ISO 17799 Security Policy Solutions

Information Shield publications are an excellent investment for organizations adopting the ISO/IEC 17799:2005 (ISO 27002) standard as a security framework. Organizations seeking certification with BS 7799 or the new ISO/IEC 27001 can use our library of pre-written information security policies and job descriptions to save time and money before and after certification.

Complete Policy Coverage for ISO/IEC 17799:2005

  Download ISO 17799 Policy Map
  Request a Sample Policy
  Learn more about ISPME
  Policies and ISO 27001 Whitepaper
  Order Now

Information Security Policies Made Easy provides a complete set of over 1300 information security policies and standards developed and organized around the ISO 17799 framework. Our ISO 17799:2005 policy map outlines how ISPME security topics map to the ISO 17799:2005 control domains. ISPME includes:

• Complete policy coverage for each ISO 17799:2005 security domain and all 39 sub-clauses.
• Detailed implementation advice to create an effective security environment.
• Policies targeted at different organizational roles (management, technical, end-user).
• Policies organized for different risk environments, allowing easy customization based on organization risk assessments.

Define and Document Roles and Responsibilities

According to ISO 17799:2005 section 6.6.1, information security roles and responsibilities must be defined and documented. Information Security Roles and Responsibilities Made Easy provides expert guidance and pre-written templates that can save your organization hundreds of hours of effort in developing your information security security organization. Information Security Roles and Responsibilities Made Easy contains:

• 40 pre-written job descriptions with detailed information security requirements for each job function.
• Pre-written organization charts that map security roles and reporting relationships.
• Security related mission statements for 20 different departments.
• Detailed implementation advice to create an effective security environment.
• Advice on proper staffing and budgeting for security roles.
• Standard practices that have been shown to be effective at over 125 organizations around the world .

Security Policies and ISO 17799 Framework

According to the ISO 17799:2005 standard, controls considered to be common practice for information security include:

1. information security policy document;
2. allocation of information security responsibilities;
3. information security awareness, education, and training;

To build an information security program according to ISO 17799, organizations must create, publish and maintain an information security policy for their security management system. Information Shield publications can save your organization thousands of dollars and hundreds of man-hours in developing proper information security policies and the organizational infrastructure that supports them.

For more information on using Information Shield solutions for your ISO 17799 compliance efforts, please contact us. You can also download our ISO 17799:2005 policy map to see how our policy library provides coverage for the various ISO 17799 domains and subtopics.