Saturday, August 18, 2007

ISO 2703n: Latest Developments

A little more has emerged on the emerging subset of ISO27k standards ISO27031-40. The following reflects the current position as we understand it.

ISO/IEC 27031
Information technology Information technology – Security Security techniques techniques - ICT readiness for business continuity

ISO/IEC 27032
Information technology - Security techniques - Guidelines for Cybersecurity (Suggested)

ISO/IEC 27033
As referenced in previous articles, this is the revision of ISO 18028. It comprises seven distinct parts:

ISO 27033-1
Information technology Information technology – Security techniques Security techniques - Network security Network security – Guidelines for network security

ISO 27033-2
Information technology Information technology – Security techniques Security techniques - Network security Network security – Guidelines for the design and implementation of network

ISO 27033-3
IT network security - Reference networking scenarios - Risks, design, technologies and control issues

ISO 27033-4
IT network security - Security network information with network security gateways - Risks, design techniques and control issues

ISO 27033-5
IT network security - Secure remote access - Risks, design techniques and control issues

ISO 27033-6
IT network security - Securing communications across networks using Virtual Private Networks

ISO 27033-7
IT network security - Guidelines for the design and implementation of network security


ISO/IEC 27034
Information technology Information technology –Security techniques Security techniques - Guidelines for application security


These at are various stages of the publication process, with at least one still at the proposal stage.

Labels: , , , , ,

posted by ISO 27001 Reporter @ 5:56 AM   0 Comments  

Monday, July 16, 2007

And Another Emerges: ISO 27033

The next ISO 27000 series standard is on the starting block: ISO 27033.

On 12th July a formal note was distributed by the appropriate ISO committee (JTC 1 / SC 27) announcing a letter ballot for early revision and renumbering (to 27033) of existing standard 18028.

Obviously, this is the very start of a lengthy process, but the note also revealed the proposed structure of the new standard, which it is proposed would comprise seven parts:

1. Guidelines for network security
2. Guidelines for design/implementation of network security
3. Reference networking scenarios
4. Securing communications between networks using gateways
5. Securing remote access
6. Securing communications across networks using VPNs
7. Guidelines for securing

Momentum for the series continues to increase.

Labels: , ,

posted by ISO 27001 Reporter @ 2:33 PM   0 Comments