New Version of ISO 17799 Published
Source: Sara Hollins - Posted by Benjamin D. Thomas   
Security The revision of the ISO 17799 information security standard is now available. This has been under development for several years, and introduces a major changes to ISO 17799. The old version, published originally in 2000, has been withdrawn.

ISO17799 now contains eleven prime 'content' sections, as opposed to ten in the 2000 edition, with some existing chapters being re-worked. The new format of the standard is as follows:

1) Security Policy 2) Organizaing Information Security 3) Asset Management 4) HR Security 5) Physical and Environmental Security 6) Communications and Operations Management 7) Access Control 8) Information System Acquisition, Development and Maintenance 9) Information Security Incident Management 10) Business Continuity 11) Compliance.

The new version also introduces controls to address a range of threats not previously covered. These include coverage of issues such as outsourcing and patch management.Various other topics have been extended, such as employment termination, and distributed communication.

OFFICIAL SOURCES The following official (BSI) outslet has been updated to offer the new standard:

The ISO 17799 Toolkit, the standard's support and starter kit, has also been updated:

For more information see the ISO 17799 Newsletter archive site at:

ISO 17799 Newsletter

Read this full article at Sara Hollins

Only registered users can write comments.
Please login or register.

Powered by AkoComment!