ProperGander

Security for the masses

Standards

Standards set requirements for maintaining system and network security, data integrity, and confidentiality. Below are listed some of the more important internationally recognised standards.

ISO 27001

ISO27001 (ISO/IEC 27001:2005) is the international standard for an Information Security Management System (ISMS). Here in the UK it also has its original designation: BS7799-2.

ISO 17799

ISO 17799 is a code of practice. It details over 130 specific controls, categorized into around 36 control objectives, listed in 11 distinct chapters.

PCI/DSS

Payment Card Industry’s (PCI) Data Security Standard (DSS) PCI DSS outlines a set of security guidelines for firms of all sizes that handle credit card information.

ISO15408

Common Criteria ISO15408 is a framework in which computer system users can specify their security functional and assurance requirements