[Gllug] OT: ISO 17799

Simon Wilcox essuu at ourshack.com
Fri Feb 28 11:41:48 UTC 2003


On 27 Feb 2003, Thomas Charles Robinson wrote:

> I think if you go to BSI you can buy the standard. It's a bit thin for
> the price but if you follow it through you should end up with a good
> understanding of what is required. Unfortunately it is hard work and
> every case has its individual needs. As long as the base criteria from
> the standard are satisfied, you're OK. From memory I think there are
> actually two standards that are commonly used. The BSI 7799 and the ISO
> 17799. To implement the security properly you need to mix and match.

They're exactly the same, except that one is ratified by the ISO, having 
been developed by the BSI. It happens quite a lot, like the BS/ISO 9001 
quality standard.

Amazon suggetss a few titles related to 7799 but they're all quite 
expensive. The best bet is to buy the standard and read it. Most of it is 
common sense but unless you work in a large company I'll put money on the 
fact that your bosses won't let it be implemented properly as it will put 
too much paperwork in the way of their "commercial priorities" ;-)

Simon.


-- 
Gllug mailing list  -  Gllug at linux.co.uk
http://list.ftech.net/mailman/listinfo/gllug




More information about the GLLUG mailing list