Monthly newsletter Weekly news roundup Breaking news notification    

BS 7799 becomes ISO 27001

Get free weekly news by e-mailThe internationally recognised British Standard, BS 7799-2:2002 has been updated and adopted as an international standard, ISO 27001:2005. The standard was published by the International Organization for Standardization (ISO) on 15th October 2005.

Essentially, ISO 27001 establishes best practice for an information security management system and complements the ISO 17799 'code of practice' standard, itself first published as BS 7799-1. The two standards are closely aligned and related, but perform distinctive roles.

ISO 17799 details a number of individual security controls, which may be selected and applied as part of the ISMS. ISO 17799, again based on a British Standard, is scheduled to become ISO 27002 in a couple of years.

ISO 27001 specifies the requirements for the security management system itself. It is this standard against which certification is offered. To date 1,870 companies worldwide have certified their ISMS to BS 7799 (source: www.xisec.com), and will be transitioning to ISO 27001 in the next 1-2 years.

Date: 4th Nov 2005 • Region: UK/World Type: Article •Topic: ISM
Rate this article or make a comment - click here



Copyright 2006 Portal Publishing LtdPrivacy policyContact usSite mapNavigation help