ISO 27000: ISO 17799 to ISO 27001 and Beyond

INFORMATION SECURITY MANAGEMENT STANDARDS - THE ISO 27000 SERIES

Information security has become a key component in the evolution of information technology itself. It has become an enabler, and of course, is a major aspect of corporate governance.

Underpinning this has been the movement towards common use of standards, particularly the ISO standards. These to have evolved, and continue to do so. Indeed, the coming years promise to see major changes in the structure of security standards, and the publication of a number of new documents.

This section of W3J explores these developments, and identifies the key standards, and support resources, in the field.

STATE OF PLAY

The first ISO 27000 series standard was published late in 2005. This was the specification for an ISMS, ISO 27001. The timetable for the others is not firm, but they should arrive gradually during the next couple of years. This page will be updated as and when developments occur.

W3J

W3J.Com is a specialist portal and archive for business and technical journals, documents, standards, templates and other information. It is one of the oldest still existing technical portals on the internet, and continues to evolve.

Papers?

Have you written any interesting information security related papers? Do you want W3J to publish them? If so, please feel free to submit them to us for consideration.