BS7799

The second generation of the BS7799 fast tracked into the ISO27001 covered the known security issues till 2002. These standards define some of the well documented control requirements which enable the users to achieve the quantifiable assessments and the over all improvements in the IS security. Compliance records of earlier versions of the standards indicate that information security has become serious matter then and much of the large corporate are taking steps for its effective security. The cost and the business value of any kind of Information in a business environment are just unimaginable. These are one of the most valuable assets which are easy targets for business rivals. These need security and that too of top grade. The requires the adoption of comprehensive security policies inside the organization for proper safeguarding of the information assets of the organization including the customer information base.

An ISMS is a systematic approach for management of sensitive business information so as to keep it safe and secure. This (I)nformation (S)ecurity (M)anagement (S)ystem or ISMS as it is commonly known, needs the active involvement of people, all processes in the organization and Information Technology. BS7799 delivered by the British Standards Institute and the ISO27001 from the International Standards Organization are a ser of recommendations to achieve effective management and control of information security. With the ever increasing international compliances for the security standards, and the continuous up-gradation revision to the standards both by the BSI and the ISO, the ISO has even named a whole family of IS standards namely ISO 27000.

Bothe the BS7799/ ISO27001 sets out the standard of the requirements for implementing an ISMS in an organization. The standards help in identifying, management and quantification of threats to which the business information is subjected to daily and recommends ways and means to fight with such threats and to keep the information safe and secure.