Why Implement BS 7799?

BS 7799 provides a well-proven framework to implement information security within an organisation. It offers a business-led approach to best practice for information security management in your organisation. Information security is characterised within BS 7799 as the preservation of:

Confidentiality Integrity The opportunity to win new business - particularly using electronic commerce Availability Effective contractual risk management

A proven national and international methodology Effective and appropriate targeting of security resources The ability to demonstrate a commitment to information security

Potentially certification against BS 7799 will bring three main benefits.

1. Internal benefits - ensuring that an appropriate management system is in place to look after the security of an organisation's own information.
2. Improved confidence from trading partners - being able to demonstrate that the organisation has undergone a competent, impartial, independent assessment against BS 7799 will prove that it is serious about information security, that information is safe whilst in its care.
3. The organisation is able to demonstrate compliance with the 1998 Data Protection Act's security requirements. In the UK, the data protection commissioner has stated that if an organisation can demonstrate compliance to BS 7799, her office will be satisfied that appropriate measures are in place to meet the security requirements of the 1998 Data Protection Act.