ISO 17799 (idea) by cordelia

ISO 17799, the Code of Practice for Information Security Management, was adopted by the International Organization for Standardization in December, 2000. It was derived almost entirely from the British Standard of the same name, BS 7799, which was adopted from the 1993 Code of Practice for Information Security.

Used originally in the UK, it has an accompanying certification scheme to help organization s meet the standard, which is organized in 10 control categories:

security policy
security organization
asset classification and control
personnel security
physical and environmental security
computer and network management
system access control
systems development and maintenance
business continuity planning
compliance

The purpose of ISO 17799 is to ensure compliance against the standard, in contrast to methodologies like the SAS 70, which mostly provides a reporting format.

E2 node tracker	Denied Persons List	How to re-IP a server without DNS lossage	ISO
defense in depth	Federal Reserve Note	legacy system	Police Radio Codes
Ya Hozna	Code of Federal Regulations	Disaster Recovery	Physical Security Policies at the NSA
Scientology