ISO 27001 has become the most
popular voluntarily adopted information security standard worldwide against
which companies/institutions can get certified, which means that an independent
certification body can confirm that the company/institution/organization has
implemented information security compliant with ISO/IEC 27001.
There is an interesting history to the development of this standard. A detailed
history can be seen at the following link : http://pc-history.org/17799.htm
The first ever security
standard was published by Department of Trade and Industry (DTI), UK as
"Code of Practice for Information Security Management". The project
was taken over by British Standards Institute (BSI) in 1995 and it was revised
and published as BS7799.
BSI also released a second part to BS 7799 which formed the implementation part
of an ISMS.
Later ISO considering that this should be made as an international standard,
revised and released ISO 17799 (or more formally, ISO/IEC 17799) based on BS
7799. The ISO/IEC 17799 was again revised in November 2005 and was published as
ISO 27001:2005.
ISO 27001:2005 became the most popular standard for demonstrating information
security management system.
No comments:
New comments are not allowed.