BS7799-2確定會變成ISO 27001
Frank Hsu
27001,想了解的人,可以看一下以下內容
WHAT IS ISO 27001?
ISO 27001 is the replacement for BS7799. This in turn is the 'sister
publication' for ISO 17799. Whereas ISO 17799 is a 'code of practice',
describing individual controls for potential implementation, BS7799
outlines the requirements for an Information Security Management
System. In other words, it sets out a system for the management of
information security, within which the controls described within ISO
17799 may be selected.
BS7799 is in fact the part of the standard set against which
certification is granted. This mantle will be passed to ISO 27001 upon
final publication.
The new (draft) version has incorporated a number of significant
changes. It further 'harmonizes' the approach with other management
standards, such as ISO 9001, and builds further upon the PDCA model
(Plan-Do-Check-Act). However, the main driver in terms of timing seems
to have been the urgent need for re-alignment with the new version of
ISO 17799 (2005) as opposed to the old version (2000).