BS7799: A Suitable Model for Information Security Management

The world is changing rapidly as technology marches forward and the modern business world expands to take advantage of the new technology. Security is seen as fundamental to rapid changing E-business. To satisfy the urgent need for security on the Internet, organisations need to face these challenges and need a suitable management model for information security management. This paper presents the current foundation of information security standard and analyses the framework of BS7799 British information security model. It describes the basic properties of the important security management processes: security policy, security standards, access control, security architecture. It provides an opportunity for security manager to gain security management knowledge and recognise the important procedures and mechanisms to improve the process of information security management.