ISO 17799 and ISO 27001 Newsletter

The BSI Interview

The following questions were presented:

There have been suggestions part 3 of the series is in development, to be called BS7799-3. What is that all about and what will it cover?

BS 7799-3 Information security management systems (ISMS) Part 3:
Guidelines for information security risk management is under development and was issued for public comment in July 2005.

The Standard provides guidance to support the requirements specified in ISO / IEC 27001 regarding all aspects of an ISMS risk management cycle. This includes assessing and evaluating risks, implementing controls to treat the risks, monitoring and reviewing the risks, and maintaining and improving the system of risk controls.

The focus of the Standard is effective information security through an ongoing programme of risk management activities. The Standard is intended to be applicable to all organisations, regardless of their type, size and nature of business.



**The Newsletter**

The ISO 17799 and ISO 27001 Newsletter is published periodically. It provides news and background for those interested in information security generally, and ISO17799 / ISO27001 specifically. In addtion, we provide occasional 'breaking news' bulletins covering any major event related to the standards.


Free subscription is via our online form



Contact Us

© Copyright 2005/2006.