British Standards Institute updates BS7799 security


British Standards Institute updates BS7799 security

Cliff Saran
The British Standards Institute (BSi) has updated the BS7799 security standard in a move to encourage businesses to establish processes for managing IT security.

Speaking at the launch of the new standard, e-commerce minister Stephen Timms said: "Information security management will more readily be mainstreamed as a business issue rather than being marginalised as a technical issue. It will help senior management take an active interest in how their online businesses are secured."

The new version of the standard promises to make it easier for businesses to acquire BS7799 certification. It is also designed to integrate more closely with other business management standards, such as the ISO 9001 quality standard.

BS 7799: Part 2 adds a "plan-do-check-act" process to the original BS7799 standard. The BSi said this provides businesses with a management system approach to developing, implementing and improving the effectiveness of an organisation's information security management system:

The standard supports the following process:
  • Plan - business risk analysis
  • Do - internal controls to manage the applicable risks
  • Check - a management review to verify effectiveness
  • Act - action as necessary

According to the BSi the revised standard has improved the definition and clarification of the links between the risk assessment process, the selection of controls, and the contents of the Statement of Applicability. It also includes guidance on how to use the new edition.

Related article:
E-commerce minister calls for business to take responsibility for Net security >>

Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy