ISO 17799 and ISO 27001 Newsletter

The BSI Interview

The following questions were presented:

BS7799 / ISO/IEC17799 was originally a 'code of practice' published by the DTI. Could you explain the process by which it became a BS standard, and then eventually an ISO standard?

In co-operation with BSI British Standards, the DTI published a report in the early 1990s, “User requirements for IT Security Standards”, which was compiled by Sema Group (now Atos Origin). Recommendations from this report led to the formation of a BSI committee (BDD/2) and the publication of BS 7799-1 Code of practice for information security management in 1995 and BS 7799-2 Information security management. Specification for information security management systems in 1998.

Further development of these standards over the next five years included a revision process that enabled international comment to be included and, as a result, led to British Standards that had world-wide appeal. International take up of the standards was substantial and in 1999 the committee submitted BS 7799-1 to ISO to become an international standard, now ISO/IEC 17799.

The same decision was taken recently in relation to BS 7799-2 and this is anticipated to be published in November 2005 as ISO/IEC 27001.



**The Newsletter**

The ISO 17799 and ISO 27001 Newsletter is published periodically. It provides news and background for those interested in information security generally, and ISO17799 / ISO27001 specifically. In addtion, we provide occasional 'breaking news' bulletins covering any major event related to the standards.


Free subscription is via our online form



Contact Us

© Copyright 2005/2006.