ISO 17799 Central. BS7799 and ISO17799 Guide

THE A-Z GUIDE FOR ISO27001 AND ISO27002 INFORMATION
ISO 27000 CENTRAL

ISO 27000 Central is intended to be a launch pad for those seeking help with this international standard. It offers information, tips, guides and links to a range of resources.

Menu
About ISO 27002
Starting Point
The Glossary
The PDCA Cycle
Certifications
Newsletter Archive

Home
Feedback
Forums
Conferences
Guestbook
Directory

Add ISO27000 Central
to Your Bookmarks


ISO27000 Glossary

This glossary of ISO 27000 and information security related terms was compiled over a lengthy period, and is provided as a public service. In addition to offering definitions and explanation of terms and phrases, the glossary also cross references each with the appropriate chapter of the standard itself, where applicable.

The ISO 27000 Glossary


The ISO 27000 Glossary of Information Security Terms and Phrases

B   |   C   |   D   |   E   |   F   |   G   |   H   |   I   |   J   |   K   |   L   |   M   |   N   |   O   |   P   |   Q   |   R   |   S   |   T   |   U   |   V   |   W   |   X   |   Y   |   Z  ]


A


ACCESS CONTROL (Chapter 9)
Access control refers to the rules and deployment mechanisms which control access to information systems, and physical access to premises. The entire subject of Information Security is based upon Access Control, without which Information Security cannot, by definition, exist.

ADMISSIBLE EVIDENCE
Admissible Evidence is 'evidence' that is accepted as legitimate in a court of law. From an Information Security perspective, the types of 'evidence' will often involve the production of a system's log files.

ANTI-VIRUS SOFTWARE (Chapter 8)
Software designed to detect, and potentially eliminate, viruses, as well as repairing or quarantining files which have already been infected by virus activity

AUDIT LOG (Chapter 9)
Computer files containing details of amendments to records, which may be also used in the event of system recovery being required. Enabling this feature usually incurs some system overhead, but it does permit subsequent review of all system activity.

AUDIT TRAIL (Chapter 9)
A record or series of records, which allows the processing carried out by a computer or clerical system to be accurately identified. Often enables verification of the authenticity of amendments, including details of the users who created and authorised them.

AUDITOR (Chapter 12)
The person employed to verify, usually independently, the quality and integrity of the work that has been undertaken within a particular area.

AUTHENTICATION (Chapter 9)
Authentication refers to the verification of the authenticity of either a person or of data. Authentication techniques usually form the basis for all forms of access control to systems or data.

AVAILIBILITY (Chapter 11)
Ensuring that information systems and the necessary data are available for use when they are needed.



       SOURCES

ISO 27000 DOWNLOAD

ISO 27001 (and ISO 27002) should always be obtained from an official source.
17799

Standards Direct (BSI) provides the standard as an instant download from the following page: ISO 27000 Download

ISO27000
TOOLKIT

The standard (both ISO 27001 and 27002) can also be obtained as part of the ISO27000 Toolkit. This also comprises a series of support resources, such as aligned security policies, checklists, BIA questionnaires, presentations, etc.

It can be downloaded via the following website: ISO 27000 Toolkit

ADVERTISERS

Please feel free to contact us

Your Guide To ISO 27001 and ISO27002
Copyright © 2012. All Rights Reserved.