This site is a public 'open' initiative, known as a 'wiki', and is designed to document ISO27002 (ISO17799) and ISO27001, inclusive of implementation and certification issues. It is a public access site, meaning that YOU can contribute and assist. You are free and able to improve existing pages, and create additional pages (see QwikiSyntax for details on how to do this). We hope that together we can create the definitive guide to the standards.

These are the major international information security standards, published by ISO. ISO 27002 was formerly known as ISO 17799, having been renamed in 2007. It is closely related to ISO 27001. The former of these is a code of practice for information security management (see the Contents of ISO 27002), whilst the latter is a specification for information security management (see the Contents of ISO 27001).

We are currently building an FAQ (see ISO17799 FAQ).

Certification is currently available against ISO 27001 (formerly BS7799-2, originally published by BSI) and is granted through an Accredited Certification Body. As a worldwide standard, the number of certified entities is increasing, with representation across the world. A list of certifications issued is maintained by ISO 27001 & ISO 27002 Central, although we are currently building our own (see below).

This is a series of projects to support ISO 27001 and 27002. It includes:

If you have contributed to this initiative, please feel free to add your details to our Contributors Page. We also have entry points for the open guide in a growing number of Foreign Langauges.

Please feel free to contact us, via our Contact Page. We would like to thank everyone who has contributed thus far, as well as Safemode for providing our hosting.