Incremental information security certification

Basie Von Solms, Rossouw Von Solms

Research output: Contribution to journalComment/debate

22 Citations (Scopus)

Abstract

The implementation of an information security management plan in a company was discussed. An information security certification helps in getting an understanding of the information security in the company and in comparing it with the information security level of another certified company. BS7799, the only internationally accepted scheme to get a formal information security certification, is difficult to obtain as the company needs to conform to all the ten sections of BS7799. The Information Security Institute of South Africa (ISIZA) is a framework developed for information security certification consisting of five levels and is faster to obtain as the company needs to conform to small subsets of BS7799 only.

Original languageEnglish
Pages (from-to)308-310
Number of pages3
JournalComputers and Security
Volume20
Issue number4
DOIs
Publication statusPublished - 2001

Keywords

  • BS 7799
  • ISO 17799
  • Infomation security certification

ASJC Scopus subject areas

  • General Computer Science
  • Law

Fingerprint

Dive into the research topics of 'Incremental information security certification'. Together they form a unique fingerprint.

Cite this