BS7799

BS7799 or the BS 7799 is standard for Information Security Management issued by the British Standards Institute and was first introduced in 1995. The BS7799 is the most confusing of all standards issued by the British Standards Institute. The standard has been upgraded time and again, sometimes even overridden by various standards issued by the International Standards Organization (ISO).

The standard first emerged as an enhanced and repackaged version of an earlier DTI code which related to practice of security in the year 1995 and was named as BS7799 as it was issued by the British Standards Institute. The standard was first revised and upgraded in the year 1999. The dot com boom in the 2000 saw the standard being morphed into the ISO 17799. But the British Standards Institute did not allow the BS7799 to die a natural death. The standard was then again upgraded and re-morphed itself into BS7799 – 2 in the year 2002. This time its main focus was security management of information systems. The ISO in its quest to be the leader of standards fast-tracked this standard and emerged as ISO27001 in month of October 2005.

 The British Standards Institute, not to be left behind in the race of standards, revised the BS7799 once again and it donned the new avatar of BS7799-3:2005 and provided guidelines for risk management of information security. The standard aims at providing support to meet the requirements of the ISO27001 in respect of all issue arising out of the risk management of Information systems security.

Question may be asked as to where all this rate of standards in the attempt to outdo the other lead s to. The answer is quite simple. Like the earlier version of BS7799 which were fast tracked by the ISO standards this new standard will also become a part of the family of the ISO standards. The ISO has already designated the number 27005 for a new standard which would fast track the BS7799 -3:2005, but may take some time.