What do you think?
Rate this book
Information Security Based on ISO 27001/ISO 17799: A Management Guide
The ISO/IEC 17799:2000 Code of Practice was intended to provide a framework for international best practice in Information Security Management and systems interoperability. It also provided guidance on how to implement an ISMS that would be capable of certification, and to which an external auditor could refer. However, it did not provide the basis for an international certification scheme. Only BS 7799-2 and now ISO 27001 - can do that. ISO 17799 also provides substantial implementation guidance on how individual controls should be approached. Anyone implementing an ISO 27001 ISMS will need to acquire and study copies of both ISO 27001 and ISO 17799. ISO 27001 mandates the use of ISO 17799 as a source of guidance on controls, control selection and control implementation.
Paperback
First published June 21, 2006
Ratings & Reviews
Friends & Following
Create a free account to discover what your friends think of this book!
Community Reviews
No one has reviewed this book yet.