• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 308
  • Last Modified:

Are there any guidelines or help to setting up ISO policies in compliance with ISO 27001:2005?

Any help or Insight on complying with ISO 27001:2005 standard would be greatly appreciated. Does this standard specify any specific things we would need to implement? So far all I know is that the standard requires you to have policies in place but not sure if it sets them or just gives guidelines.
0
nsalabs
Asked:
nsalabs
1 Solution
 
btanExec ConsultantCommented:
Do kindly see my posting and it is better to align with 27001:2013 which is the most recent and all have to take reference instead of the older 2005. Extracted key pts below
- the toolkit http://www.iso27001security.com/html/iso27k_toolkit.html from the community which varied guidance document and checklist
- there is a pdf states the details going into the clauses, it has a nice table mapping of ISO/IEC 27001:2013 clauses to ISO/IEC 27001:2005.

http://www.experts-exchange.com/Security/Misc/Q_28388472.html

I also like to highlight 27001 as it is (in this good summary on the need to consider and do's pdf) is not only about compliance but include also
- establish a ready and updated understanding in your existing inventory of IT initiatives,
- ensure information availability and robustness in the control that are and should be in place
- follow consistent review cycle of ISMS implementation phases that is repeatable and governed with mgmt oversight.
0
 
nsalabsAuthor Commented:
Thank you for all the info, this will get us on the right track.
0

Featured Post

Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now