[Gllug] OT: ISO 17799
Simon Wilcox
essuu at ourshack.com
Fri Feb 28 11:41:48 UTC 2003
On 27 Feb 2003, Thomas Charles Robinson wrote:
> I think if you go to BSI you can buy the standard. It's a bit thin for
> the price but if you follow it through you should end up with a good
> understanding of what is required. Unfortunately it is hard work and
> every case has its individual needs. As long as the base criteria from
> the standard are satisfied, you're OK. From memory I think there are
> actually two standards that are commonly used. The BSI 7799 and the ISO
> 17799. To implement the security properly you need to mix and match.
They're exactly the same, except that one is ratified by the ISO, having
been developed by the BSI. It happens quite a lot, like the BS/ISO 9001
quality standard.
Amazon suggetss a few titles related to 7799 but they're all quite
expensive. The best bet is to buy the standard and read it. Most of it is
common sense but unless you work in a large company I'll put money on the
fact that your bosses won't let it be implemented properly as it will put
too much paperwork in the way of their "commercial priorities" ;-)
Simon.
--
Gllug mailing list - Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug
More information about the GLLUG
mailing list