 
XML site map