Name: I.S. ISO/IEC 17799:2001 - INFORMATION TECHNOLOGY - CODE OF PRACTICE FOR INFORMATION SECURITY MANAGEMENT
Brand: National Standards Authority of Ireland

Preview

INFORMATION TECHNOLOGY - CODE OF PRACTICE FOR INFORMATION SECURITY MANAGEMENT

Available format(s)

Hardcopy , PDF

Language(s)

English

Published date

05-24-2001

Publisher

National Standards Authority of Ireland

Withdrawn date

05-21-2009

Add to Watchlist

Preview

US$138.61

Excluding Tax where applicable

FOREWORD
INTRODUCTION
- WHAT IS INFORMATION SECURITY?
- WHY INFORMATION SECURITY IS NEEDED
- HOW TO ESTABLISH SECURITY REQUIREMENTS
- ASSESSING SECURITY RISKS
- SELECTING CONTROLS
- INFORMATION SECURITY STARTING POINT
- CRITICAL SUCCESS FACTORS
- DEVELOPING YOUR OWN GUIDELINES
1 SCOPE
2 TERMS AND DEFINITIONS
3 SECURITY POLICY
   3.1 INFORMATION SECURITY POLICY
4 ORGANIZATIONAL SECURITY
   4.1 INFORMATION
   4.2 SECURITY OF THIRD PARTY ACCESS
   4.3 OUTSOURCING
5 ASSET CLASSIFICATION AND CONTROL
   5.1 ACCOUNTABILITY FOR ASSETS
   5.2 INFORMATION CLASSIFICATION
6 PERSONNEL SECURITY
   6.1 SECURITY IN JOB DESCRIPTION AND RESOURCING
   6.2 USER TRAINING
   6.3 RESPONDING TO SECURITY INCIDENTS AND
        MALFUNCTIONS
7 PHYSICAL AND ENVIRONMENTAL SECURITY
   7.1 SECURE AREAS
   7.2 EQUIPMENT SECURITY
   7.3 GENERAL CONTROLS
8 COMMUNICATIONS AND OPERATIONS MANAGEMENT
   8.1 OPERATIONAL PROCEDURES AND RESPONSIBILITIES
   8.2 SYSTEM PLANNING AND ACCEPTANCE
   8.3 PROTECTION AGAINST MALICIOUS SOFTWARE
   8.4 HOUSEKEEPING
   8.5 NETWORK MANAGEMENT
   8.6 MEDIA HANDLING AND SECURITY
   8.7 EXCHANGES OF INFORMATION AND SOFTWARE
9 ACCESS CONTROL
   9.1 BUSINESS REQUIREMENT FOR ACCESS CONTROL
   9.2 USER ACCESS MANAGEMENT
   9.3 USER RESPONSIBILITIES
   9.4 NETWORK ACCESS CONTROL
   9.5 OPERATING SYSTEM ACCESS CONTROL
   9.6 APPLICATION ACCESS CONTROL
   9.7 MONITORING SYSTEM ACCESS AND USE
   9.8 MOBILE COMPUTING AND TELEWORKING
10 SYSTEMS DEVELOPMENT AND MAINTENANCE
   10.1 SECURITY REQUIREMENTS OF SYSTEMS
   10.2 SECURITY IN APPLICATION SYSTEMS
   10.3 CRYPTOGRAPHIC CONTROLS
   10.4 SECURITY OF SYSTEM FILES
   10.5 SECURITY IN DEVELOPMENT AND SUPPORT PROCESSES
11 BUSINESS CONTINUITY MANAGEMENT
   11.1 ASPECTS OF BUSINESS CONTINUITY MANAGEMENT
12 COMPLIANCE
   12.1 COMPLIANCE WITH LEGAL REQUIREMENTS
   12.2 REVIEWS OF SECURITY POLICY AND TECHNICAL
        COMPLIANCE
   12.3 SYSTEM AUDIT CONSIDERATIONS

Provides recommendations for information security management for use by those who are responsible for initiating, implementing or maintaining security in their organization.

DevelopmentNote	Supersedes I.S. 17799-1 (01/2003)
DocumentType	Standard
Pages	88
PublisherName	National Standards Authority of Ireland
Status	Withdrawn
Supersedes	I.S. 17799-1:2000

Standards	Relationship
ISO/IEC 17799:2005	Identical

I.S. 17799-2:2002

INFORMATION SECURITY MANAGEMENT - PART 2: SPECIFICATION FOR INFORMATION SECURITY MANAGEMENT SYSTEMS

Summarise

ChatGPT Perplexity

US$138.61

Excluding Tax where applicable

Product format

I agree to the DRM document license rules apply against the PDF selection made.

Please confirm that you agree to the document license rules for this document.

I agree to the document license rules .

Please confirm that you agree to the document license rules for this document.

Shopping Cart

I.S. ISO/IEC 17799:2001

INFORMATION TECHNOLOGY - CODE OF PRACTICE FOR INFORMATION SECURITY MANAGEMENT

Table of Contents

Abstract

General Product Information

International Equivalents

Standards Referenced By This Book

Industry

Sub-Industry