  BS 7799-2 Brochure (490 KB)
|
|
|
|
|
OSQS-India is BS 7799-2 Certified by KPMG.
What is BS 7799-2? BS 7799-2 is a standard that establishes the requirements for an Information Security Management System (ISMS).
It helps identify, manage and minimize the range of threats to which information is regularly subjected.
BS7799-2 was first published by the British Standards Institution in 1999. A new version, 'harmonized' with other standards, such as ISO 9000, was published in September 2002. This latter version also introduced the PDCA model (plan-do-check-act) as part of the management system approach.
BS 7799 is organized into 10 sections:
- Security policy - This provides management direction and support for information security
- Organization of assets and resources - To help you manage information security within the organization
- Asset classification and control - To help you identify your assets and appropriately protect them
- Personnel security - To reduce the risks of human error, theft, fraud or misuse of facilities
- Physical and environmental security - To prevent unauthorized access, damage and interference to business premises and information
- Communications and operations management - To ensure the correct and secure operation of information processing facilities
- Access control - To control access to information
- Systems development and maintenance - To ensure that security is built into information systems
- Business continuity management - To counteract interruptions to business activities and to protect critical business processes from the effects of major failures or disasters
- Compliance - To avoid breaches of any criminal and civil law, statutory, regulatory or contractual obligations, and any security requirement
|
|
Home