3 Jun, 2013
The internationally acclaimed standard for information security management ISO 27001:2005 Information Security Management Standard is currently being revised. An initial draft international standard (DIS) was released to the national standards bodies in January and put out for public consultation in order to keep it relevant to the issues and challenges which companies face today along with accompanying ISO 27002, ‘Code of practice for information security management’*.
The intention of the update is to standardize terminology and requirements for fundamental Management System Requirements.
The new standard puts greater emphasis on setting the objectives, monitoring performance and metrics. A noticeable difference is that Preventative action has been replaced with “actions to address, risks and opportunities” and features earlier in the standard.
A bit of history for you……….
The ISO 27001 started life in 1992, when The Department of Trade and Industry (DTI), which is part of the UK Government, publish a ‘Code of Practice for Information Security Management’, then in 1995 the document was amended and re-published by the British Standards Institute (BSI) in 1995 as BS7799. In 1999 the first major revision of BS7799 was published, and then in December 2000, the standard was re-published, however this time fast tracked to an ISO standard – It becomes ISO 17799. In 2002 a second part to the standard is published: BS7799-2. Finally, in 2005 ISO 27001 is published, replacing BS7799-2, which is withdrawn.*
For any clients that have this standard in place, a transition period will be set, in which we will be in touch with the new guidelines. To which we will hold your hand throughout the whole process to make sure you are comfortable with the new guidelines.
The revised standard is expected to be published towards the end of 2013 and we will keep you updated on progress.
*(Source BSI – http://ow.ly/lEr1f) & (http://ow.ly/lEFlh)
ISO Quality Services Ltd are proud to specialise in the implementation and certification of the Internationally recognised ISO and BS EN Management Standards.
Alternatively, you can request a quote by filling out our enquiry form and a member of our team will be in touch shortly.