ISO/IEC 17799:2005 - How to build a compliant security management system and a compliant policy/standards framework

Instructor: Endre Bihari
Product ID: 700164
Training Level: Intermediate
  • Duration: 60 Min

recorded version

1x Person - Unlimited viewing for 6 Months
(For multiple locations contact Customer Care)
Recorded Link and Ref. material will be available in My CO Section

Training CD

One CD is for usage in one location only.
(For multiple locations contact Customer Care)
CD and Ref. material will be shipped within 15 business days

Customer Care

Fax: +1-650-963-2556


Read Frequently Asked Questions

In this IT compliance training Understand 17799 and lifting the secrecy surrounding the ISO/IEC 27000 series and the proposed components of the standard family.


The International Standard Organization provided a code of practice for information security. This code of practice became the de facto standard for information security practices.

Although this code of practice is over ten years old, it is very relevant to the requirements of today’s information security systems. This continuous relevance is mainly due to ongoing development and refinements of the international standard.

The result of the ongoing development is a new family of information security standards, commonly known as the ISO/IEC 27000 family of information security standards. Although it is still under development, the effects of the standard family are already visible.

The first standard published under this standard family is the ""old"" ISO/IEC 17799-2:2003 standard. Some other standards are going to be incorporated in this standard family, while some standards are developed from scratch. The information security practitioner community eagerly awaits the publishing of this new standard family.

As it is usual with anything new, anticipation always generates a certain sense of secrecy. This seminar lifts the secrecy surrounding the ISO/IEC 27000 series. The proposed components of the standard family are discussed together with the new standard format as well as the relationship to other standard families, such as the ISO 9000 and ISO 14000 series. Details of the first new standard (ISO/IEC 27001:2005 are also discussed.

Areas Covered in this seminar:

  • What is 17799?
  • Aim and parts of the standard
  • History of ISO/IEC 17799:2005
  • ISO/IEC 17799:2005 Structure
  • Structure and relationship to other standards
  • Benefits achievable by using the standard
  • Changes made from the earlier version
  • Why are these changes?
  • Improved clarity explained
  • The 11 clauses
  • Intent and interpretation
  • Other standards related to ISO/IEC 17799:2005
  • Demystifying 17799
  • Building an ISMS using 17799
  • Requirements for certification
  • Language of a policy
  • Recommended policy/standard hierarchy
  • Recommended policy/standard framework
  • Contents of a policy
  • Contents of a "domain" standard
  • Contents of purpose specific standards
  • What constitutes a good policy?

Who Will Benefit:

  • Information security managers,
  • Consultants,
  • Risk managers,
  • IT managers
  • Information security architects,
  • Security administrators,
  • Auditors,
  • Compliance managers would benefit from this seminar.

Instructor Profile:

Endre is a widely experienced IT management and consultant professional with over 19 years experience in mature and internationally competitive companies, including Deloitte, where he held the position equivalent of Director, Information Security - a role created to support the Enterprise Risk Services group with clients who need information security governance consulting.

Endre brings Enterprise Architecture and Management experience as an end-to-end senior management consultant to the design and conduct of business projects in IT strategy, infrastructure planning, integration and operational management. He has a strong understanding of project management; strategic planning and other value add activities across different platforms. This experience is based on hands-on exposure to industry areas ranging from manufacturing through telecommunications to government across e-business, information security, network integration and more traditional business areas.

Follow us :
ComplianceOnline Banking Summit 2016 | Risk Management and Data Security - 80390SEM
21 CFR Part 11 Compliance for SaaS/Cloud Applications - 80202SEM

Product Reviews

This product hasn't received any reviews yet. Be the first to review this product! Write review

Best Sellers
You Recently Viewed