Sr Diego Maira
Páginas: 191 (47681 palabras)
Publicado: 22 de octubre de 2012
ISO 17799 - Seguridad de la Información - ISO/IEC FDIS 17799:2005(E)
FINAL DRAFT
INTERNATIONAL STANDARD
ISO/IEC FDIS 17799
ISO/IEC JTC 1 Secretariat: ANSI Voting begins on: 2005-02-11 Voting terminates on: 2005-04-11
Information technology — Security techniques — Code of practice for information security management
Technologies de l'information — Techniques de sécurité — Code depratique pour la gestion de sécurité d'information
Please see the administrative notes on page iii
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT, WITH THEIR COMMENTS, NOTIFICATION OF ANY RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE AND TO PROVIDE SUPPORTING DOCUMENTATION. IN ADDITION TO THEIR EVALUATION AS BEING ACCEPTABLE FOR INDUSTRIAL, TECHNOLOGICAL, COMMERCIAL AND USER PURPOSES, DRAFTINTERNATIONAL STANDARDS MAY ON OCCASION HAVE TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL TO BECOME STANDARDS TO WHICH REFERENCE MAY BE MADE IN NATIONAL REGULATIONS.
Reference number ISO/IEC FDIS 17799:2005(E)
© ISO/IEC 2005
ISO/IEC FDIS 17799:2005(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may beprinted or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the softwareproducts used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.
Copyright notice
This ISOdocument is a Draft International Standard and is copyright-protected by ISO. Except as permitted under the applicable laws of the user's country, neither this ISO draft nor any extract from it may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, photocopying, recording or otherwise, without prior written permission being secured. Requests forpermission to reproduce should be addressed to either ISO at the address below or ISO's member body in the country of the requester. ISO copyright office Case postale 56 • CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyright@iso.org Web www.iso.org Reproduction may be subject to royalty payments or a licensing agreement. Violators may be prosecuted.
ii
© ISO/IEC 2005– All rights reserved
ISO/IEC FDIS 17799:2005(E)
In accordance with the provisions of Council Resolution 21/1986, this document is circulated in the English language only.
© ISO/IEC 2005 – All rights reserved
iii
ISO/IEC FDIS 17799:2005(E)
Contents
Page
FOREWORD................................................................................................................................................... VIII 0 INTRODUCTION ........................................................................................................................................ IX 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 WHAT IS INFORMATION SECURITY? .........................................................................................................IX WHY INFORMATION SECURITY ISNEEDED? ............................................................................................ IX HOW TO ESTABLISH SECURITY REQUIREMENTS ....................................................................................... X ASSESSING SECURITY RISKS .................................................................................................................... X SELECTING CONTROLS...
FINAL DRAFT
INTERNATIONAL STANDARD
ISO/IEC FDIS 17799
ISO/IEC JTC 1 Secretariat: ANSI Voting begins on: 2005-02-11 Voting terminates on: 2005-04-11
Information technology — Security techniques — Code of practice for information security management
Technologies de l'information — Techniques de sécurité — Code depratique pour la gestion de sécurité d'information
Please see the administrative notes on page iii
RECIPIENTS OF THIS DRAFT ARE INVITED TO SUBMIT, WITH THEIR COMMENTS, NOTIFICATION OF ANY RELEVANT PATENT RIGHTS OF WHICH THEY ARE AWARE AND TO PROVIDE SUPPORTING DOCUMENTATION. IN ADDITION TO THEIR EVALUATION AS BEING ACCEPTABLE FOR INDUSTRIAL, TECHNOLOGICAL, COMMERCIAL AND USER PURPOSES, DRAFTINTERNATIONAL STANDARDS MAY ON OCCASION HAVE TO BE CONSIDERED IN THE LIGHT OF THEIR POTENTIAL TO BECOME STANDARDS TO WHICH REFERENCE MAY BE MADE IN NATIONAL REGULATIONS.
Reference number ISO/IEC FDIS 17799:2005(E)
© ISO/IEC 2005
ISO/IEC FDIS 17799:2005(E)
PDF disclaimer
This PDF file may contain embedded typefaces. In accordance with Adobe's licensing policy, this file may beprinted or viewed but shall not be edited unless the typefaces which are embedded are licensed to and installed on the computer performing the editing. In downloading this file, parties accept therein the responsibility of not infringing Adobe's licensing policy. The ISO Central Secretariat accepts no liability in this area. Adobe is a trademark of Adobe Systems Incorporated. Details of the softwareproducts used to create this PDF file can be found in the General Info relative to the file; the PDF-creation parameters were optimized for printing. Every care has been taken to ensure that the file is suitable for use by ISO member bodies. In the unlikely event that a problem relating to it is found, please inform the Central Secretariat at the address given below.
Copyright notice
This ISOdocument is a Draft International Standard and is copyright-protected by ISO. Except as permitted under the applicable laws of the user's country, neither this ISO draft nor any extract from it may be reproduced, stored in a retrieval system or transmitted in any form or by any means, electronic, photocopying, recording or otherwise, without prior written permission being secured. Requests forpermission to reproduce should be addressed to either ISO at the address below or ISO's member body in the country of the requester. ISO copyright office Case postale 56 • CH-1211 Geneva 20 Tel. + 41 22 749 01 11 Fax + 41 22 749 09 47 E-mail copyright@iso.org Web www.iso.org Reproduction may be subject to royalty payments or a licensing agreement. Violators may be prosecuted.
ii
© ISO/IEC 2005– All rights reserved
ISO/IEC FDIS 17799:2005(E)
In accordance with the provisions of Council Resolution 21/1986, this document is circulated in the English language only.
© ISO/IEC 2005 – All rights reserved
iii
ISO/IEC FDIS 17799:2005(E)
Contents
Page
FOREWORD................................................................................................................................................... VIII 0 INTRODUCTION ........................................................................................................................................ IX 0.1 0.2 0.3 0.4 0.5 0.6 0.7 0.8 WHAT IS INFORMATION SECURITY? .........................................................................................................IX WHY INFORMATION SECURITY ISNEEDED? ............................................................................................ IX HOW TO ESTABLISH SECURITY REQUIREMENTS ....................................................................................... X ASSESSING SECURITY RISKS .................................................................................................................... X SELECTING CONTROLS...
Leer documento completo
Regístrate para leer el documento completo.