The following questions were presented:
Where do you see the standard going in the next few years?
The standard will become part of the ISO
2700 series with new additional parts as below:
ISO 27000 The Information Security Series
ISO 27001 BS 7799 Part 2
ISO 27002 ISO 17799
ISO 27003 Implementation Guidance?
ISO 27004 Metrics and Measurement
ISO 27005 Risk Management?
numbers will keep on increasing, especially in the
(bit of a no-brainer that
will be more proscribed processes in BS 7799/IOS 27000 and other management
standards that risk become more divorced from the way businesses are actually
run and so they will risk alienation from the business.
centralised core of management systems, based on the Deming Cycle will be
introduced and the standards that we know will become plug-ins to the master
management system. This may not happen due to political considerations of the
various people who run and manage the various individual standards.
security will still be seen as an overhead and something that management have to
put up with. They will do as little as possible to get by. This is for
both corporate systems and Governmental ones.
individuals, but not many sadly, will be subject to possible jail sentences for
information security failings.
these will appeal and be tied up in court for long periods of time.
will have better barristers than the Government and so they will win eventually