[Full-Disclosure] Re: BS7799/ISO17799

Date: 01/22/04

  • Next message: Blue Boar: "Re: [Full-Disclosure] Major hack attack on the U.S. Senate"
    Date: Fri, 23 Jan 2004 02:15:42 +0800
    To: undisclosed-recipients: ;

    On Wed, 21 Jan 2004 09:36:16 -0800 n30 wrote:

    > How do I get BS 7799 / ISO 17799 certified? Googling gave me some
    results on

    Actually one can be certifed only on BS7799 Pt 2 and not on ISO 17799.
    The former specifies the requirements for an Information Security
    Management System (ISMS) based on ISO 17799:2000/BS 7799 Pt1:2000. ISO
    17799 is just a guide to best practices in the management of information
    security and hence is not certifiable unlike BS7799 Pt 2 which llists
    down the requirements for an ISMS. Cetification for BS7799 is avauilable
    from several international bodies e.g. those accreditated from UKAS
    Many local national certification bodies are also in the process of
    getting accreditation from org like UKAS to be able to offer
    certification for BS7799.

    ISO17799:2000 itself is currently undergoing revision (see work done by
    ISO/IEC JTC1 SC27/WG1). In addition the ISO/IEC JTC1 SC27/WG1 is
    currently working on an ISMS standard which if accepted should be an
    alternative to BS7799.

    Full-Disclosure - We believe in it.
    Charter: http://lists.netsys.com/full-disclosure-charter.html

  • Next message: Blue Boar: "Re: [Full-Disclosure] Major hack attack on the U.S. Senate"

    Relevant Pages

    • RE: [Full-Disclosure] Security Advisory MA-2003-01 - CISSP Trojan
      ... This form of attack has been implemented in New Zealand ... > professional certification in the field of information security. ... > CISSP prompts target user with a series of 250 questions ...
    • Re: [Full-Disclosure] Security Certifications
      ... Security Advisory MA-2003-01 CISSP - Trojan Security Certification ... standard for professional certification in the field of information security. ...
    • Re: security engineer skills set for software engineering background
      ... Take into consideration that you are asking this question on a crypto ... highly technically qualified person in your company, the CISSP will not ... certification, not a technical certification. ... Nobody is an expert in every field of information security. ...
    • RE: What about beginners?
      ... positions they ethier ask for certification or years of experience. ... be able to enter the world of Information security? ... >> information security, but How and where do I begin? ... >> sound like it is mostly for proffisionals who just would like to add makeup ...