BS7799 Security Standard: Compliance and Audit for BS 7799

Before considering full certification, or indeed any formal public statement on the BS7799 issue, it is essential to gain confidence in your underlying compliance level. Essentially, establishing your current compliance position is the first step to conformance with the standard. This is actually much harder to achieve than may superficially appear. For larger organizations, the position of each and every information system within scope needs to be established. This CAN be a very intensive and costly operation indeed. Having achieved this, plans now need to be created to ensure that the identified improvements and changes are implemented. This again CAN prove to be very costly. However, having completed this process, and having reached a broad but deomstrable compliance plateau, most of the hard work is actually done. The next page will consider a method of simplifying the above and achieving full compliance with minimum pain. Return to first page   Copyright © 2002 C & A Systems Security Ltd Member of: Information Security World