The ISO/IEC 17799:2000 Code of Practice was intended to provide a framework for international best practice in Information Security Management and systems interoperability. It also provided guidance on how to implement an ISMS that would be capable of certification, and to which an external auditor could refer.However, it did not provide the basis for an international certification scheme. Only BS 7799-2 and now ISO 27001 - can do that. ISO 17799 also provides substantial implementation guidance on how individual controls should be approached. Anyone implementing an ISO 27001 ISMS will need to acquire and study copies of both ISO 27001 and ISO 17799. ISO 27001 mandates the use of ISO 17799 as a source of guidance on controls, control selection and control implementation.
Tags: download, alan calder, ebook, pdf, information security based on iso 27001/iso 1779
Download from mirrors