Firewall Wizards mailing list archives
Re: iso 17799
From: Chuck Swiger <chuck () codefab com>
Date: Fri, 16 Jul 2004 13:47:17 -0400
avraham shir-el (arthur sherman) wrote:
i hope i'm not opening a pandora's box here, but-i'm following this list for ~ a year now and haven't seen any mention of iso 17799. it's defined on their website as "a comprehensive set of controls comprising best practices in IS" i've seen lots on this list aboutbest practices w/o any refrences to 17799.
You probably won't find references to ISO 17799 if you followed CERT's advisories, or BugTraq, or the securityfocus.com lists, either.
ISO standards seem to read like UN resolutions: "blah blah...resolved to take decisive action...blah blah...ideal security obtained through maximizing end-user satisfaction...blah blah...security policy must use the following terms to be ISO-compliant and be at least three times too complicated to make sense...blah blah...nomination and selection of ISO representives to oversee implementation of security policy must be done through approved ISO accrediting agency...blah blah..."
The level of paper-shuffling involved with ISO standards seems to be inversely related to actually doing anything useful with regard to security.
-- -Chuck _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- iso 17799 avraham shir-el (arthur sherman) (Jul 15)
- Re: iso 17799 Rachel Rosencrantz (Jul 19)
- RE: iso 17799 Wes Noonan (Jul 19)
- Re: iso 17799 Bennett Todd (Jul 19)
- Re: iso 17799 Chuck Swiger (Jul 19)
- Re: iso 17799 Devdas Bhagat (Jul 19)
- Re: iso 17799 George Capehart (Jul 19)
- Re: iso 17799 Chuck Swiger (Jul 19)
- Re: iso 17799 Paul D. Robertson (Jul 19)
- Re: iso 17799 Marcus J. Ranum (Jul 19)
- Re: iso 17799 George Capehart (Jul 20)
- Re: iso 17799 Marcus J. Ranum (Jul 19)
- Re: iso 17799 Christine Kronberg (Jul 20)
- <Possible follow-ups>
- Re: iso 17799 J. Oquendo (Jul 19)
- Re: iso 17799 Bennett Todd (Jul 19)
- Re: iso 17799 Dana Nowell (Jul 20)
- Re: iso 17799 Paul D. Robertson (Jul 21)
- Re: iso 17799 Dana Nowell (Jul 20)
- Re: iso 17799 Devdas Bhagat (Jul 21)
- Re: iso 17799 Paul D. Robertson (Jul 21)
(Thread continues...)
- Re: iso 17799 Rachel Rosencrantz (Jul 19)