The ISO27000 Newsletter - News & Views on the ISO/IEC Security Standard

ISO17799 News - Issue 4

Welcome to the fourth edition of The ISO27000 Newsletter, designed to keep you abreast of news and developments with respect to ISO 17799 and information security.

The information contained in this newsletter is absolutely free to our subscribers and provides guidance on various practical issues, plus commentary on recent Information Security incidents.

Guidance and information included in this issue:

The ISO17799 standard can be acquired either stand alone or as part of an introductory pack appropriately called 'The ISO17799 Toolkit'. But why was it packaged thus, and what is included in the pack?

The purpose of the toolkit is to help organizations get off to a flying start with respect to ISO17799... not only to understand the standard itself but to begin to address many of the standard's requirements more quickly.

The contents can be broken down into two groups: those that help the organization to understand where ISO17799 fits and what is involved in embracing it, and those that help an organization to take the first critical steps to compliance.

In the former group are the 'RoadMap to Certification' (which broadly describes the process of gaining certification), the 'XL Management Presentation' (which explains the history, background and current status of the standard) and of course the ISO 17799 standard itself (both parts).

In the latter group are some key items to aid compliance. These include a comprehensive set of ISO17799 compliant security policies to address section 3 (Security Policy) and business continuity audit checklists to help address section 11 (Business Continuity Management).

It doesn't end there, however. For the audit section there is a detailed set of audit questionnaires to address various issues and platforms. For newcomers to information security there is even a substantial glossary of terms.

Clearly, creating such a toolkit was a significant undertaking. However, in terms of helping organizations exploring the initial stages of ISO17799, it can be invaluable.

More information on the ISO17799 Toolkit and how to purchase can be found at:

The standard itself can alternatively be procured from:





Free subscription is via our online form



Contact Us

© Copyright 2005/2006. RS