Security Park - New ISO 17799 Security Standard Published
New ISO 17799 Security Standard Published
The official revision of the ISO 17799 security standard is now available. This has been under development for several years, and introduces a number of major changes to ISO17799. The old version, published initially in 2000, has been withdrawn with immediate effect.
ISO 17799 now contains eleven content sections, as opposed to ten in the old version, with some existing chapters being re-worked and re-named.
The new section format is as follows:
1) Security Policy
2) Organizing Information Security
3) Asset Management
4) Human Resources Security
5) Physical and Environmental Security
6) Communications and Operations Management
7) Access Control
8) Information Systems Acquisition, Development and Maintenance
9) Information Security Incident Management
10) Business Continuity Management
11) Compliance.
The new version also introduces security controls to address a variety of issues not previously covered. These include outsourcing provision and patch management. Other areas have been extended, such as employment termination, and distributed communication.
In addition to the content itself, steps have also been taken to make the standard more 'user friendly.'
The following official outlet (BSI) has been updated to provide copies of the new standard:
http://www.standardsdirect.org/iso17799.htm
The ISO 17799 Toolkit, the standard's support kit, has also been updated to include the new version: http://www.17799-toolkit.com
———————————
I have often heard of this standard, but have not actually paged thought it yet. Hope to soon.
Print | posted on Tuesday, June 21, 2005 5:04 PM