Full Disclosure mailing list archives
Re: BS7799/ISO17799
From: katbert () pc jaring my
Date: Fri, 23 Jan 2004 02:15:42 +0800
full-disclosure () lists netsys com ÿôÿýÿôÿýOn Wed, 21 Jan 2004 09:36:16 -0800 n30 wrote:
How do I get BS 7799 / ISO 17799 certified? Googling gave me some
results on Actually one can be certifed only on BS7799 Pt 2 and not on ISO 17799. The former specifies the requirements for an Information Security Management System (ISMS) based on ISO 17799:2000/BS 7799 Pt1:2000. ISO 17799 is just a guide to best practices in the management of information security and hence is not certifiable unlike BS7799 Pt 2 which llists down the requirements for an ISMS. Cetification for BS7799 is avauilable from several international bodies e.g. those accreditated from UKAS (http://www.ukas.com/information_centre/technical/technical_bs7799.asp). Many local national certification bodies are also in the process of getting accreditation from org like UKAS to be able to offer certification for BS7799. ISO17799:2000 itself is currently undergoing revision (see work done by ISO/IEC JTC1 SC27/WG1). In addition the ISO/IEC JTC1 SC27/WG1 is currently working on an ISMS standard which if accepted should be an alternative to BS7799. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: BS7799/ISO17799 katbert (Jan 22)