Information Security ISO/IEC 27001

Standards, Publications and Electronic Products

There are two Information Security Standards:

ISO/IEC 27001:2005 Specification for Information Security Management (previously BS 7799-2:2002)
ISO/IEC 27002:2005 (previously named ISO/IEC 17799:2005) Code of practice for Information Security Management

ISO/IEC 27001 is a standard setting out the requirements for an information security management system (ISMS). The standard is designed to ensure the selection of adequate and proportionate security controls that protect information assets and give confidence to interested parties including an organization's customers.

The ISO/IEC 27002 code of practice for information security management establishes guidelines and general principles for organizations to initiate, implement, maintain, and improve information security management. The objectives outlined provide general guidance on the commonly accepted goals of information security management.

Products are available in hard copy or electronic format to suit all needs.

Information Security Standards, Publications and Electronic Products can be purchased through BSI British Standards' Online Shop.

WLASCS:2003 World Lottery Association Control Standard

Available to download from the WLA Website (access restricted by password).