Abstract: . . .  guidance documents in the scheme Guide to BS7799 Risk Assessment and Risk Management (PD3002) describes the underlying concepts behind BS7799 risk assessment and risk management, including terminology & process of assessing and managing risks based on the ISO/ IEC Guidelines for the Management of IT Security (GMITS) Selecting BS7799 Controls (PD3005) describes the process of selecting appropriate controls Bug Me Email address: rossfraser@sextantsoftware.com Phone: (416) 960-5872  . . .
. . .  invested very heavily in training of certified auditors (potential major income generator) - consultants therefore act indirectly as sales agents Improved quality of the standard Y2K and other competing issues have been completed or scaled down ISO 17799: Current Status Recent UK survey by Gamma Secure Systems – of 673 organisations responding, 581 are pursuing BS 7799 certification. Survey results indicate immediate need. Scope will encompass confidentiality, integrity and availability. Only 270 . . .
. . .  iso 17799 1581 ISO 1779 A Minimum Standard for Maximum Security BCHIMPS Spring Education Session March 15, 2002 Ross Fraser Sextant Software Information Security Mgmt: Goals Context Threats, Vulnerabilities, Risks ISO 17799 Rationale History Current Use Structure of 17799 Steps . . .
. . .  integration yet with ISO 15408 “Common Criteria” ISO JT1 SC 27 is actively reviewing objections and revising 17799 ( revised edition expected shortly) Canadian experts on SC 27 are actively participating in review Limitations Additional/supplementary standards: Canadian Handbook on Information Technology Security developed by the Communications Security Establishment (CSE) ISO TR 13335 General Mgmt of IT Security (GMITS) ISO 15408 “Common Criteria” document for evaluating and rating security products . . .
. . .  scheme Guide to BS7799 Risk Assessment and Risk Management (PD3002) describes the underlying concepts behind BS7799 risk assessment and risk management, including terminology & process of assessing and managing risks based on the ISO/ IEC Guidelines for the Management of IT Security (GMITS) Selecting BS7799 Controls (PD3005) describes the process of selecting appropriate controls Bug Me Email address: rossfraser@sextantsoftware.com Phone: (416) 960-5872  . . .
. . .  iso 17799 1581 ISO 1779 A Minimum Standard for Maximum Security BCHIMPS Spring Education Session March 15, 2002 Ross Fraser Sextant Software Information Security Mgmt: Goals Context Threats, Vulnerabilities, Risks ISO 17799 Rationale History Current Use Structure of 17799 Steps to Implementation Limitations . . .
--3000,6,250,2954,15114