ISO/IEC 17799:2005

Information technology — Security techniques — Code of practice for information security management

Publication date:   Jun 10, 2005

95.99 Withdrawal of Standard   Jun 3, 2010

General information

95.99 Withdrawal of Standard   Jun 3, 2010

ISO/IEC

ISO/IEC JTC 1/SC 27 Information security, cybersecurity and privacy protection

International Standard

35.030   IT Security

Buying

  Withdrawn

PDF - €76.23

  English  



Buy

Scope

ISO/IEC 17799:2005 establishes guidelines and general principles for initiating, implementing, maintaining, and improving information security management in an organization. The objectives outlined provide general guidance on the commonly accepted goals of information security management. ISO/IEC 17799:2005 contains best practices of control objectives and controls in the following areas of information security management:
security policy;organization of information security;asset management;human resources security;physical and environmental security;communications and operations management;access control;information systems acquisition, development and maintenance;information security incident management;business continuity management;compliance.
The control objectives and controls in ISO/IEC 17799:2005 are intended to be implemented to meet the requirements identified by a risk assessment. ISO/IEC 17799:2005 is intended as a common basis and practical guideline for developing organizational security standards and effective security management practices, and to help build confidence in inter-organizational activities.

Life cycle

PREVIOUSLY

WITHDRAWN
ISO/IEC 17799:2000

NOW

WITHDRAWN
ISO/IEC 17799:2005
95.99 Withdrawal of Standard
Jun 3, 2010

CORRIGENDA / AMENDMENTS

WITHDRAWN
ISO/IEC 17799:2005/Cor 1:2007

REVISED BY

WITHDRAWN
ISO/IEC 27002:2005