Security Basics mailing list archives
Re: ISO IEC 27002 (ISO-17799) assistance please.
From: "WALI" <hkhasgiwale () gmail com>
Date: Sun, 20 Jan 2008 20:46:04 +0400
It would be interesting to hear the things you have 'disproven' off his backpack of standards. Might as well give us some ammuniation when auditors come calling this year.
Would you share your experience with others?----- Original Message ----- From: "jenna" <jennasec-focus () yahoo co uk>
To: "Chris Barber" <cmbarber () gmail com>; <security-basics () securityfocus com> Sent: Friday, January 11, 2008 8:30 PM Subject: Re: ISO IEC 27002 (ISO-17799) assistance please. HiI believe it's under A.11.3.2. A time period isn't specified but it is best practice.
Jono ----- Original Message ---- From: Chris Barber <cmbarber () gmail com> To: security-basics () securityfocus com Sent: Friday, 11 January, 2008 2:36:02 AM Subject: ISO IEC 27002 (ISO-17799) assistance please. I am hoping that the experts on this list might be able to assist me with problem. I have a consultant who is doing some audit work for the company I work for. This consultant has been quoting information about best business practice and standards and has my managment in a bit of a tizzy. So far I have been able to prove or disprove most things that he has been telling my managment, but I am stuck one and it seems that this item has struck a nerve. The consultant has claimed that both NIST and ISO-17799 recomend the use of automated workstation locking after X minutes. I have found information on the NIST Standard but have not been able to find anything on the ISO-17799 standard (or atleast not without buying it). Does anyone on the list happen to have a copy of ISO-17799, if so could you help me prove or disprove this comment? I have done several google searches and all of the links I get end up asking me to purchase the Standard. I think having it would be a good thing, just that I do not have money in my budget to purchase it. Many thanks in advance, Chris. __________________________________________________________Sent from Yahoo! Mail - a smarter inbox http://uk.mail.yahoo.com
Current thread:
- ISO IEC 27002 (ISO-17799) assistance please. Chris Barber (Jan 11)
- Re: ISO IEC 27002 (ISO-17799) assistance please. Roch (Jan 11)
- RE: ISO IEC 27002 (ISO-17799) assistance please. Beryl Podoll (Jan 14)
- RE: ISO IEC 27002 (ISO-17799) assistance please. Abimbola, Abiola (Jan 11)
- Re: ISO IEC 27002 (ISO-17799) assistance please. Tima Soni (Jan 16)
- Re: ISO IEC 27002 (ISO-17799) assistance please. Tima Soni (Jan 17)
- <Possible follow-ups>
- Re: ISO IEC 27002 (ISO-17799) assistance please. chief (Jan 12)
- Re: ISO IEC 27002 (ISO-17799) assistance please. anirudh vidolkar (Jan 14)
- Re: ISO IEC 27002 (ISO-17799) assistance please. jenna (Jan 14)
- Re: ISO IEC 27002 (ISO-17799) assistance please. WALI (Jan 21)
- Re: ISO IEC 27002 (ISO-17799) assistance please. Sheldon Malm (Jan 14)
- RE: ISO IEC 27002 (ISO-17799) assistance please. Thyago Braga da Silva (Jan 14)
- RE: ISO IEC 27002 (ISO-17799) assistance please. Ardian Silvano (Jan 15)
- Re: ISO IEC 27002 (ISO-17799) assistance please. Roch (Jan 11)