What is ISO27001/BS7799 & ISO17799?

The British Standard 7799 (BS7799-2:2002) has been updated and was released as ISO/IEC 27001:2005 on October 14th 2005. ISO/IEC17799 will be renamed ISO/IEC27002 in 2007

The ISO/IEC27001 (BS7799) has been prepared for business managers and their staff to provide a model for setting up and managing an effective Information Security Management System (ISMS). BS/ISO/IEC17799:2000 & 2005 is the IT Code of practice for information security management.

BS7799-2:2002 or ISO27001 is the ISMS - Specification with guidance of use and is aligned with BS/EN/ISO 9001:2000 and BS/EN/ISO14001:1996 in order to support consistent and integrated implementation and operation with related management standards.

Information Security Management System Implementation

Bellua Asia Pacific’s IRCA certificated ISO27001/BS7799 auditors and consultants can assist you in implementing a Information Security Management System in compliance with the requirements of ISO27001:2005, ISO17799:2005, Cobit & Sarbanes-Oxley.

The fundamental approach to establish ISMS a will mirror the methodology described in ISO27001: Plan, Do, Check and Act.

The PDCA cycle describe the process of managing security from all aspects, including the implementation of a continual improvement process that will enable your organisation to grow its ISMS maturity in line with future development in technology and business process.

By adopting such an approach, your business will be in an advantageous position to ensure that the implementation of its ISMS conform to the BS7799 and ISO27001 standard.

Benefits

Promotes the adoption of a process approach for establishing, implementing, operating, monitoring, maintaining and improving the effectiveness of an organisation’s ISMS.

Continually improve security through the use of the information security policy, security objectives, audit results, analysis of monitored events, corrective and preventive actions and management review.