The 7799 standards are becoming the most widely recognised security standards in the world. BS ISO/IEC 17799:2000 is a solid framework upon which to build the policies and procedures that support an organisation's information security program, and BS 7799:2 is an outstanding means to measure subsequent security compliance. Despite their quality, however, these standards remain simply an objective framework for the development of information security practices within the organisation. Like all objective standards, they need to be applied to the organisation at the granular level, with substantial expertise, or else they may prove ineffective in meeting corporate information security goals. Ideally, these standards must be supported by a security program in order to provide effective, real world protection to the organisation?s environment.
For years, the business community has been searching for a practical information security standard - one that can provide an organisation with best practices and yet be cost-effectively, reasonably...
To continue reading this article...
Join Computing
- Unlimited access to real-time news, analysis and opinion from the technology industry
- Receive important and breaking news in our daily newsletter
- Be the first to hear about our events and awards programmes
- Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
- Access to the Computing Delta hub providing market intelligence and research
- Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders