I recently came across ISO 17799:2005 and noted it is also related to Information Security I know ISO 27001 is what widely certified by companies. Could you please advise me the difference between both?
Answer: ISO 17799:2005 is the previous version of ISO 27002:2007. The standard was renumbered as ISO 27002 to align with the other information security standards, under the ISO/IEC 27000-series. Its current version was released in 2013.
Basically ISO 27002 (formerly ISO 17799) provides details and implementation guidelines regarding the controls described in ISO 27001 Annex A, which is helpful for organizations who decided to implement ISO 27001 practices. The main part of ISO 27001 defines the requirements for an Information Security Management System.