Using BS7799

When you want to implement and adopt the use of BS7799 usually the first step involves getting hold of a copy of the standard. The BS7799 standard can be purchased either as stand alone, or as a part of a compilation which usually includes the ISO17799 and the ISO27001. The compilation provides all the components required for the implementation of the BS7799 in your organizations. It contains the full route map of the BS7799, a presentation on BS7799 and other technical material on the accompanying ISO standards. Organizations having their business based on information systems need to implement the BS7799 standards to mitigate the security risks involved in information systems management of your company. It is a huge and substantial task for any IS manager to achieve compliance of the BS7799. The assessment of the compliance levels in any Information Systems and then taking necessary steps to make them BS7799 compliant can be a herculean task. To make the life easier for the IS manager, a correct approach to the BS7799 and proper methodology is required which will make the task of compliance a much easier task. BS7799-3:2005 has been published in 2005 end. This being the third generation BS7799 it has been aptly named as BS7799-3:2005 indicating its third version and the year of release. The standard aims at providing a guidance framework and support to the earlier BS7799-2 and ISO27001 and should be used by all organizations whether it is small, medium or large. BS 7799 is organized into 10 sections: Policy on Security; Organization of Resources and Assets; Control and Classifications of Asset; Security relating to Personnel; Environmental and Physical Security; Operations and Communications Management; Control of Access; Development and Maintenance of Systems; Management of Business Continuity; and Compliance. Any organization which has implemented BS7799 for its ISMS, it can get itself registered with the British Standards Institute, which shows all the concerned stakeholders that the organizations ISMS are fully complaint to the BS7799.

About the Author

Anne Murphy also writes for Tech-FAQ on topics such as What are POS Systems and What is Service Management .