ISO/IEC 27799

From Wikipedia, the free encyclopedia

ISO/IEC 27799 part of a growing family of ISO/IEC ISMS standards, the 'ISO/IEC 27000 series' is an information security standard being currently developed by the International Organization for Standardization (ISO) and the International Electrotechnical Commission (IEC). Its current draft title is Information Security Management in Health using ISO/IEC 27002.

The purpose of ISO/IEC 27799 is provides guidance to health organizations and other holders of personal health information on how to protect such information via implementation of ISO/IEC 27002.

The prospective content sections ^[1] are:

• 1: Scope
• 2: References
• 3: Terminology
• 4: Symbols
• 5: Health information security
• 6: Practical Action Plan for Implementing ISO 17799/27002
• 7: Healthcare Implications if ISO 17799/27002
• 8: Annex A: Threats
• 9: Annex B: Tasks and documentation of the ISMS
• 10: Annex C: Potential benefits and tool attributes
• 11: Annex D: Related standards

[edit] References

[edit] See also

• ISO/IEC 27000-series

[edit] External links

• Current status of the ISO 27799 standard