PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
March 2002

ISO 17799 implementation: Do your homework first

There was hardly a consensus when the International Organization for Standardization (ISO) adopted ISO 17799, the "Code of Practices for Information Technology Management," in August 2000. A carbon copy of the first half of the much-maligned BS 7799, the document drew sharp criticism from major IT nations, which charged it didn't meet the criteria of an international standard. "There wasn't even an opportunity to compare it to all the other work, even done within ISO that has been done on security" says Gene Troy, a U.S. representative to the ISO technical committee. Even as the ISO undertakes a major review of the standard, ISO 17799 -- and its British Standards Institute's (BSI) cousin -- are rapidly becoming the canon for information security management. According to Giga Information Group, increasing regulatory and marketplace pressures are prompting many organizations to adopt standards to validate their security programs and demonstrate an ongoing commitment to security. "Right now, a lot of organizations don't have an ...

Access this PRO+ Content for Free!

Features in this issue

Columns in this issue