Home | | Information Security | Standard and Practice - Security Models

Chapter: Information Security : Logical Design

Standard and Practice - Security Models

ISO 17799/BS 7799, Drawbacks of ISO 17799/BS 7799, Objectives of ISO 17799, Ten Sections of ISO/IEC 17799



ü           ISO 17799/BS 7799


   One of the most widely referenced and often discussed security models is the Information Technology – Code of Practice for Information Security Management, which was originally published as British Standard BS 7799


   In 2000, this Code of Practice was adopted as an international standard framework for information security by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC) as ISO/IEC 17799.

ü           Drawbacks of ISO 17799/BS 7799


   Several countries have not adopted 17799 claiming there are fundamental problems:


The global information security community has not defined any justification for a code of practice as identified in the ISO/IEC 17799


–   17799 lacks “the necessary measurement precision of a technical standard”


There is no reason to believe that 17799 is more useful than any other approach currently available


–   17799 is not as complete as other frameworks available


17799 is perceived to have been hurriedly prepared given the tremendous impact its adoption could have on industry information security controls

ü           Objectives of ISO 17799


   Organizational Security Policy is needed to provide management direction and support.

ü           Ten Sections of ISO/IEC 17799


ü     Organizational Security Policy


ü     Organizational Security Infrastructure


ü     Asset Classification and Control


ü     Personnel Security


ü     Physical and Environmental Security


ü     Communications and Operations Management


            System Access Control


            System Development and Maintenance


            Business Continuity Planning




   Alternate Security Models available other than ISO 17799/BS 7799

Study Material, Lecturing Notes, Assignment, Reference, Wiki description explanation, brief detail
Information Security : Logical Design : Standard and Practice - Security Models |

Privacy Policy, Terms and Conditions, DMCA Policy and Compliant

Copyright © 2018-2024 BrainKart.com; All Rights Reserved. Developed by Therithal info, Chennai.