ISO 17799 2005

The ISO27000 Newsletter - News & Views on the ISO/IEC Security Standard

ISO 17799 2005 Published

The revision of ISO/IEC 17799 is now available. This new version has been under development and in process for several years, and introduces a number of siginificant changes to the code of practice. The old version, which was originally published in December 2000, has been withdrawn with immediate effect, as is common with ISO standards.

The new standard now contains eleven 'core' chapters, as opposed to ten previously. The existing chapters have also been renamed and re-organized. The new chapter structure is as given below:

    Security Policy
    Organizaing Information Security
    Asset Management
    Human Resources Security
    Physical and Environmental Security
    Communications and Operations Management
    Access Control
    Information Systems Acquisition, Development and Maintenance
    Information Security Incident Management
    Business Continuity Management
    Compliance.

The new version of the standard also introduces a range of new controls (seventeen in total) to address a number of emerging issues not previously covered. These include topics such as provision of outsourcing, external service delivery, and patch management. Equally, other areas have been substantially extended or re-shaped, such as employment termination, and mobile/distributed communication. Several old controls have been retired, or merged into others.

In addition to the content itself, steps have also been taken to enhance the "user friendliness" of the standard. The standard has also been normalized to position itself to sit more comfortably alongside related security standards in the future.

ISO 17799 Usability

ISO 17799 2005 Usability



SOURCES OF THE NEW STANDARD
The official online shop (via BSI) has been updated to provide copies of this new standard, rather than the old one, as has SNV's download portal:
Standards Direct (BSI)
Standards Online Shop (SNV)

Also, the ISO 17799 Toolkit, the support kit for the standard, has been updated to include the new version:
ISO 17799 Toolkit



Return to the ISO 17799 Newsletter Front Page





 

 





Subscribe

Free subscription is via our online form

 

 

Contact Us

© Copyright 2005/2006. RS