What is security standards ISO 17799?

‘ISO/IEC 17799:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management.

What is the difference between ISO 17799 and ISO 27001?

ISO 17799 provides best practice recommendations for initiating, implementing, or maintaining information security management systems. … ISO 27001 is the first standard in a proposed series of information security standards which will be assigned numbers within the ISO 27000 series.

What do you mean by ISO 17799 BS 7799 model explain this?

What is ISO/IEC 17799? Its a standard on best practice for information security management. A risk based approach for defining policy & procedures & selection of appropriate controls to manage risk. NOT IT Security.

Is ISO 17799 still valid?

ISO 17799 is obsolete.

What are the ISO 17799 domains?

ISO/IEC 17799 comprises 10 security domains and seeks to address security compliance at all levels: managerial, orga- nizational, legal, operational, and techni- cal. It includes 36 control objectives, con- sisting of general statements of security goals for each of the 10 domains.

IMPORTANT:  Which of the following is an example of a physical security breach?

What is the purpose of the ISO IEC 17799 What are the ten sections of ISO IEC 17799?

The ISO/IEC 17799 details 127 security measures, organized into 10 sections; these specify best practices for: business continuity planning; system access control; system development and maintenance; physical and environmental security; compliance; personnel security; security organization; computer and operations …

What are the ISO 27001 standards?

ISO/IEC 27001:2013 (also known as ISO27001) is the international standard for information security. It sets out the specification for an information security management system (ISMS).

What are the 10 major sections of ISO 177799?


  • security policy;
  • organization of information security;
  • asset management;
  • human resources security;
  • physical and environmental security;
  • communications and operations management;
  • access control;
  • information systems acquisition, development and maintenance;

What is BS7799 security Standard explain in detail?

BS7799 is actually “a comprehensive set of controls comprising best practices in information security”2. It is an internationally recognized information security standard. The standard is intended to provide a common basis for developing organizational security standards and effective security management practices.

Which of the following is the original purpose of ISO IEC 17799 quizlet?

The original purpose of ISO/IEC 17799 was to give recommendations for information security management for use by those who are responsible for initiating, implementing, or maintaining security in their organization.

What’s the difference between ISO 27001 and ISO 27002?

The key difference between ISO 27001 and ISO 27002 is that ISO 27002 is designed to use as a reference for selecting security controls within the process of implementing an Information Security Management System (ISMS) based on ISO 27001. Organisations can achieve certification to ISO 27001 but not ISO 27002.

IMPORTANT:  Question: How do labor unions work to secure workers rights?

Why is ISO IEC 27002 important?

As a code of practice, ISO/IEC 27002 is essential in addressing information security controls and best practices based on risk assessment, which are the most important part of an information security management system (ISMS). … Organizations may need various controls to comply with the information security requirements.

What are the different types of security control?

There are three primary areas or classifications of security controls. These include management security, operational security, and physical security controls.