ISO 27000 ISO27000

The ISO17799 & ISO 27000 Newsletter - The Information Security Standard

ISO 27001 PUBLISHED

The final version of ISO 27001 (replacing the officially termed 'FDIS' draft version), was published at the end of 2005. This final version also directly replaced BS7799-2:2002.

It essentially defines an Information Security Management System, creating a framework for the design, implementation, management and maintenance of IS processes throughout an organization.

As with BS7799, ISO 27001 continues to 'work with' ISO 17799. They are two distinct documents, but are designed to support each other:
- ISO 17799 is a code of practice, providing details of individual controls for potential implementation
- ISO 27001 defines the information management system itself, which 'over-arches' the former.

CERTIFICATION
Certifications are granted with respect to ISO 27001. Existing certificates for BS7799-2 are subject to a defined transition process for conversion. Certificate holders should contact their own certification bodies.

SOURCES OF THE CURRENT VERSION
The current version can be obtained from BSI's official online shop, Standards Direct:
ISO 27001 Download
Customers at that source can download the official version of the standard in PDF format.

Also, a special version of the ISO 17799 Toolkit has been created, which includes ISO 27001 as opposed to the old BS7799. It is also available from the above site:



Return to the ISO 17799 Newsletter





 

 





Subscribe

Free subscription is via our online form


ISO 27001

FURTHER INFORMATION:
ISO 27001 Online
ISO 27001 Portal

Note: ISO 27001 is the first standard in the ISO 27000 series to be published. ISO 27000 will untimately comprise a number of related information security standards.

 

Contact Us

© Copyright 2005/2006.