Don't Miss Out on the Best Specials of the Year Available Now - Top Training, Top Instruction!

SCORE: Checklists & Step-by-Step Guides

ISO IEC 17799 2005

Final: December 2005

ISO IEC 17799 2005 is the "Code of Practice for Information Security Management," and is the most widely accepted standard throughout the world. It is published by International Standardization Organization (ISO) and the International Electrotechnical Commission (IEC). The latest version of BS ISO IEC 17799: 2005 will replace the older versions of BS 7799 and ISO 17799 standards.

The BS ISO IEC 17799 2005 has a broad scope and addresses various critical business infrastructures within the organization. The SANS checklist provides precise audit checks that can be performed on the organization's infrastructures, which are based on the latest version of BS ISO IEC 17799 2005.

The latest version of 17799 checklist will replace all previous versions of the checklists from SANS. This is not a replacement for the ISO IEC 17799 standard, but can be used in conjunction with the standard for Information Security management of the Organization.

Permission to use extracts from ISO 17799:2005 was provided by Standards Council of Canada, in cooperation with IHS Canada. No further reproduction is permitted without prior written approval from Standards Council of Canada. Documents can be purchased at


  • 1. BS ISO/IEC 17799:2005 (BS 7799-1:2005) Information technology. Security techniques. Code of practice for information security management
  • 2. Draft BS 7799-2:2005 (ISO/IEC FDIS 27001:2005) Information technology. Security techniques. Information security management systems.
Val Thiagarajan is the team leader for the BS ISO IEC 17799 2005 SANS Checklist. If you have any comments or questions please email Val at: