March 2nd, 2005, 05:59 PM
Information Security Standard: ISO17799?
Anyone ever work with ISO17799 in regards to database security or security in general? I haven't but while I was reseaching - I thought to ask the community for your thoughts on this.
This is a pay site: http://www.iso17799.net/
Here is a presentation on the standard if you are interested: http://matrix0.members.beeb.net/iso-17799/
Just found another source of information about the "what-is" of this standard:
March 8th, 2005, 01:08 PM
BS7799 is almost exactly the same as ISO17799 and lots of British local and central government organisations are working towards achieving BS7799 compliance.
The organisation I work for uses BS7799 as a basis for developing and maintaining security standards but we are not aiming for the kitemark due to the cost. Quite a few companies are doing the same. Their is little benefit from the kitmark itself but aiming towards the standard is a useful exercise.
September 17th, 2005, 02:54 PM
Re: Information Security Standard: ISO17799?
A couple of updates here:
a) The sister standard for ISO 17799, currently called BS7799, is being upgraded and will be published as an ISO standard later in the year: ISO 27001
b) Be aware that ISO 17799 has recently been re-published (June 2005) to reflect technology changes in the last 5 years, as well as prepare for closer integration with other standards.
c) http://www.iso17799.net/ is simply a forwarder, and is actually changing URL to http://www.standardsdirect.org/iso17799.htm. The pointer will be withdrawn at the end of the year.
One other place you might want to look for information in this area is actually the ISO 17799 User Group. There is also now an ISO 17799 Wiki available.
I hope this is helpful.