Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Are there any guidelines or help to setting up ISO policies in compliance with ISO 27001:2005?

Posted on 2015-02-12
2
244 Views
Last Modified: 2015-02-13
Any help or Insight on complying with ISO 27001:2005 standard would be greatly appreciated. Does this standard specify any specific things we would need to implement? So far all I know is that the standard requires you to have policies in place but not sure if it sets them or just gives guidelines.
0
Comment
Question by:nsalabs
2 Comments
 
LVL 63

Accepted Solution

by:
btan earned 500 total points
ID: 40607434
Do kindly see my posting and it is better to align with 27001:2013 which is the most recent and all have to take reference instead of the older 2005. Extracted key pts below
- the toolkit http://www.iso27001security.com/html/iso27k_toolkit.html from the community which varied guidance document and checklist
- there is a pdf states the details going into the clauses, it has a nice table mapping of ISO/IEC 27001:2013 clauses to ISO/IEC 27001:2005.

http://www.experts-exchange.com/Security/Misc/Q_28388472.html

I also like to highlight 27001 as it is (in this good summary on the need to consider and do's pdf) is not only about compliance but include also
- establish a ready and updated understanding in your existing inventory of IT initiatives,
- ensure information availability and robustness in the control that are and should be in place
- follow consistent review cycle of ISMS implementation phases that is repeatable and governed with mgmt oversight.
0
 

Author Closing Comment

by:nsalabs
ID: 40608318
Thank you for all the info, this will get us on the right track.
0

Featured Post

Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

The next five years are sure to bring developments that are just astonishing, and we will continue to try to find the balance between connectivity and security. Here are five major technological developments from the last five years and some predict…
The related questions "How do I recover the passwords for my Q-See DVR" and "How can I reset my Q-See DVR to eliminate a password" are seen several times a week.  Here we discuss the grim reality of the situation.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

790 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question