[Full-Disclosure] Re: BS7799/ISO17799

katbert_at_pc.jaring.my
Date: 01/22/04

  • Next message: Blue Boar: "Re: [Full-Disclosure] Major hack attack on the U.S. Senate"
    Date: Fri, 23 Jan 2004 02:15:42 +0800
    To: undisclosed-recipients: ;
    
    

    full-disclosure@lists.netsys.com
    On Wed, 21 Jan 2004 09:36:16 -0800 n30 wrote:

    > How do I get BS 7799 / ISO 17799 certified? Googling gave me some
    results on

    Actually one can be certifed only on BS7799 Pt 2 and not on ISO 17799.
    The former specifies the requirements for an Information Security
    Management System (ISMS) based on ISO 17799:2000/BS 7799 Pt1:2000. ISO
    17799 is just a guide to best practices in the management of information
    security and hence is not certifiable unlike BS7799 Pt 2 which llists
    down the requirements for an ISMS. Cetification for BS7799 is avauilable
    from several international bodies e.g. those accreditated from UKAS
    (http://www.ukas.com/information_centre/technical/technical_bs7799.asp).
    Many local national certification bodies are also in the process of
    getting accreditation from org like UKAS to be able to offer
    certification for BS7799.

    ISO17799:2000 itself is currently undergoing revision (see work done by
    ISO/IEC JTC1 SC27/WG1). In addition the ISO/IEC JTC1 SC27/WG1 is
    currently working on an ISMS standard which if accepted should be an
    alternative to BS7799.

    _______________________________________________
    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html


  • Next message: Blue Boar: "Re: [Full-Disclosure] Major hack attack on the U.S. Senate"

    Relevant Pages

    • RE: [Full-Disclosure] Security Advisory MA-2003-01 - CISSP Trojan
      ... This form of attack has been implemented in New Zealand ... > professional certification in the field of information security. ... > CISSP prompts target user with a series of 250 questions ...
      (Full-Disclosure)
    • Re: [Full-Disclosure] Security Certifications
      ... Security Advisory MA-2003-01 CISSP - Trojan Security Certification ... standard for professional certification in the field of information security. ...
      (Full-Disclosure)
    • Re: security engineer skills set for software engineering background
      ... Take into consideration that you are asking this question on a crypto ... highly technically qualified person in your company, the CISSP will not ... certification, not a technical certification. ... Nobody is an expert in every field of information security. ...
      (sci.crypt)
    • RE: What about beginners?
      ... positions they ethier ask for certification or years of experience. ... be able to enter the world of Information security? ... >> information security, but How and where do I begin? ... >> sound like it is mostly for proffisionals who just would like to add makeup ...
      (microsoft.public.platformsdk.security)