BS 7799-1:1999

Superseded

View Superseded by

Information security management Code of practice for information security management

Available format(s)

Hardcopy , PDF

Superseded date

02-15-2001

Language(s)

English

Published date

05-15-1999

Publisher

British Standards Institution

Committees responsible
Foreword
Introduction
1 Scope
2 Terms and definitions
3 Security policy
    3.1 Information security policy
4 Security organization
    4.1 Information security infrastructure
    4.2 Security of third party access
    4.3 Outsourcing
5 Asset classification and control
    5.1 Accountability for assets
    5.2 Information classification
6 Personnel security
    6.1 Security in job definition and resourcing
    6.2 User training
    6.3 Responding to security incidents and malfunctions
7 Physical and environmental security
    7.1 Secure areas
    7.2 Equipment security
    7.3 General controls
8 Communications and operations management
    8.1 Operational procedures and responsibilities
    8.2 System planning and acceptance
    8.3 Protection against malicious software
    8.4 Housekeeping
    8.5 Network management
    8.6 Media handling and security
    8.7 Exchanges of information and software
9 Access control
    9.1 Business requirement for access control
    9.2 User access management
    9.3 User responsibilities
    9.4 Network access control
    9.5 Operating system access control
    9.6 Application access control
    9.7 Monitoring system access and use
    9.8 Mobile computing and teleworking
10 Systems development and maintenance
    10.1 Security requirements of systems
    10.2 Security in application systems
    10.3 Cryptographic controls
    10.4 Security of system files
    10.5 Security in development and support processes
11 Business continuity management
    11.1 Aspects of business continuity management
12 Compliance
    12.1 Compliance with legal requirements
    12.2 Reviews of security policy and technical compliance
    12.3 System audit considerations
Annex A (informative) Changes to internal numbering
Index

Defines recommendations for information security management for use by those who are responsible for implementing, initiating or maintaining security in their organization. Intended to provide a common basis for developing organizational security standards and effective security management practice and to provide confidence in inter-organizational dealings.

Committee	IST/33
DevelopmentNote	Supersedes 98/682025 DC. (03/2007)
DocumentType	Standard
Pages	52
PublisherName	British Standards Institution
Status	Superseded
SupersededBy	BS ISO/IEC 17799 : 2005 BS ISO/IEC 17799 : 2000
Supersedes	BS 7799-1:1995

Standards	Relationship
AS/NZS 4444.1:1999	Identical
NEN ISO/IEC 17799 : 2005 C1 2007	Identical

View more information

US$271.70

Excluding Tax where applicable

Product format

I agree to the DRM document license rules apply against the PDF selection made.

Please confirm that you agree to the document license rules for this document.

I agree to the document license rules .

Please confirm that you agree to the document license rules for this document.

Access your standards online with a subscription

Features

Simple online access to standards, technical information and regulations.
Critical updates of standards and customisable alerts and notifications.
Multi-user online standards collection: secure, flexible and cost effective.

Learn more on subscription solutions

Get in touch with us

BS 7799-1:1999

Information security management Code of practice for information security management

Table of Contents

Abstract

General Product Information

International Equivalents

Category

Subcategory