Welcome to this, the seventh edition of The ISO17799 newsletter, designed to keep you abreast of updates and developments with respect to the ISO 17799 information security standard.

The information contained in this newsletter is free to our subscribers and provides guidance on practical issues, plus commentary on recent Information Security incidents.

Included in this issue are the following topics:

• Working from Home - Securely!
• Still More on Service Level Agreements (ISO17799 Section 4)
• It Couldn't Happen Here.... Could It?
• The ISO17799 Toolkit - A Closer Look
• The Criticality of Documentation - Policy
• Business Continuity Focus Increases (ISO17799 Section 11)
• The DTI Survey
• More Frequently Asked ISO17799 Questions
• ISO 17799: How Far To Go?
• Guidelines On Cookies
• Certifications - Sample Scopes
• Six of the Best: Password Guidelines

ISO 17799: HOW FAR SHOULD WE GO?
How far to go along the ISO17799 path? A very common question.

For some, only full certification will do, due to a variety of reasons. For others, positioning is adequate - reaching a position of compliance and then monitoring competitors carefully.

In many cases, the appropriate posture will be clear. However, for those unsure of how far to proceed, the online presentation at: iso17799software.com/presentation/ may be useful. This presents ISO17799 in the context of past, present and possible future.