BS7799-2:2002 - ISMS - Information Security Management Systems

  • Thread starter Thread starter venkat - 2011
  • Start date Start date
V

venkat - 2011

According to BS7799:2 (2002) there needs to be a measurable security objectives similar to quality objectives.

I need reference or examples for these security objectives.

Is there any free tool to scan the outgoing mails before it is sent, This would be useful for C,I,A

References to websites would be appreciated
 
SQCpack - Communicate Quality Metrics
Elsmar Forum Sponsor
Any takers on this one?

I noticed the ASQ's website ended up 'misconfigured'. I think they called it a 'quality' issue but to me that's a security issue. If the forums were open, what ELSE was open?
 
Re: BS7799-2:2002 - Information Security Management Systems (ISMS)

The ISMS standard has been changed tp ISO 27001:2005

The CMMI is also going to change next year. Thus the standards keep changing and the organisations need to comply with the requirements of the standard. I am working on a model to integrate the different management systems. I would like to have inputs from readers on this point.

By doing this the responsibilities will be clearly defined and there will be no overlapping of job functions.

A model will be a good approach for integrating the management systems where the boundaries will be clearly drawn.
 
Hi All,

Can anyone tell me the differences between BS5779 and ISO 27001 please?

Thank you
 
S. Thompson said:
Hi All,

Can anyone tell me the differences between BS5779 and ISO 27001 please?
Click to expand...
I think you meant BS7799. I believe that the BS7799-2:2002 contains the same requirements of ISO 27001:2005, with slight revisions.

Similar to when we had BS5750 Part 1 equivalent as ISO 9001:1987. One is a National Standard while the other is an International document.

The new ISO series of 27000 standards
  • ISO/IEC 27000 Fundamentals and principles (incorporating some of ISO 13335 MICTS Part 1) (under development)
  • ISO/IEC 27001 ISMS requirements (revised BS 7799 Part 2:2005) - Published 15th Oct 2005
  • ISO/IEC 27002 as from April 2007 ISO/IEC 17799:2005 (published 15th June 2005 )
  • ISO/IEC 27003 ISMS implementation guidance (Incorporating some of ISO 13335 MICTS Part 1) (under development)
  • ISO/IEC 27004 Information security management metrics and measurements (under development)
  • ISO/IEC 27005 ISMS risk management (based on and incorporating ISO 13335 MICTS Part 2) (under development)
  • ISO/IEC 27006 [this allocation of number is only a proposal at this stage] Guidelines on ISMS accreditation of certification/registration bodies (revision of EA 7/03)
 
You must log in or register to reply here.

Similar threads

J
SOC 2 information security auditing
Replies
0
Views
2K
john.b
J
M
ISO to AS9100 nightmare
2 3 4
Replies
31
Views
2K
Randy
Randy
P
Device V&V - Are we doing a clinical investigation or "technical" tests?
Replies
2
Views
711
petesi
P
D
Audit Response Help Please. ISO9001
2 3 4
Replies
36
Views
10K
Randy
Randy
Richard Regalado
6.1 Actions to address risks and opportunities to the ISMS
Replies
0
Views
1K
Richard Regalado
Richard Regalado
Back
Top Bottom