Well not quite today, but at the end of September it will be exactly 20 years since the original text of text of BS7799 (now ISO 27002) was published in the form of BSI document DISC PD0003. The history of how the standard was developed has never been accurately documented until now. Anthony Freed has just published the first of three postings covering the background on his Tripwire blog. It’s essential reading for any student of the history of information security. Don’t believe what you read on Wikipedia. It’s not all correct.