Definition

ISO/IEC 17799: Code of Practice for Information Security Management

ISO/IEC 17799: Code of Practice for Information Security Management is a generic set of best practices for the security of information systems. Considered the foremost security specification document in the world, the code of practice includes guidelines for all organizations, no matter what their size or purpose. 17799 was originally published in the United Kingdom as DT Code of Practice, and then later as BS 7799.

The ISO/IEC 17799 details 127 security measures, organized into 10 sections; these specify best practices for: business continuity planning; system access control; system development and maintenance; physical and environmental security; compliance; personnel security; security organization; computer and operations management; asset classification and control; and security policies. The purpose of the code of practice is to be as comprehensive as possible, covering practices that are applicable to a broad range of endeavors. The document suggests that particular organizations can benefit from selecting those specifications that apply to them.

The document is currently being revised to provide sufficient detail to enable the development of a security management system.

This was last updated in October 2008
Posted by: Margaret Rouse

Email Alerts

Register now to receive SearchSoftwareQuality.com-related news, tips and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

More News and Tutorials

Do you have something to add to this definition? Let us know.

Send your comments to techterms@whatis.com

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: