BS 7799-2:2002 - Information security management. Specification with guidance for use – BSI British Standards

Find Similar Items

This product falls into the following categories.

You may find similar items within these categories by selecting from the choices below:

BS 7799-2:2002

Information security management. Specification with guidance for use

Status : Superseded, Withdrawn   Published : September 2002 Replaced By : BS ISO/IEC 27001:2005/BS 7799-2:2005

WITHDRAWN TITLE
*To ask about withdrawn titles contact the BSI Knowledge Centre knowledgecentre@bsigroup.com,
+44 20 8996 7004


General

This standard specifies the requirements for establishing, implementing, operating, monitoring, reviewing, maintaining and improving a documented ISMS within the context of the organization’s overall business risks. It specifies requirements for the implementation of security controls customized to the needs of individual organizations or parts thereof (see Annex B which provides informative guidance on the use of this standard).

The ISMS is designed to ensure adequate and proportionate security controls that adequately protect information assets and give confidence to customers and other interested parties. This can be translated into maintaining and improving competitive edge, cash flow, profitability, legal compliance and commercial image.

Application

The requirements set out in this British Standard are generic and are intended to be applicable to all organizations, regardless of type, size and nature of business. Where any requirement(s) of this standard cannot be applied due to the nature of an organization and its business, the requirement can be considered for exclusion.

Where exclusions are made, claims of conformity to this standard are not acceptable unless such exclusions do not affect the organization’s ability, and/or responsibility, to provide information security that meets the security requirements determined by risk assessment and applicable regulatory requirements. Any exclusions of controls found to be necessary to satisfy the risk acceptance criteria need to be justified and evidence needs to be provided that the associated risks have been properly accepted by accountable people.

Excluding any of the requirements specified in Clauses 4, 5, 6 and 7 is not acceptable.




Standard NumberBS 7799-2:2002
TitleInformation security management. Specification with guidance for use
StatusSuperseded, Withdrawn
Publication Date05 September 2002
Withdrawn Date18 October 2005
Cross ReferencesBS 7799-2:1999, BS EN ISO 14001:1996, BS ISO/IEC TR 13335-3:1998, BS ISO/IEC TR 13335-4:2000, ISO/IEC Guide 62:1996, BS EN ISO 9001:2000, BS ISO/IEC 17799:2000, ISO Guide 73:2002
Replaced ByBS ISO/IEC 27001:2005/BS 7799-2:2005
ReplacesBS 7799-2:1999
Draft Superseded By01/682010 DC
DescriptorsData processing, Computers, Anti-burglar measures, Management, Data security, Data storage protection, Information systems, Documents, Records (documents), Classification systems, Computer technology, Computer networks, Technical documents, Maintenance, Information exchange
ICS35.020
35.030
CommitteeIST/33
ISBN0 580 40250 9
PublisherBSI
FormatA4
DeliveryNo
Pages38
File Size918.5 KB
Price£116.00


WITHDRAWN TITLE
*To ask about withdrawn titles contact the BSI Knowledge Centre knowledgecentre@bsigroup.com,
+44 20 8996 7004
 Your basket
Your basket is empty

Take the smart route to manage medical device compliance


BIM Level 2 is here.
We have developed a new website as an official point of reference for using BIM and associated data to increase productivity and reduce waste.


ISO 14004

Everything you need to create an Environmental Management System


Collaborate, Innovate, Accelerate.