ISO 27001

Hi guys, my boss is going to send me to take a seminar on ISO27001. What do you thinks?? I havent heard much about this cert???
close to MCSA!!

Comments

  • JDMurrayJDMurray MSIT InfoSec, CISSP, SSCP, GSEC, EnCE, C|EH, CySA+, PenTest+, CASP+, Security+ Surf City, USAAdmin Posts: 11,669 Admin
    ISO 27001 is not a "people" certification; it is an international standard for Information Security management practices that is used to certify entire organizations. It was formerly named ISO/IEC 17799:2005, but it was renumbered to place it in the 27000-series of ISO standards, otherwise it is the same. It's one of main standards to study for the CISSP and CISM certification exams.

    ISO 17799 and ISO 27001News
  • sexion8sexion8 Member Posts: 242
    Not a PEOPLE cert, as stated more of a company certification of compliance:

    Certification is entirely optional but is increasingly being demanded from suppliers and business partners by organizations that are concerned about information security. Certification against ISO/IEC 27001 brings a number of benefits above and beyond simple compliance, in much the same way that an ISO 9000-series certificate says more than “We are a quality organization”. Independent assessment necessarily brings some rigor and formality to the implementation process (implying improvements to information security and all the benefits that brings through risk reduction), and invariably requires management approval (which is an advantage in security awareness terms, at least!). The certificate has marketing potential and should help assure most business partners of the organization’s status with respect to information security without the necessity of conducting their own security reviews.


    http://www.iso27001security.com/
    http://www.iso27001security.com/html/iso27k_toolkit.html
    http://www.17799.com/
    http://www.iso27001certificates.com/Register%20Search.htm

    If you're looking to get something similar in theory, methodologies, etc., then follow JD's advice... CISSP and CISM as the title of the standard says "ISO/IEC 27001:2005 - Information technology -- Security techniques -- Information security management systems -- Requirements". Also take note, NSA IAM uses bits and pieces along with NIST standards and guidelines as well[/b]
    "Everything we hear is an opinion, not a fact. Everything we see is a perspective, not the truth." - Marcus Aurelius
  • vivek2727vivek2727 Member Posts: 7 ■□□□□□□□□□
    Actually ISFS -Information Security Foundation based on ISO/IEC 27002 - $US 160.00

    is now available at VUE testing centers . The exam is from Exin Inc, the same organization which conducts the ITIL exams.
Sign In or Register to comment.