Skip to content
Please enter a keyword to search

  • BS 7799-1:1995

    View superseded by
    Superseded A superseded Standard is one, which is fully replaced by another Standard, which is a new edition of the same Standard.
    View superseded by

    Information security management Code of practice for information security management systems

    Available format(s):  Hardcopy, PDF

    Superseded date:  15-05-1999

    Language(s):  English

    Published date:  15-02-1995

    Publisher:  British Standards Institution

    Add To Cart

    Table of Contents - (Show below) - (Hide below)

    Committees responsible
    Foreword
    Code of practice
    Introduction
    Section 0. General
    0.1 Scope
    0.2 Information references
    0.3 Definitions
    Section 1. Security policy
    1.1 Information security policy
    Section 2. Security organization
    2.1 Information security infrastructure
    2.2 Security of third party access
    Section 3. Assets classification and control
    3.1 Accountability for assets
    3.2 Information classification
    Section 4. Personnel security
    4.1 Security in job definition and resourcing
    4.2 User training
    4.3 Responding to incidents
    Section 5. Physical and environmental security
    5.1 Secure areas
    5.2 Equipment security
    Section 6. Computer and network management
    6.1 Operational procedures and responsibilities
    6.2 System planning and acceptance
    6.3 Protection from malicious software
    6.4 Housekeeping
    6.5 Network management
    6.6 Media handling and security
    6.7 Data and software exchange
    Section 7. System access control
    7.1 Business requirement for system access
    7.2 User access management
    7.3 User responsibilities
    7.4 Network access control
    7.5 Computer access control
    7.6 Application access control
    7.7 Monitoring system access and use
    Section 8. Systems development and maintenance
    8.1 Security requirements of systems
    8.2 Security in application systems
    8.3 Security of application system files
    8.4 Security in development and support environments
    Section 9. Business continuity planning
    9.1 Aspects of business continuity planning
    Section 10. Compliance
    10.1 Compliance with legal requirements
    10.2 Security reviews of IT systems
    10.3 System audit considerations
    Annex
    A. (normative) Summary of controls used in BS 7799
    Index
    List of references

    Abstract - (Show below) - (Hide below)

    Provides recommendations for information security management. Intended for provision of a common basis for organizations to develop, implement and measure effective security management practice and for provision of confidence in interorganizational dealings.

    General Product Information - (Show below) - (Hide below)

    Committee IST/33
    Development Note Supersedes and renumbers BS 7799(1995) (07/2004)
    Document Type Standard
    Publisher British Standards Institution
    Status Superseded
    Superseded By
    Supersedes

    Standards Referenced By This Book - (Show below) - (Hide below)

    PD CR 13694:1999 Health informatics. Safety and security related software quality standards for healthcare (SSQS)
    BIP 0139 : 2013 AN INTRODUCTION TO ISO/IEC 27001:2013
    View more information

    • Access your standards online with a subscription

      Features

      • Simple online access to standards, technical information and regulations
      • Critical updates of standards and customisable alerts and notifications
      • Multi - user online standards collection: secure, flexibile and cost effective