BS7799-3 Security Risk Management Standard Released Today
- From: "Sue Thomas" <sue@xxxxxxxxxxxxxxx>
- Date: 16 Mar 2006 04:44:23 -0800
The new BS IS security standard, BS7799-3 has been published this
morning. This is officially titled "Guidelines for Information Security
Risk Management", and is deigned to support the general ISMS standard,
ISO 27001, and the code of practice, ISO 17799, which were
published/updated last year.
Whilst ISO27001 covers all aspects of an ISMS, BS7799-3 focuses upon
risk specifically, including:
- assessment/eval of risks
- implementation of controls to address them
- review & monitoring
- maintenance/improvement of the overall control system.
The document is organized as follows:
1. Scope
2. Normative references
3. Terms + definitions
4. IS risks in the organizations context
5. Risk assessment
6. Risk treatment and management decision making
7. Ongoing risk management
The new standard is now available for the main BSI store, 'Standards
Direct':
http://17799.standardsdirect.org/bs7799.htm
Or as part of a special edition of the ISO 17799 Toolkit:
http://www.27005.net
For further information on BS7799, the following references sites may
assist:
http://www.thewindow.to/bs7799/
http://www.17799.com
I hope this is of interest.
Sue
The ISO 17799 Newsletter
http://17799-news.the-hamster.com
.
- Prev by Date: Re: opening outbound 443 port is safe?
- Next by Date: Re: opening outbound 443 port is safe?
- Previous by thread: CertOpenStore: Problem opening user certificates on a remote computer
- Next by thread: How do people write keygens?
- Index(es):
Relevant Pages
|
|
