Guest user Created: May 08, 2017 Last commented: May 08, 2017

Standards ISO 17799 and ISO 27001

I recently came across ISO 17799:2005 and noted it is also related to Information Security I know ISO 27001 is what widely certified by companies. Could you please advise me the difference between both?

0 0

Assign topic to the user

Select user

Expert

Rhand Leal May 08, 2017

Answer: ISO 17799:2005 is the previous version of ISO 27002:2007. The standard was renumbered as ISO 27002 to align with the other information security standards, under the ISO/IEC 27000-series. Its current version was released in 2013.

Basically ISO 27002 (formerly ISO 17799) provides details and implementation guidelines regarding the controls described in ISO 27001 Annex A, which is helpful for organizations who decided to implement ISO 27001 practices. The main part of ISO 27001 defines the requirements for an Information Security Management System.

This article will provide you further explanation about information security standards:
- Information security & business continuity standards https://advisera.com/27001academy/knowledgebase/information-security-business-continuity-standards/
- ISO 27001 vs. ISO 27002 https://advisera.com/ 7001academy/knowledgebase/iso-27001-vs-iso-27002/

These materials will also help you regarding Information security controls:
- ISO 27001 Annex A Controls in Plain English https://advisera.com/books/iso-27001-annex-controls-plain-english/

Quote

0 1

Comment as guest or Sign in

HTML tags are not allowed

Name *

Email *

I accept the Privacy and Terms

Notify me when someone replies

May 08, 2017

Expert Advice Community