ISO 17799
The international standard ISO 17799 for IT security, adopted in 2000, evolved from the British Standard BS 7799. The standard, entitled"Code of Practice for Information Security Management," offers a selection of control mechanisms based on methods and procedures that have proven effective in IT security. The standard does not recommend specific security solutions; however, companies and organizations in all industries should follow and implement the guidelines listed in the standard.
The International Standards Organization (ISO) has introduced a formal recognition and certification process for compliance with ISO 17799, which has improved the overall quality of the standard. This standard, which comprises the first part of BS 7799, is accepted worldwide. In 2005, ISO 17799 was revised and the new version was published under the ISO 2700x series of standards as ISO 27002.
ISO 17799 is a collection of recommendations applied to IT security and business continuity management( BCM). These guidelines have proven themselves in practice can be used in all hierarchical levels of companies, institutions and organizations. Since the variety of security aspects is shaped by the system environment and the company organization, ISO 17799 is a flexible standard that allows for its own interpretations.