The most trusted source for computer security training, certification and research.

Global Information Assurance Certification

Wow! It's an incident handler's Christmas morning, tools, tools, tools. Very Applicable!
-Todd Davis, Symantec

MANAGEMENT 411

SANS 17799/27001 Security & Audit Framework

6 CPE Credits per day

The British Standards Institute (BSI) developed one of the best documents for creating and maintaining a secure enterprise, known as the BS ISO/IEC 17799:2000, originally BS 7799. Recently, the ISO has adopted a new version, 17799:2005. The strength of this document is derived from the meticulous attention to detail provided by the many contributing authors and organizations as well as the applicability of the standard to the realities of doing business today. The standard seeks to offer best practice guidance regarding all manner of security issues across eleven domains and can assist any organization that chooses to adopt it to develop a true security minded corporate culture. Learn to implement the guidance contained in ISO-17799 and the ISO 27000 series of standards with step by step pragmatic examples that will allow you to move quickly into compliance with the standard.

This track is designed for information security officers or other management professionals who are looking for a how-to guide for implementing ISO-17799:2005 effectively. While the standard is very well written, anyone who has actually tried to shift to an ISO-17799:2005 structured security organization knows that there can be some significant hurdles to overcome. This course will give you the information you need to go back to your organization with a plan of action to get the job done!

Author Statement

Anyone who has ever tried to implement BS7799, AS7799 or ISO-17799 in their organization recognizes that it is an outstanding security standard but that the initial creation of the Information Security Management System (ISMS) to build and maintain compliance can be a long and painful process. What we tried to do with this class is take real world examples of what works and why it works in order to teach you how to apply the same methodologies within your organization. The end result is that, after taking this class, you will fully understand all aspects of the 7799 family of standards and be in a position to create a world class ISMS with minimal effort and maximum efficiency!
- DAVE HOELZER