AS/NZS 4444.2:2000
Superseded
A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
View Superseded by
Information security management Specification for information security management systems (Redesignated as AS/NZS 7799.2:2000 on 15 August 2001)
Hardcopy , PDF 1 User , PDF 3 Users , PDF 5 Users , PDF 9 Users
29-05-2024
31-03-2000
Important note : Users cannot be edited or removed once added to your Multi user PDF.
This Standard forms the basis for an assessment of the information security management system (ISMS) of the whole, or part, of an organization. It may be used as a basis for a formal certification scheme.
This Standard should be read in conjunction with AS/NZSISO/IEC 17799:2001, Information technology - Code of practice forinformation security management, which provides guidance on best practice insupport of the requirements of this Standard.
Application
Information is a vital asset in any organization.The protection and security of information is of prime importance to manyaspects of an organization's business. It is therefore important that anorganization implements a suitable set of controls and procedures to achieveinformation security and manages them to retain that level of security once itis achieved.
This Standard is intended for use by managers andemployees who are responsible for initiating, implementing and maintaininginformation security within their organization and it may be considered as abasis for developing organizational security standards.
With increasing electronic networking betweenorganizations there is a clear benefit in having a common reference document forinformation security management. It enables mutual trust to be establishedbetween networked information systems and trading partners and provides a basisfor the management of these systems between users and service providers.
A comprehensive set of controls comprising the bestinformation security practices currently in use is provided in this Standard.This guidance is intended to be as comprehensive as possible. It is intended toserve as a single reference point for identifying the range of controls neededfor most situations where information systems are used in industry and commerceand can therefore be applied by large, medium and small organizations.
Not all the controls will be relevant to every situation.Organizations need to undertake a risk assessment to identify the mostappropriate control objectives and controls to be implemented which areapplicable to their own needs. Once identified, these need to be recorded in astatement of applicability
The control objectives and controls recorded in thestatement of applicability, together with the policy and procedure documents andall other relevant records, are known as the organization's ISMS.
Specifies the requirements for establishing, implementing and documenting information security management systems (ISMSs) and the requirements for security controls to be implemented according to the needs of individual organizations. This Standard is identical to BS 7799.2:1999.
| Committee |
IT-012
|
| DocumentType |
Standard
|
| ISBN |
0 7337 3284 4
|
| Pages |
22
|
| PublisherName |
Standards Australia
|
| Status |
Superseded
|
| SupersededBy | |
| Supersedes |
First published as AS/NZS 4444:1996.
Revised and redesignated in part as AS/NZS 4444.2:2000.
| HB 248-2001 | Organisational experiences in implementing information security management systems |
| HB 231:2000 | Information security risk management guidelines |
| HB 248-2001 | Organisational experiences in implementing information security management systems |
Access your standards online with a subscription
Features
-
Simple online access to standards, technical information and regulations.
-
Critical updates of standards and customisable alerts and notifications.
-
Multi-user online standards collection: secure, flexible and cost effective.