Web - Amazon

We provide Linux to the World


We support WINRAR [What is this] - [Download .exe file(s) for Windows]

CLASSICISTRANIERI HOME PAGE - YOUTUBE CHANNEL
SITEMAP
Audiobooks by Valerio Di Stefano: Single Download - Complete Download [TAR] [WIM] [ZIP] [RAR] - Alphabetical Download  [TAR] [WIM] [ZIP] [RAR] - Download Instructions

Make a donation: IBAN: IT36M0708677020000000008016 - BIC/SWIFT:  ICRAITRRU60 - VALERIO DI STEFANO or
Privacy Policy Cookie Policy Terms and Conditions
ISO/IEC 17799 - Wikipedia, the free encyclopedia

ISO/IEC 17799

From Wikipedia, the free encyclopedia

You have new messages (last change).

ISO/IEC 17799 is an information security standard published and most recently revised in June 2005 by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). It is entitled Information technology - Security techniques - Code of practice for information security management. The current standard is a revision of the version published in 2000, which was a word-for-word copy of the British Standard (BS) 7799-1:1999.

ISO/IEC 17799 provides best practice recommendations on information security management for use by those who are responsible for initiating, implementing or maintaining information security management systems. Information security is defined within the standard in the context of the C-I-A triad:

the preservation of confidentiality (ensuring that information is accessible only to those authorised to have access), integrity (safeguarding the accuracy and completeness of information and processing methods) and availability (ensuring that authorised users have access to information and associated assets when required).

The 2005 version of the standard contains the following twelve main sections:


Within each section, IT security controls and their objectives are specified and outlined. The IT security controls are generally regarded as best practice means of achieving those objectives. For each of the controls, implementation guidance is provided. Specific controls are not mandated since:

  1. Each organization is expected to undertake a structured information security risk assessment process to determine its requirements before selecting controls that are appropriate to its particular circumstances. (The introduction section outlines a risk assessment process although there are more specific standards covering this area such as ISO Technical Report TR 13335 GMITS Part 3 - Guidelines for the management of IT security - Security Techniques.)
  2. It is practically impossible to list all conceivable controls in a general purpose standard

ISO/IEC 17799 has directly equivalent national standards in countries such as Australia and New Zealand (AS/NZS ISO/IEC 17799:2006), the Netherlands (NEN-ISO/IEC 17799:2002 nl, 2005 version in translation), Sweden (SS 627799), Japan (JIS Q 27002), UNE 71501 (Spain), the United Kingdom (BS ISO/IEC 17799:2005) and Uruguay (UNIT/ISO 17799:2005). Translation and local publication often results in several months' delay after the main ISO/IEC standard is revised and released.

ISO/IEC 17799:2005 is expected to be renamed ISO/IEC 27002 in 2007. The ISO/IEC 27000 series has been reserved for information security matters with a handful of related standards such as ISO/IEC 27001 having already been released and others such as ISO/IEC 27004 - Information Security Management Metrics and Measurement - currently in draft.

Contents

[edit] Certification

ISO/IEC 27001 (Information technology - Security techniques - Information security management systems - Requirements) specifies a number of requirements for establishing, implementing, maintaining and improving an information security management system consistent with the best practices outlined in ISO/IEC 17799. This replaced BS 7799-2:2002: Information security management systems - Specification with guidance for use. Previously, organizations could only be officially certified against the British Standard (or national equivalents) by certification/registration bodies accredited by the relevant national standards organizations. The international standard can now be used for certification.

[edit] References

  • ISO/IEC 17799:2005
  • ISO/IEC 27001
  • ISO CD 27799: Health informatics - Security management in health using ISO 17799

[edit] External links

[edit] See also

Retrieved from "http://en.wikipedia.org../../../i/s/o/ISO_IEC_17799_f632.html"
Our "Network":

Project Gutenberg
https://gutenberg.classicistranieri.com

Encyclopaedia Britannica 1911
https://encyclopaediabritannica.classicistranieri.com

Librivox Audiobooks
https://librivox.classicistranieri.com

Linux Distributions
https://old.classicistranieri.com

Magnatune (MP3 Music)
https://magnatune.classicistranieri.com

Static Wikipedia (June 2008)
https://wikipedia.classicistranieri.com

Static Wikipedia (March 2008)
https://wikipedia2007.classicistranieri.com/mar2008/

Static Wikipedia (2007)
https://wikipedia2007.classicistranieri.com

Static Wikipedia (2006)
https://wikipedia2006.classicistranieri.com

Liber Liber
https://liberliber.classicistranieri.com

ZIM Files for Kiwix
https://zim.classicistranieri.com


Other Websites:

Bach - Goldberg Variations
https://www.goldbergvariations.org

Lazarillo de Tormes
https://www.lazarillodetormes.org

Madame Bovary
https://www.madamebovary.org

Il Fu Mattia Pascal
https://www.mattiapascal.it

The Voice in the Desert
https://www.thevoiceinthedesert.org

Confessione d'un amore fascista
https://www.amorefascista.it

Malinverno
https://www.malinverno.org

Debito formativo
https://www.debitoformativo.it

Adina Spire
https://www.adinaspire.com