BS7799, ISO17799, ISO27000 Series
Refer to the post at 17799.com forum by Calvin, the following information about BS7799 and relevant standards is summarized “as is”:
- ISO27001 is to be the replacement for BS7799-2 by the end of year 2005
- ISO 17799:2005 will be renamed in year 2006 or 2007 as ISO/IEC 27002
A new standard for BS7799 series:
- BS 7799-3:2005 – information security management systems – guidelines for information security risk management” is a new British Standard due for release in December 2005
The new ISO27000 series will have five parts:
- ISO 27000 will formally define the specific technical vocabulary used in these standards;
- ISO 27001 will be the ISO version of BS 7799-2, the certification standard (due for full release in November 2005, already available as a final draft);
- ISO 27002 will be the renamed and updated version of ISO 17799:2005 (to be released in 2006 or 2007);
- ISO 27003 will contain guidance for those implementing the ISO 27000-series standards;
- ISO 27004 will be a new Information Security Management Metrics and Measurement standard to help measure the effectiveness of information security management system implementations (currently in draft);
- ISO 27005 will be the ISO version of BS 7799-3
2005版的总体变化可以简要总结为以下几点:
将上述英文内容翻译一下方便大家使用:
从最新的 ISO 标准系列编写来看,包括:词汇表、标准、实施指南、测评指南、认证等。
这应该是以后 ISO 标准系列的发展趋势,在一定程度上更能比较好的去贯彻和实施。
Thanks for zhaol providing the valuable information. You are Great!