ISO 17799, ISO IEC 17799, ISO IEC 17799:2000, information security management 

What is ISO 17799?

Home Products

ISO 17799:2000
 
Start of this section

 

   


ISO 17799 Standard, Managing information security

The ISO/IEC 17799:2000 (previously called just ISO 17799) is a risk based approach to managing information security. Information is a valuable asset and being certified to ISO 17799 shows an organisation's commitment to the security of it's information even through disasters and unexpected business downtime.

ISO 17799  is technology independent and concentrates on the management aspect of information security. The ISO17799 is actually a comprehensive set of controls comprising best practices in information security.

Information security is characterized as the preservation of  confidentiality (ensuring that information is accessible only to those authorised to do so), integrity (safeguarding the accuracy and completeness of information), and availability (ensuring that authorised users have access to information when required).

The ISO 17799 standard comprises ten prime sections: 

Security Policy 
System Access Control 
Computer & Operations Management 
System Development and Maintenance 
Physical and Environmental Security 
Compliance 
Personnel Security 
Security Organization 
Asset Classification and Control 
Business Continuity Management (BCM) 

You should always look for an accredited certification body when seeking ISO 17799 certification. A certificate normally lasts for 3 years after which it needs to be renewed. During the life of the certificate annual audits will need to be maintained.

ISO 17799 code of practice and FAQ

Other ISO Certifications

 

  
 

 

  © Copyright 1996-2007 Best Price Computers Ltd

 Last updated: Jan, 2007