This snapshot, taken on
04/03/2010
, shows web content acquired for preservation by The National Archives. External links, forms and search may not work in archived websites and contact details are likely to be out of date.
 
 
The UK Government Web Archive does not use cookies but some may be left in your browser from archived websites.

We're creating a single website for everything to do with BIS but, while we do that, you'll find information in three places. > Find what you're looking for

 
 

ISO/IEC 27002 Section 8

The Information Security Standard ISO/IEC 27002 is divided into eleven main sections. Section 8 is Information Systems Acquisition, Development and Maintenance.

Information Systems Acquisition, Development and Maintenance

Designing a new system with security in mind is more likely to result in effective and workable security features, than if you attempt to impose security on an existing (but insecure) system.

This area includes:

  • Security requirements analysis and specification
  • Application security
  • Use of cryptography
  • Security of system files

If you develop your own systems, or have them developed for you, good practice in this area is essential to ensure that they work and information remains secure.

Use links below for further information:

ISO/IEC 27002 Section 1
ISO/IEC 27002 Section 2 
ISO/IEC 27002 Section 3 
ISO/IEC 27002 Section 4
ISO/IEC 27002 Section 5
ISO/IEC 27002 Section 6
ISO/IEC 27002 Section 7 
ISO/IEC 27002 Section 9
ISO/IEC 27002 Section 10
ISO/IEC 27002 Section 11
ISO/IEC 27002 Explained

If you would like more background information about information security standards follow this link.

© Crown copyright2010