I
Fresh in This Morning:
The new BSI security standard, numbered BS7799-3, has been released today. This is officially titled "Guidelines for Information Security Risk Management", and is designed to support the general security management standard, ISO 27001, which was first published in Oct 2005.
Whilst 27001 embraces all aspects of an IS management system, BS 7799-3 focuses specifically upon risk assessment, including:
- the assessment of risks
- implementation of controls to address these
- monitoring of the risks assessed
- maintenance of the risk/control system.
The standard document is organized as follows:
1. Scope
2. Normtive references
3. Terms
4. IS risks in the organisations context
5. Risk assessment
6. Risk treatment and decision making
7. On going risk management
The standard itself is available for the main BSI store, Standards Direct:
http://17799.standardsdirect.org/bs7799.htm
Or as part of a special edition of the ISO17799 Toolkit:
http://www.27005.net
For further information on BS7799-3, the following general reference sites may assist:
Introducing BS7799-3
BS7799 Explained
Based on a news bulletin from the ISO 17799 Newsletter
The new BSI security standard, numbered BS7799-3, has been released today. This is officially titled "Guidelines for Information Security Risk Management", and is designed to support the general security management standard, ISO 27001, which was first published in Oct 2005.
Whilst 27001 embraces all aspects of an IS management system, BS 7799-3 focuses specifically upon risk assessment, including:
- the assessment of risks
- implementation of controls to address these
- monitoring of the risks assessed
- maintenance of the risk/control system.
The standard document is organized as follows:
1. Scope
2. Normtive references
3. Terms
4. IS risks in the organisations context
5. Risk assessment
6. Risk treatment and decision making
7. On going risk management
The standard itself is available for the main BSI store, Standards Direct:
http://17799.standardsdirect.org/bs7799.htm
Or as part of a special edition of the ISO17799 Toolkit:
http://www.27005.net
For further information on BS7799-3, the following general reference sites may assist:
Introducing BS7799-3
BS7799 Explained
Based on a news bulletin from the ISO 17799 Newsletter