U.K. launches new standard to bring information security for business

Published 14 December 2005

Businesses are more aware than ever of the need to incorporate security measures into their internal practices and relations with other businesses, and the new U.K. standard will help

A new international standard aiming to provide an international framework and improve the security of information systems has been launched during the fourth international 7799 Goes Global Conference in London. Based on the original British Standard BS 7799 (part 2), ISO27001 will help business suppliers and customers have greater confidence in each other, knowing that their IT management systems are more secure. ISO 27001 will make it easier for companies to incorporate information security into their overall management system and companies that are already ISO 9001 compliant on quality management should be more able to adopt this standard.

The conference showed that the United Kingdom is making significant progress in developing and applying the tools needed to make business use of the internet more secure. A major element in this work is the DTI’s biennial Information Security Breaches Surveys, run in partnership with industry. The next Survey will be launched in April 2006. The 2004 Survey found that businesses that adopted the “7799 standards” said they had brought real business benefits.

Note that Part 1 of the British Standard became an international standard in 2000 (ISO 17799). The new standard is based on the original British Standard BS 7799 Part 2. Further information on ISO 27001 (and ISO 17799) may be found on the International Standards Organization Web site; or the 17799/27001 International User Group Web site (which also maintains the register of accredited certificates against BS 7799 Part 2/ISO 27001).

-read more in this report