Welcome to the ISO 27001 and ISO 27002 Open Guide!

This site is an “open” community initiative known as the “Wiki” and is dedicated to documenting ISO27002 (ISO17799) and ISO27001, including implementation and certification issues. This is a public site, which means that YOU can contribute and help. You are free to improve existing pages and create additional ones (see QwikiSyntax for more on this). We hope that together we can come up with a definitive guide to standards.

What are ISO 27001 and ISO 27002?
These are the main international information security standards published by ISO. The ISO 27002 standard was formerly known as ISO 17799 and was renamed in 2007. It is closely related to ISO 27001. The first is a code of conduct for information security management (see ISO 27002 Content) and the second is an information specification. security management (see content of ISO 27001).

ISO27002 Frequently Asked Questions
We are currently preparing an FAQ (see ISO17799 FAQ).

Certification is currently available in accordance with ISO 27001 (formerly BS7799-2, originally published by BSI) and issued by an accredited certification body. In accordance with the global standard, the number of certified companies with agencies around the world is increasing. The list of issued certificates is maintained by ISO 27001 and ISO 27002 Central, although we are currently creating our own (see below).

Public projects ISO 27000 underway
This is a series of projects supporting ISO 27001 and 27002 standards. It includes:
– a collection of useful tips and tricks for implementation
– creation of an ISO27002-oriented safety standard
– certification guide
– and a collection of articles related to the ISO IEC 17799 standard
– our voluntary list of ISO 27001 certifications