ISO 27001 Security Standard Published

Share Article

ISO 27001 has, after several months in final draft mode, finally been published as an official standard.

This standard essentially defines an Information Security Management System (known as an ISMS), and compliments the ISO 17799 'code of practice' standard, which was re-published earlier in the year. It specifies the framework for the design, management and maintenance of information security processes within an organization.

These two standards are closely aligned, but fulfill clear and distinct roles:

ISO 17799

This details many hundreds of individual security controls, which may be selected and applied as part of the security management system.

ISO 27001

This specifies the requirements for the security management system itself. It is this standard, as opposed to ISO 17799, against which certification is offered. ISO 27001 has also been "harmonized" to be compatible with other management standards, such as ISO 9000 and ISO 14000.

GLOBAL IMPACT

The publication of the new standard, earlier versions of which were published as BS7799-2, is likely to herald a rapid increase in interest in both information security and certification. Organizations already certified under BS7799-2 will embark on a transitional route, whereas the international status of the new certification standard is bound to have a global impact in terms of numbers following the certification route generally.

This has already started to manifest itself in terms of the number of pre-orders for the new standard, and the recent membership increases of the International ISO 17799 User Group (http://www.17799.com).

SOURCES

The new standard is offered online via the following:

StandardsDirect (BSI): http://17799.standardsdirect.org

SNV will have it available from the following page shortly:

Standards Online: http://www.standards-online.net/InformationSecurityStandard.htm

The support kit for the standard has also been updated to reflect these changes: http://www.17799-toolkit.com

FURTHER INFORMATION

Additional information on both these standards can be obtained from the ISO 17799 News website at:

http://17799-news.the-hamster.com

###

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Sara Hollins
Visit website