(PRWEB) June 20, 2005
The official revision of the ISO 17799 security standard is now available. This has been under development for several years, and introduces a number of major changes to ISO17799. The old version, published initially in 2000, has been withdrawn with immediate effect.
ISO 17799 now contains eleven 'content' sections, as opposed to ten in the old version, with some existing chapters being re-worked and re-named. The new section format is as follows:
1) Security Policy
2) Organizing Information Security
3) Asset Management
4) Human Resources Security
5) Physical and Environmental Security
6) Communications and Operations Management
7) Access Control
8) Information Systems Acquisition, Development and Maintenance
9) Information Security Incident Management
10) Business Continuity Management
The new version also introduces security controls to address a variety of issues not previously covered. These include outsourcing provision and patch management. Other areas have been extended, such as employment termination, and distributed communication.
In addition to the content itself, steps have also been taken to make the standard more 'user friendly.'
The following official outlet (BSI) has been updated to provide copies of the new standard:
The ISO 17799 Toolkit, the standard's support kit, has also been updated to include the new version:
For further information see the ISO 17799 Newsletter archive site at: