Information Security Standards

Information all across the organisations has now been travelling based on some sorts of standards as we called in last post as BS7799 or ISO standards.I will not be discussing these details but a short note will justify this post.
BS7799
Orginated form British Standard Institute in 1995, it was thought to have integrated best practices in information security and a code of information security management.This got revised in 1999 with more revisions and latest be in June 2005 further renaming to ISO/IEC 17799 or ISO 27002

Outlines of BS 7799 are-----------------------
1. Policy
2. Organizational Information Protection
3. Control and sensitivity of assets
4. People Issues
5. Physical Protection
6. System and Infrastructure Management
7. System access control
8. Systems development and maintenance
9. Business continuity planning
10. Compliance

What is MSS.....ISM......

MSS (Managed Security Services) or ISM (Information Security Management) could be explained as a prcoess designed based on organisational principles and policies to manage their network infrastructure and valuable assets using security tools and standards or could be called as International Standards as (BS-7799) and other as ISO standards.

Looking at the process specific companies are becoming more and more specific on tools and infrastructure to be standardised to manage them properly and effectively.

Don't take me wrong Security and Management goes hand in hand for any organisation which is slowly now shaping into new science called or could be called later on as Information Science.