Security Basics mailing list archives
RE: ISO IEC 27002 (ISO-17799) assistance please.
From: "Abimbola, Abiola" <Abiola.Abimbola () bskyb com>
Date: Fri, 11 Jan 2008 16:15:49 -0000
Hi chris, I read standards it says in the control objectives section ( Annex A) A.11.5.5 that inactive sessions shall shut down after a defined period of inactivity. Hope this helps Abiola Abimbola Information Security Analyst BSkyB (England) 1111-5409 -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Chris Barber Sent: 11 January 2008 02:36 To: security-basics () securityfocus com Subject: ISO IEC 27002 (ISO-17799) assistance please. I am hoping that the experts on this list might be able to assist me with problem. I have a consultant who is doing some audit work for the company I work for. This consultant has been quoting information about best business practice and standards and has my managment in a bit of a tizzy. So far I have been able to prove or disprove most things that he has been telling my managment, but I am stuck one and it seems that this item has struck a nerve. The consultant has claimed that both NIST and ISO-17799 recomend the use of automated workstation locking after X minutes. I have found information on the NIST Standard but have not been able to find anything on the ISO-17799 standard (or atleast not without buying it). Does anyone on the list happen to have a copy of ISO-17799, if so could you help me prove or disprove this comment? I have done several google searches and all of the links I get end up asking me to purchase the Standard. I think having it would be a good thing, just that I do not have money in my budget to purchase it. Many thanks in advance, Chris. ----------------------------------------- Information in this email including any attachments may be privileged, confidential and is intended exclusively for the addressee. The views expressed may not be official policy, but the personal views of the originator. If you have received it in error, please notify the sender by return e-mail and delete it from your system. You should not reproduce, distribute, store, retransmit, use or disclose its contents to anyone. Please note we reserve the right to monitor all e-mail communication through our internal and external networks. SKY and the SKY marks are trade marks of British Sky Broadcasting Group plc and are used under licence. British Sky Broadcasting Limited (Registration No. 2906991), Sky Interactive Limited (Registration No. 3554332), Sky-In-Home Service Limited (Registration No. 2067075) and Sky Subscribers Services Limited (Registration No. 2340150) are direct or indirect subsidiaries of British Sky Broadcasting Group plc (Registration No. 2247735). All of the companies mentioned in this paragraph are incorporated in England and Wales and share the same registered office at Grant Way, Isleworth, Middlesex TW7 5QD.
Current thread:
- ISO IEC 27002 (ISO-17799) assistance please. Chris Barber (Jan 11)
- Re: ISO IEC 27002 (ISO-17799) assistance please. Roch (Jan 11)
- RE: ISO IEC 27002 (ISO-17799) assistance please. Beryl Podoll (Jan 14)
- RE: ISO IEC 27002 (ISO-17799) assistance please. Abimbola, Abiola (Jan 11)
- Re: ISO IEC 27002 (ISO-17799) assistance please. Tima Soni (Jan 16)
- Re: ISO IEC 27002 (ISO-17799) assistance please. Tima Soni (Jan 17)
- <Possible follow-ups>
- Re: ISO IEC 27002 (ISO-17799) assistance please. chief (Jan 12)
- Re: ISO IEC 27002 (ISO-17799) assistance please. anirudh vidolkar (Jan 14)
- Re: ISO IEC 27002 (ISO-17799) assistance please. jenna (Jan 14)
- Re: ISO IEC 27002 (ISO-17799) assistance please. WALI (Jan 21)
- Re: ISO IEC 27002 (ISO-17799) assistance please. Sheldon Malm (Jan 14)
- RE: ISO IEC 27002 (ISO-17799) assistance please. Thyago Braga da Silva (Jan 14)
- RE: ISO IEC 27002 (ISO-17799) assistance please. Ardian Silvano (Jan 15)
- Re: ISO IEC 27002 (ISO-17799) assistance please. Roch (Jan 11)