|
Put succinctly, ISO 17799
(BS7799) is a set of
guidelines for information
security management. At
first thought, this often
seems synonymous with the
concept of network security
and the implementation of a
security policy. In fact,
ISO 17799 (BS7799)
encompasses far more. The
management of written
documentation held on paper
file is considered, as is
the conveyance of
information by telephone
conversation or even in
person. The standard
includes sections on the
organisation's physical
assets and inventory and
audit procedures, physical
and personal security,
access and control of
information systems,
disaster recovery, and the
implementation of policy.
ISO 17799 (BS7799) can often
add value to an
organisation's existing
business systems, by
reconciling and placing on a
formal standing various
parts of current best
practice. Some of the
required risk analysis, for
instance, may have been
carried out in readiness for
compliance with year 2000
readiness, other
requirements for ISO 17799
(BS7799) such as the
establishment of a clear
management framework are
likely to be in place
already.
This reconciliation should
not, however, serve to
devalue ISO 17799 (BS7799).
To the contrary, attainment
of ISO 17799 (BS7799) could
become a de facto standard
for any organisation wishing
to do business with the
government or any of their
agencies, or indeed with any
other large organisation. To
this end, the standard will
serve as an assurance for
business partners, present
and forthcoming.
PMCI have extensive
experience and a
demonstrable track record in
ISO and Quality standards
and are well versed in
helping organisations attain
these distinctions. Just
Contact us! We can now offer
this experience to those who
wish to be audited to ISO
17799 (BS7799) as well as a
consultancy base well versed
in the application of
Information Systems to the
corporate environment. Get
in touch with us to find out
more about this standard. |
