Taiwan Provincial Standard of the People's Republic of China
Status
2007-10
Latest
CNS 17799-2006
Scope
This standard establishes guidelines and general principles for initiating, implementing, maintaining and improving information security management within an organization. The objectives outlined in this standard provide general guidance on commonly accepted objectives for information security management. The control objectives and control measures of this standard are designed to be implemented to meet the requirements identified in the risk assessment. This standard serves as a guide for developing organizational safety standards and effective safety management practices.
CNS 17799-2006 history
2006CNS 17799-2006 Information technology - Security techniques - Code of practice for information security management
2002CNS 17799-2002 Information Technology -Code of Practice for Information Security Management