Welcome to this, the seventh edition of The ISO27000 Newsletter, designed to keep you abreast of updates and developments with respect to the ISO17799 information security standard.
The information contained in this newsletter is free to our subscribers and provides guidance on practical issues, plus commentary on recent Information Security incidents.
Included in this issue are the following topics:
THE ISO 17799 POLICY TOOLKIT - A CLOSER LOOK
ISO17799 is of course sold stand alone or as part of the ISO17799 Toolkit, the latter being designed to include a set of the basic building blocks for the standard. But what are these 'building blocks', and what are their functions? The following list of toolkit components should hopefully address these questions:
1) The ISO 17799 Standard - the standard itself (in PDF format).
2) BS7799 - this is part 2 of the standard, and again is provided as a PDF document.
3) A Disaster Recovery Kit - to assist with section 12, checklists, questionnaires and assessment materials for business continuity.
4) Security Policies - essentially hundreds of ISO 17799 policies. This is a substantial document (MS-Word) and in particular is highly acclaimed.
5) The Information Security Glossary - 115 pages of definitions and explanations
6) The E-Security Audit Kit - a series of detailed questionnaires and checklists for security audit and review
7) An ISO17799 Management Presentation - a PowerPoint presentation on the standard
8) A Roadmap for Certification - an explanation of the process
9) Business Impact Analysis - as BIA is a critical part of security implementation, a full coded questionnaire is included.
Clearly, many of these are essentials, and the toolkit ensures that maximum value is obtained by providing them as part of an integrated downloadable package.
For further information on The ISO17799 Toolkit, and to obtain a copy, see: ISO 17799 Toolkit