For most organizations that have already adopted the ISO/IEC 17799:2000 standard, the updated ISO 17799:2005 will impact them in several major areas. While there were many changes in naming and organization, the 2005 standard did introduce several new technical areas, including electronic commerce and vulnerability management. Organizations should do a gap-analysis between their current policies and these new controls within the areas that have been updated. The newer, detailed implementation guidance of the 2005 standard should help this process. For organizations that find policy gaps in their coverage of the standard, Information Security Policies Made Easy, Version 10, contains a complete set of over 1300 pre-written information security policies that cover all topic areas of the new 2005 standard.
Did you find this white paper useful?
Related white papers
Eroding Spam Filter Effectiveness: Bad for Business
As spammers and scammers continually introduce new and more sophisticated distribution techniques, organizations continue to see tremendous increases in spam and other email-borne threats--and the attacks are getting increasingly difficult...
Accelerating Secure Business Applications Podcast
Download this Riverbed Connect podcast and listen as Bob Gilbert discusses with Mark Day, Riverbed's Chief Scientist, the details involving SSL encryption, SSL's impact on WAN optimization, and new wide-area...
Outbound Email and Data Loss Prevention in Today's Enterprise, 2008
How concerned are companies about the content of email leaving their organizations? And how do companies manage the legal and financial risks associated with outbound email? To find out, Proofpoint...
Extended Description Techniques for Security Engineering
There is a strong demand for techniques to aid development and modelling of security critical systems. Based on general security evaluation criteria, we show how to extend the system structure...
A Calculus for Cryptographic Protocols
We introduce the spi calculus, an extension of the pi calculus designed for describing and analyzing cryptographic protocols. We show how to use the spi calculus, particularly for studying authentication...
Trust Web Services and XML Security Standards
Web services are self-contained, modular applications that can be described, published, located, and invoked over the Internet. Web services perform well-defined functions both for applications and other Web services, which...
Critics Blast FCC Wiretap Specs
Sweeping standards announced by the Federal Communications Commission would make all common carriers, including cable operators and utilities offering telecommunications services, subject to a controversial 1994 digital wiretap law. Critics...
