Create an account Home  ·  Topics  ·  Downloads  ·  Your Account  ·  Submit News  ·  Top 10  
· Home
· Downloads
· Feedback
· Forums
· Papers
· Statistics
· Surveys
· Top 10
· Topics
· Web Links
· Your Account

Who's Online
There are currently, 15 guest(s) and 0 member(s) that are online.

You are Anonymous user. You can register for free by clicking here

ISO17799 Search

Select Interface Language:

ISO 17799 Resources
There are now quite a few BS7799, ISO27001 and ISO 17799 portals on the web offering commercial tools & products. Possibly the most complete is ISO 17799 and ISO 27001 Central.

Call for Papers
We are shortly to launch a content section for papers and articles on ISO 17799 implementation, BS7799, AS4444, ISO 27001, UNE71502, and information security generally. If you have produced a paper and would like us to publish it, please contact us via the feedback form above.

Welcome to the International ISO 27001 and ISO 27002 (ISO 17799) Community Forum

Welcome to the ISO 27001 and ISO 27002 community portal. Here we will publish news, articles and other information related to the ISO 27000 information security standards. However, primarily the Community Forum is intended to serve as an interactive resource, and is designed to enable the free exchange of related information.

You are therefore invited to join our growing community, free of charge, and share in this rapidly developing security project.

Forums Now Open
ISO 27001 and ISO 27002 Community Portal
The Discussion Forums for ISO27001, ISO27002 and ISO 17799 are now open, and include international language threads. Please feel free to contribute and participate.
Posted by sarahol on Tuesday, January 13 @ 03:20:44 EST (18509 reads)
(Read More... | Score: 5)

Latest ISO 27001 and ISO 27002 FAQ
ISO 27001 and ISO 27002 Community Portal
The latest edition of this FAQ has been published, and contains the following additional frequently asked questions:

1) Why has ISO 17799 been renamed to ISO 27002?
The rename was initiated by ISO, who wanted to align the information security standards under a common naming structure (the 'ISO 27000 series').

2) Which ISO27002 controls are most important?
That largely depends upon the individual organization. However, ISO27002 does give some guidance, in the form of 'legislative essentials' and 'common best practice' under the IS "starting point" section. These are:
- intellectual property rights (12.1.2)
- safeguarding of organizational records (12.1.3)
- data protection and privacy of personal information (12.1.4)
- information security policy document (3.1.1)
- allocation of information security responsibilities (4.1.3)
- information security education and training (6.2.1)
- reporting security incidents (6.3.1)
- business continuity management (11.1)

3) What is a Certification body?
An accredited certification body is a third party organization that assesses/certifies the IS management system against the standard (BS7799-2 / ISO 27001).

4) Who are the Accredited Certification bodies for the standard?
There are a growing number of organizations accredited to grant certification against ISO27001. The following are amongst them: BSI, Certification Europe, DNV, JACO IS, KEMA, KPMG, SFS-Sertifiointi Oy, SGS, STQC, SAI Global Limited, UIMCert GmbH

5) How do I become a certified auditor?
The International Register for Certified Auditors operates a certification scheme for ISMS auditors.

6) How does this standard fit with ISO 9000?
ISO27001 is actually being "harmonized" with other management standards, including ISO 9000 and ISO 14000. Watch this space!

7) Who originally wrote the security standard?
Originally a BSI/DISC committee, which included representatives from a wide section of industry/commerce. It was reviewed subsequently by an ISO (International Standards Organization)committee and ultimately emerged through the ISO publication process.

8) What is the ISO 27000 Toolkit?
This is the main support resource for the standard, including the standard itself, ISO 27002 policy, etc. See top right panel for a more complete description.

9) What is ISO/IEC Guide 62?
This is largely for those bodies operating certification schemes and contains general requirements applicable to them.

10) What is ISO 27001?
BS7799-2, the original specification for an information security management system, was 'fast tracked' by ISO to become ISO 27001 in 2005.

Posted by sarahol on Tuesday, September 02 @ 05:22:26 EDT (27917 reads)
(Read More... | Score: 3.35)

ISO 27000 Toolkit
The ISO 27000 Toolkit is essentially a start-up pack for the standard. It comprises both parts of the standard itself (ISO27001 and ISO27002), a road map, a set of ISO27002 aligned security policies, a presentation, audit checklists, and various other resources.

It is more fully documented on its own specific web site:
The ISO 27000 Toolkit

How long have you been pursuing ISO17799?

Not Started
Less than a month
Less than 6 months
Less than 2 years
More than 2 years


Votes 1882



Don't have an account yet? You can create one. As a registered user you have some advantages like theme manager, comments configuration and post comments with your name.

This is a public forum, designed for peer to peer communication. To be fully effective it requires participation. Please feel free to post articles, papers, forum messages and so on. Be part of the 17799 and ISO27001 community...

The ISO 17799 Implementation Forum: A BS7799 / ISO27001, ISO17799 and ISO 27000 User Group
All logos and trademarks are property of their respective owner. Comments are property of their posters. The rest 2005 ISO17799 / ISO 27002 Forum
AKA: BS 7799, SPE 20003, SS 627799, JIS X 5080, AS/NZS 4444, ISO 27001. Other links: UKAS accreditation body. SV
Website source (c) 2003, and is Free Software under GNU / GPL licence. All Rights Are Reserved.