Understanding ISO 27001 and Auditing the Security Program
In the past several years, security best practices have been consolidated into different international and industry standards. ISO 27001 is a comprehensive international standard for auditing the ISMS and has replaced other standards. A company benefits by performing self-audits against an industry standard because industry standards are guidelines for best practices security controls.
Submit a 2-3-page document that contains responses to the following questions:
What are the 10 key control areas for BS 7799 or ISO 27001?
How is ISO 27001 different from BS 7799?
Do you feel international standards, such as ISO 27001, should apply to all companies and not just international corporations? Explain why, and provide some benefits that international standards like this offer a company in developing and auditing its security program.