ISO 17799 for Information Security Management


Organizations of all sizes and from all sectors have a common problem – the inherent vulnerability of their information systems. If your information is not safe, your future is not secure.


No matter how well protected an organization may seem, sensitive data can be lost or leaked without you realizing it. Information security is not just an issue for computer experts. A single breach of security could severely reduce profits and damage your image and reputation.


All information in all departments, whether in computer systems, paper files, or employee minds, is at risk from very real threats. With the increase in reported information security breaches, the need has intensified for a structured approach to managing information security.


The ISO 17799 standard for information security management deals with the confidentiality, integrity, availability, and accountability of all kinds of sensitive information. The standard was developed to make sure organizations have the most appropriate controls and systems in place to manage the storage and exchange of information, whether it is in paper or electronic form.


The ISO 17799 Code of Practice for Information Security Management has chapters on:


  • Security Policy
  • Security Organization
  • Asset Classification and Control
  • Personnel Security
  • Physical and Environmental Security
  • Communications and Operations Management
  • Access Control
  • Systems Development and Maintenance
  • Business Continuity Management
  • Compliance

For more on information security management, attend an ISO 17799 Introduction class in San Francisco, CA on July 10-11, 2002 or Reston, VA on August 5-6, 2002.  An ISO 17799 Implementation class will be held at Reston, VA on July 15-19, 2002 and in San Francisco, CA on August 26-30, 2002. Call us at 800-404-7585 to enroll.