Guides on the implementation of BS 7799 / BS7799. �170 (approx $325). Includes:
PD 3001:2002 - Preparing for BS 7799-2 Certification
This document provides guidance to users of BS 7799-2:2002 and the code of practice, BS 7799-1:2000 (ISO/IEC 17799). PD 3001 provides guidance on the 'Plan, Do, Check, Act' model and the information security management system (ISMS) process requirements, certification process and preparing for certification.
PD 3002:2002 - Guide to BS 7799 Risk Assessment
This guide addresses the topic of risk assessment in the context of BS 7799 and in particular the development and certification of BS7799 information security and management systems. It aims at providing a common basis and understanding of the underlying concepts behind risk assessment and risk management, the terminology used, and the overall process and options for assessing and managing the risks.
PD 3003:2002 - Are You Ready for a BS 7799-2 Audit?
The content has been expanded to provide a compliance assessment workbook that incorporates both an information security management system (ISMS) process check and gap analysis for BS7799 controls.
PD 3004:2002 - Guide to the Implementation and Auditing of BS 7799 Controls
This guide includes the information security management system (ISMS) control requirements that should be addressed by organizations considering certification according to BS 7799-2:2002. The guide considers each of the controls in BS 7799-2:2002 in 2 different ways. Implementation guidance: describing what needs to be considered to fulfil the control requirements when implementing the controls from BS 7799-2:2002, Annex A. This guidance is aligned with ISO/IEC 17799:2000, which gives advice on the implementation of the BS 7799-2 controls. Auditing guidance: describing what should be checked when examining the implementation of BS 7799-2:2002 controls to ensure that the implementation covers the essential ISMS control requirements.
PD 3005:2002 - Guide on the Selection of BS 7799-2 Controls
This guide describes a selection process that takes the identified security requirements and through a sequence of linked business decisions defines what controls need to be implemented.
Click Here To Purchase and Download the PD 3000 Series