BS 7799-3:2017 PDF

Scope: What is this standard about? It’s about risk management in relation to information security. It covers all the necessary processes to manage information security risks. Who is this standard for? Every organization with information will benefit from using this standard, regardless of size or sector. In terms of role, it will be used by: GRC managers Security managers Operational managers Auditors Anyone responsible for implementing the requirements of the General Data Protection Regulation in their organization Why should you use this standard? It plugs the gap left between the international standard on information security risk management that was last published in 2011 ( ISO/IEC 27005:2011 ) and the revised ISO/IEC 27001 which was published in 2013. As such BS 7799-3:2017 provides essential support for the implementation of ISO/IEC 27001:2013 Information technology - Security techniques - Information security management systems – Requirements and all sectoral and application specific uses of that standard. NOTE: BS 7799-3:2017 , or its successor(s), will be available until ISO/IEC completes ISO/IEC 27005:201 1 full revision. It will then be withdrawn.

BS 7799-3:2017 history

2017 BS 7799-3:2017 Information security management systems - Guidelines for information security risk management
2006 BS 7799-3:2006 Information security management systems - Guidelines for information security risk management