Welcome to the tenth issue of ISO17799 News, designed to keep you abreast of developments and news with respect to ISO 17799 and information security. The information within the newsletter is totally free to subscribers and provides guidance on various practical issues, as well as commentary on recent Information Security incidents.
Included in this edition are the following topics:
AN ABRIDGED HISTORY OF ISO 17799
Where did it come from? When? Who produced it? Why? Perhaps most of these questions can be answered via an abridged history of the standard:
ISO 17799 actually began life as the DTI Code of Practice (CoP) for Information Security, the 'DTI' being the UK Government's Department of Trade and Industry. This was published in the early nineties. Even in these early years, however, BSI was involved, and indeed, the CoP was re-badged and re-published as BS7799-1 in 1995.
This certainly had its supporters, but it was not widely embraced, for a variety of reasons. This situation was to change in the late nineties.
In 1999 a major revision of the standard was published. This significantly strengthened the standard in many respects. Accreditation and certification schemes were also launched, and these helped increase the momentum.
Within a year or so, the standard had been fast-tracked through ISO, and it became ISO 17799 in December 2000. This stimulated worldwide interest further. In 2002 BSI published BS7799-2, a second part, which covered ISMS and helped bridge the gap with ISO 9000. The ISO17799 Toolkit was released around the same time.
Since then, the standard has gone from strength to strength, and as the sales data in this newsletter illustrates, it is now very much a worldwide phenomenon.
- First certified organization: Business Link City Partners.
- First certification bodies: LRQA and BSI
- First ISO17799 related product: COBRA
- First ISO 17799 domain name: iso17799.com (owned not surprisingly by BSI)
- First qualified certified BS7799 c:cure Auditor: David Lilburn Watson
- First populated dedicated ISO17799 website: iso17799software.com
- First regular dedicated publication: This one!
This list was compiled following are own research. If you know of any organization/website/etc that existed prior to these, please let us know!
An interview with David Watson will appear in a future edition of ISO 17799 News.