BS7799 Security Standard  
Compliance and audit support  
for BS 7799  

 BS7799 Security Standard: Compliance and Audit for BS 7799 Contact Us Front Page

The BS7799 Security Standard: What is It?

BS7799 is a very detailed security standard. It is organized into ten major sections, each covering a different topic or area:

1. Business Continuity Planning
The objectives of this section are as follows: To counteract interruptions to business activities and to critical business processes from the effects of major failures or disasters.

2. System Access Control
The objectives of this section are as follows: 1) To control access to information 2) To prevent unauthorised access to information systems 3) To ensure the protection of networked services 4) To prevent unauthorized computer access 5) To detect unauthorised activities. 6) To ensure information security when using mobile computing and tele-networking facilities

BS7799, bs7799

3. System Development and Maintenance
The objectives of this section are as follows: 1) To ensure security is built into operational systems; 2) To prevent loss, modification or misuse of user data in application systems; 3) To protect the confidentiality, authenticity and integrity of information; 4) To ensure IT projects and support activities are conducted in a secure manner; 5) To maintain the security of application system software and data.

4. Physical and Environmental Security
The objectives of this section are as follows: To prevent unauthorised access, damage and interference to business premises and information; to prevent loss, damage or compromise of assets and interruption to business activities; to prevent compromise or theft of information and information processing facilities.

5. Compliance
The objectives of this section are as follows: 1) To avoid breaches of any criminal or civil law, statutory, regulatory or contractual obligations and of any security requirements 2) To ensure compliance of systems with organizational security policies and standards 3) To maximize the effectiveness of and to minimize interference to/from the system audit process.

Within each section are the detailed statements that comprise the standard.

BS7799: Sections 6-10

ISO 17799, ISO17799, BS7799
BS7799 Online Shop

Also ISO17799.NET

Security Risk Assessment
Return to first page


bs7799, bs 7799 Copyright 2002 C & A Systems Security Ltd email
Other Standards: Orange Book