qualico quality management consultants

 

 

iso 27001

 

 

BSI Management SystemsISO 27001 Information Security

There are two parts  to this standard and they are summarised as:

 

 
  1. BS ISO/IEC 17799:2000 Code of practice for information security management.
  2. BS 7799-2:2002 Specification for information security management systems.

 

 

 

Part 1

An introduction  to the practice of Information Security and describes the key controls necessary to ensure an effective security implementation.

Part 2

Specifies the requirements for establishing, implementing and documenting an information security management system (SMS) and forms the basis for an assessment of the ISMS. The standard requires a Risk Assessment and the identification of appropriate controls. A set of detailed controls are then described that can be used to achieve the control necessary. The controls needed are:

  • Security Policy
  • Security organisation
  • Assets classification & control
  • Personnel security
  • Physical & Environmental security
  • Communications & Operations management
  • Systems access control
  • System development & maintenance
  • Business continuity management
  • Compliance

BS 7799 Information Security

[Home] [Qualico News] [ISO 9001 Quality Management] [TS 16949 Automotive] [Quality Clubs] [ISO 14001 Environment] [OHSAS 18001 Health and Safety] [ISO 27001 Information Security] [ISO 13485 Medical Devices] [ISO 17025 Calibration and Testing] [AS 9100 Aerospace] [HACCP Food Safety] [What Our Customers Say] [Contact Us]

 

designed by designroom associates
hosted and built by first ideas