Elements of building construction fire-resistance test methods. General requlrements
Instead of ST SEV 1000-78
1 area of use
This standard regulates the general requirements for test methods for building structures and elements of engineering systems (hereinafter referred to as structures) for fire resistance under standard conditions of thermal exposure and is used to establish fire resistance limits.
The standard is fundamental in relation to the standards for test methods for fire resistance of structures of specific types.
When establishing the fire resistance limits of structures in order to determine the possibility of their use in accordance with the fire safety requirements of regulatory documents (including certification), the methods established by this standard should be applied.
3. Definitions
The following terms apply in this standard.
Fire resistance design- according to ST SEV 383.
Fire resistance limit of the structure- according to ST SEV 383.
Limiting state of the structure for fire resistance- the state of the structure, in which it loses the ability to maintain load-bearing and / or enclosing functions in a fire.
4. Essence of test methods
The essence of the test methods is to determine the time from the beginning of the thermal impact on the structure in accordance with this standard until the onset of one or several consecutive fire resistance limit states, taking into account the functional purpose of the structure.
5. Bench equipment
5.1. Stand equipment includes:
Test furnaces with a fuel supply and combustion system (hereinafter referred to as furnaces);
Devices for mounting the sample on the furnace, ensuring compliance with the conditions for its fastening and loading;
Systems for measuring and recording parameters, including equipment for film, photo or video filming.
5.2.1. Furnaces shall be capable of testing structural specimens under the required loading, bearing, temperature and pressure conditions specified in this standard and in standards for test methods for specific types of structures.
5.2.2. The main dimensions of the openings of the furnaces must be such as to ensure the possibility of testing samples of structures of design dimensions.
If it is not possible to test samples of design dimensions, their dimensions and furnace openings must be such as to ensure the conditions for thermal exposure to the sample, regulated by the standards for testing methods for the fire resistance of structures of specific types.
The depth of the fire chamber of the furnaces must be at least 0.8 m.
5.2.3. The design of the furnace masonry, including its outer surface, must provide the possibility of installing and fixing the sample, equipment and fixtures.
5.2.4. The temperature in the furnace and its deviations during the test shall comply with the requirements of Clause 6.
5.2.5. The temperature regime of furnaces must be ensured by burning liquid fuel or gas.
5.2.6. The combustion system must be adjustable.
5.2.7. The flame of the burners shall not touch the surface of the structures being tested.
5.2.8. When testing structures, the fire resistance limit of which is determined by the limit states specified in 9.1.2 and 9.1.3, excess pressure in the fire space of the furnace must be ensured.
It is allowed not to control excess pressure during fire resistance tests of load-bearing bar structures (columns, beams, trusses, etc.), as well as in cases where its effect on the fire resistance limit of the structure is insignificant (reinforced concrete, etc. structures).
5.3. Furnaces for testing load-bearing structures must be equipped with loading and supporting devices that ensure loading of the sample in accordance with its design scheme.
5.4. Requirements for measuring systems
5.4.1. During the test, the following parameters should be measured and recorded:
Environments in the fire chamber of the furnace - temperature and pressure (taking into account 5.2.8);
Loading and deformation during testing of load-bearing structures.
5.4.2. The temperature of the environment in the fire chamber of the furnace must be measured by thermoelectric converters (thermocouples) at least in five places. At the same time, at least one thermocouple must be installed for every 1.5 openings of the furnace intended for testing enclosing structures, and for every 0.5 m of the length (or height) of the furnace intended for testing bar structures.
The brazed end of the thermocouple should be placed 100 mm from the surface of the calibration sample.
The distance from the soldered end of the thermocouples to the furnace walls must be at least 200 mm.
5.4.3. The temperature in the furnace is measured by thermocouples with electrodes with a diameter of 0.75 to 3.2 mm. The hot junction of the electrodes must be free. The protective casing (cylinder) of the thermocouple must be removed (cut off and removed) at a length () mm from its soldered end.
5.4.4. To measure the temperature of samples, including on the unheated surface of enclosing structures, thermocouples with electrodes with a diameter of not more than 0.75 mm are used.
The method of mounting thermocouples on the tested sample of the structure must ensure the accuracy of measuring the temperature of the sample within %.
In addition, a portable thermocouple equipped with a holder or other technical means may be used to determine the temperature at any point on the unheated surface of the structure where the greatest temperature increase is expected.
5.4.5. It is allowed to use thermocouples with a protective casing or with electrodes of other diameters, provided that their sensitivity is not lower and the time constant is not higher than that of thermocouples made in accordance with 5.4.3 and 5.4.4.
5.4.6. To register measured temperatures, instruments of accuracy class at least 1 should be used.
5.4.7. Devices designed to measure the pressure in the furnace and record the results must ensure the accuracy of measuring Pa.
5.4.8. Measuring instruments must provide continuous recording or discrete recording of parameters with an interval of no more than 60 s.
5.4.9. To determine the loss of integrity of building envelopes, a swab made of cotton or natural wool is used.
The size of the tampon should be 100x100x30 mm, weight - from 3 to 4 g. Before use, the tampon is kept in an oven at a temperature ()°C for 24 hours. The swab is removed from the drying cabinet no earlier than 30 minutes before the start of the test. Re-use of the tampon is not allowed.
5.5. Calibration of bench equipment
5.5.1. Calibration of furnaces is to control temperature regime and pressure in the furnace volume. In this case, a calibration sample is placed in the opening of the furnace for testing structures.
5.5.2. The design of the calibration sample must have a fire resistance limit of at least the calibration time.
5.5.3. The calibration sample for furnaces intended for testing building envelopes must be made of a reinforced concrete slab with a thickness of at least 150 mm.
5.5.4. A calibration sample for furnaces intended for testing bar structures must be made in the form of a reinforced concrete column with a height of at least 2.5 m and a cross section of at least 0.04.
5.5.5. Duration of calibration - not less than 90 min.
6. Temperature regime
6.1. During testing and calibration in furnaces, a standard temperature regime should be created, characterized by the following relationship:
, (1)
where T is the temperature in the furnace corresponding to the time t, °C;
The temperature in the furnace before the start of thermal exposure (assumed to be equal to the ambient temperature), °C;
t is the time calculated from the start of the test, min.
If necessary, a different temperature regime can be created, taking into account the actual fire conditions.
6.2. The deviation H of the average measured temperature in the furnace (5.4.2) from the value T calculated by formula (1) is determined as a percentage by the formula
. (2)
The average measured temperature in the furnace is taken as the arithmetic mean of the readings of the furnace thermocouples at time t.
The temperatures corresponding to the dependence, as well as the permissible deviations from them of the average measured temperatures, are given in Table 1.
Table 1
| t, min | T - T_0, °C | Allowed value deviation H, % |
| 5 10 |
556 659 |
+-15 |
| 15 30 |
718 821 |
+-10 |
| 45 60 90 120 150 180 240 360 |
875 925 986 1029 1060 1090 1133 1193 |
When testing structures made of non-combustible materials, on individual furnace thermocouples, after 10 minutes of testing, the temperature deviation from the standard temperature regime by no more than 100 ° C is allowed.
For other designs, such deviations should not exceed 200°C.
7. Samples for testing structures
7.1. Samples for testing structures must have design dimensions. If specimens of this size cannot be tested, then minimum dimensions samples are accepted according to the standards for testing structures of the corresponding types, taking into account 5.2.2.
7.2. The materials and parts of the samples to be tested, including butt joints of walls, partitions, ceilings, coatings and other structures, must comply with the technical documentation for their manufacture and use.
At the request of the testing laboratory, the properties of the materials of construction, if necessary, are controlled on their standard samples, made specifically for this purpose from the same materials simultaneously with the manufacture of structures. Control standard samples of materials until the moment of testing must be in the same conditions as the experimental samples of structures, and their testing is carried out in accordance with applicable standards.
7.3. The moisture content of the sample must be specifications and be dynamically balanced with an environment of ()% relative humidity at ()°C.
The moisture content of the sample is determined directly on the sample or on its representative part.
To obtain dynamically balanced humidity, natural or artificial drying of samples is allowed at an air temperature not exceeding 60°C.
7.4. To test a structure of the same type, two identical specimens shall be made.
Samples must be accompanied by necessary kit technical documentation.
7.5. When conducting certification tests, sampling should be carried out in accordance with the requirements of the adopted certification scheme.
8. Testing
8.1. Tests are carried out at an ambient temperature of 1 to 40°C and at an air velocity of not more than 0.5 m/s, if the design conditions do not require other test conditions.
The ambient temperature is measured at a distance not closer than 1 m from the sample surface.
The temperature in the furnace and in the room must be stabilized 2 hours before the start of the test.
8.2. During the test, register:
The time of onset of limit states and their type (section 9);
The temperature in the furnace, on the unheated surface of the structure, as well as in other pre-set places;
Overpressure in the furnace when testing structures, the fire resistance of which is determined by the limit states specified in 9.1.2 and 9.1.3;
Deformations of load-bearing structures;
The time of appearance of the flame on the unheated surface of the sample;
The time of appearance and nature of cracks, holes, delaminations, as well as other phenomena (for example, violation of the conditions of support, the appearance of smoke).
The above list of measured parameters and recorded phenomena can be supplemented and changed in accordance with the requirements of test methods for structures of specific types.
8.3. The test should continue until one or, if possible, successively all the limit states specified for a given design.
9. Limit states
9.1. There are the following main types of limit states of building structures in terms of fire resistance.
9.1.1. Loss of bearing capacity due to the collapse of the structure or the occurrence of limiting deformations (R).
9.1.2. Loss of integrity as a result of the formation of through cracks or holes in the structures through which combustion products or flames penetrate the unheated surface (E).
9.1.3. Loss of heat-insulating ability due to temperature rise on the unheated surface of the structure to the limit values for this structure (I).
9.2. Additional limit states of structures and criteria for their occurrence, if necessary, are established in the standards for testing specific structures.
10. Designations of fire resistance limits of structures
Fire resistance designation building structure comprises symbols limit states normalized for a given design (see 9.1) and a figure corresponding to the time to reach one of these states (the first in time) in minutes.
For example:
R 120 - fire resistance limit of 120 min in terms of loss of bearing capacity;
RE 60 - fire resistance limit of 60 minutes in terms of loss of bearing capacity and loss of integrity, regardless of which of the two limit states occurs earlier;
REI 30 - fire resistance limit of 30 minutes in terms of loss of bearing capacity, integrity and heat-insulating capacity, regardless of which of the three limit states occurs earlier.
When compiling a test report and issuing a certificate, the limit state for which the fire resistance limit of the structure is established should be indicated.
If for a structure, different fire resistance limits are normalized (or set) for various limit states, the designation of the fire resistance limit consists of two or three parts, separated by a slash.
For example:
R 120 / EI 60 - fire resistance limit of 120 minutes in terms of loss of bearing capacity; fire resistance limit of 60 minutes in terms of loss of integrity and heat-insulating ability, regardless of which of the last two limit states occurs earlier.
For different values of the fire resistance limits of the same design for different limit states, the fire resistance limits are designated in descending order.
The numerical indicator in the designation of the fire resistance limit must correspond to one of the numbers in the following series: 15, 30, 45, 60, 90, 120, 150, 180, 240, 360.
11. Evaluation of test results
The fire resistance limit of a structure in minutes is determined as the arithmetic mean of the test results of two samples. In this case, the maximum and minimum values of the fire resistance limits of the two tested samples should not differ by more than 20% (from the larger value). If the results differ from each other by more than 20%, an additional test must be carried out, and the fire resistance limit is determined as the arithmetic mean of the two lower values.
In the designation of the fire resistance of a structure, the arithmetic mean of the test results is reduced to the nearest lower value from the series of numbers given in section 10.
The results obtained during the test can be used to assess the fire resistance by calculation methods of other structures similar (in shape, materials, design).
12. Test report
The test report must contain the following data:
1) the name of the organization conducting the test;
2) name of the customer;
3) the date and conditions of the test, and, if necessary, the date of manufacture of the samples;
4) product name, information about the manufacturer, trademark and sample marking indicating the technical documentation for the design;
5) designation of the standard for the test method of this design;
6) sketches and description of the tested samples, data on control measurements of the condition of the samples, physical and mechanical properties of materials and their moisture content;
7) conditions for supporting and fastening samples, information about butt joints;
8) for structures tested under load, information about the load accepted for testing and loading schemes;
9) for asymmetric samples of structures - an indication of the side subjected to thermal action;
10) observations during the test (graphs, photographs, etc.), start and end times of the test;
11) processing of test results and their assessment, indicating the type and nature of the limit state and fire resistance limit;
12) validity period of the protocol.
The progenitor of international information security management standards - British BS 7799 - has long gone beyond the national framework. The first part, BS 7799-1, was developed in 1995 by order of the UK government. In early 2006, the British set a new standard in risk management information security- BS 7799-3, which will later receive the index 27005.
There are many areas of management: production, finance, sales, purchasing, personnel, etc. Thanks to the development of modern high-tech business, the importance of such areas as information technology, information security, quality and environment. This is evidenced by the growing worldwide popularity of the relevant international standards of the ISO 2700x, ISO 2000x, ISO 900x and ISO 1400x series. The basic principles of management, by and large, are the same for all areas, so the corresponding management systems complement one another, forming an integrated management system of the organization (IMS). It is difficult to overestimate the contribution of the British Standards Institute (BSI) to the development of international standards for organization management, including integrated management systems, which are the subject of the BSIBIP 2000 series of publications.
Following the widespread dissemination of ISO 9001 and quality management systems, international information security management standards ISO / IEC 27001/17799 have finally begun to take root in Russia. They became available in Russian, a public discussion of the drafts of the relevant national information security standards GOST R ISO/IEC 27001 and GOST R ISO/IEC 17799 has begun, and certification services are gradually spreading.
The progenitor of international information security management standards is the British standard BS 7799. Its first part - BS 7799-1 "Practical rules for information security management" - was developed by BSI in 1995 by order of the UK government. As the name suggests, this document is a practical guide to managing information security in an organization. It describes the 10 areas and 127 controls needed to build an ISMS, identified on the basis of best examples from world practice. In 1998, the second part of this British standard appeared - BS 7799-2 “Information security management systems. Specification and Application Guide”, which determined the general model for building an ISMS and a set of mandatory requirements for compliance with which certification should be carried out. With the advent of the second part of BS 7799, which defined what an ISMS should be, the active development of a certification system in the field of security management began. In 1999, both parts of BS 7799 were revised and harmonized with the international standards for management systems ISO 9001 and ISO 14001, and a year later, the ISO technical committee adopted BS 7799-1 unchanged as the international standard ISO / IEC 17799:2000.
The second part of BS 7799 was revised in 2002, and at the end of 2005 was adopted by ISO as the international standard ISO/IEC 27001:2005 " Information Technology- Security methods - Information security management systems - Requirements. At the same time, the first part of the standard was also updated. With the release of ISO 27001, ISMS specifications have gained international status, and now we can expect a significant increase in the role and prestige of ISO 27001-certified ISMS.
The 2700x family of international security management standards continues to evolve. As planned by ISO, it will include standards defining ISMS requirements, a risk management system, metrics and measurements of the effectiveness of controls, and implementation guidance. This family of standards will use a sequential numbering scheme from 27000 onwards. ISO/IEC 17799:2005 will later be renamed ISO/IEC 27002. A draft ISO/IEC 27000 standard is also under development, which will contain the basic principles and definitions and will be unified with popular IT management standards: COBIT and ITIL.
In early 2006, a new British national information security risk management standard, BS 7799-3, was adopted, which will subsequently receive an index of 27005. Work is also underway on standards for the implementation and measurement of the effectiveness of an ISMS, which will receive indices 27003 and 27004, respectively. of these international standards is planned for 2007.
History of BS 7799
According to the ISMS user group that maintains the international register of certificates, as of August 2006, more than 2800 organizations from 66 countries certified according to ISO 27001 (BS 7799) were registered in the world, including four Russian companies. Among the certified organizations are the largest IT companies, banking and financial sphere, enterprises of the fuel and energy complex and the telecommunications sector. It is expected that the number of certificate holders in Russia in 2007 will reach several dozen.
7799/17799/27001: for and against
BS 7799 has gradually become "the premier information security standard". However, when the first edition of the international standard ISO 17799 was discussed in August 2000 in ISO, consensus was hardly reached. The document caused a lot of criticism from representatives of the leading IT powers, who argued that it did not meet the basic criteria for international standards.
“It wasn't even possible to compare this document with all the other security work ever considered by ISO,” says Gene Troy, US representative on the ISO technical committee.
Several states at once, including the USA, Canada, France and Germany, opposed the adoption of ISO 17799. In their opinion, this document is good as a set of recommendations, but not as a standard. in the USA and European countries before 2000, a lot of work had already been done to standardize information security. “There are several different approaches to IT security. We believed that in order to get a truly acceptable international standard, all of them should be taken into consideration, instead of taking one of the documents and quickly agreeing on it. Troy says, “The main safety standard was presented as a fait accompli, and it was simply not possible to use the results of other work done in this area.”
Representatives of BSI objected that the works, about which in question, deal mainly with technical aspects, and BS 7799 has never been considered as a technical standard. Unlike other security standards such as Commonly Accepted Security Practices and Regulations (CASPR) or ISO 15408/Common Criteria, it defines the basic non-technical aspects of protecting information presented in any form. "It should be, as it is intended for all kinds of organizations and external environments," says BSI spokesman Steve Tyler. "It's an information security management document, not an IT product catalog."
Despite all objections, the authority of BSI (which is the founder of ISO, the main developer of international standards and the main certification body in the world) prevailed. An accelerated approval procedure was launched and the standard was soon adopted.
The main strength of ISO 17799 is its flexibility and versatility. The set of best practices described in it is applicable to almost any organization, regardless of ownership, type of activity, size and external conditions. It is neutral in terms of technology and always leaves the choice of technologies.
When questions arise: “Where to start?”, “How to manage information security?”, “What criteria should be audited against?” - this standard will help to determine the right direction and not lose sight of essential points. It can also be used as an authoritative source and one of the tools for "selling" security to the organization's management, defining criteria and justifying the cost of information security.
However, flexibility and versatility are also the "Achilles' heel" of this standard. Critics say ISO 17799 is too abstract and vaguely structured to be of real value. Insufficiently thorough application of it can give a false sense of security.
ISO 17799 describes measures to ensure safety in general view, but says nothing about the technical aspects of their implementation. For example, the standard recommends the use of access control mechanisms and defines specific technologies such as USB keys, smart cards, certificates, and so on. However, he does not consider the advantages and disadvantages of these technologies, features and methods of their application.
Alexander Astakhov
One of the first international information security management standards - the British standard BS 7799 - has long gone beyond the national framework. Its first part, BS 7799-1 "Practical rules for information security management" - was developed in 1995 by order of the British government by the British Standards Institute ( britishStandardsInstitution (BSI) starring commercial organizations, such as Shell, NationalWestminsterbank, midlandbank, Unilever, britishTelecommunications, Marks & Spencer, Logica and etc.
As the titles suggest, this document is a practical guide to managing information security in an organization, regardless of the profile of its practice. It describes 10 areas and 127 control mechanisms necessary to build an information security management system, identified on the basis of the best examples from world practice.
According to this standard, any security service, IT– the department, the management of the company must begin to work in accordance with the general regulations. It doesn't matter if we are talking about the protection of paper documents or electronic data.
In 1998, the second part of this British standard appeared - BS7799-2 “Information Security Management Systems. Specification and Application Guide”, which determined the general model for building an information security management system and a set of mandatory requirements for compliance with which certification should be carried out. With the advent of the second part of BS 7799, which determined what the information security management system should be, the active development of the certification system in the field of security management began. In 1999, both parts of BS7799 were revised and harmonized with the international standards for management systems ISO 9001 and ISO 14001, and a year later. The ISO technical committee adopted BS 7799-1 without change as the international standard ISO/IEC 17799:2000.
The second part of BS 7799 was revised in 2002, and at the end of 2005 ISO was adopted as an international standard ISO / IEC 27001:2005 "Information technology - Security methods - Information security management systems - Requirements". At the same time, the first part of the standard was also updated. With the release of ISO 27001, the information security management system specifications have acquired an international status, and now we should expect a significant increase in the role and prestige of an information security management system certified according to the ISO 27001 standard.
The 2700x family of international security management standards continues to evolve. According to ISO plans, it will include:
Standards that define the requirements for the information security management system;
risk management system;
Metrics and measurements of the effectiveness of control mechanisms;
Implementation Guide. This family of standards will use a sequential numbering scheme from 27000 onwards. ISO/IEC 17799:2005 will subsequently be renamed ISO/IEC 27002.
At the beginning of 2006, a new British national standard in the field of information security risk management BS 7799-3 was adopted, which later received the index 27005.
Currently British Standard BS 7799 supported in 27 countries of the world, including the countries of the British Commonwealth, as well as Sweden, the Netherlands, Russia.
However, it should be noted the original content of the standard BS 7799, which is still in use in a number of countries.
It consists of two parts.
Defined and considered the following aspects IB:
Security policy.
Defense organization.
Classification and management of information resources.
Personnel Management.
Physical security.
Administration of computer systems and networks.
System access control.
Development and maintenance of systems.
Organizational continuity planning.
Checking the system for compliance with IS requirements.
"Part 2: System Specifications" (1998)
Aspects listed in “ Parts 1” are considered in this part from the point of view of certification of an information system for compliance with the requirements of the standard.
Here, the possible functional specifications of corporate information security management systems will be determined from the point of
in terms of their verification for compliance with the requirements of the first part of this standard. In accordance with the provisions of this standard, regulates the procedure for auditing informationcorporate systems.
Additional guidance for managing information security is provided by the British Standards Institution guidelines − britishStandardsInstitution(BSI) http:// www. bsi- global. com/ published during the period 1995-2003 y.y. as the following series:
Introduction to the problem of information security management - Informationsecuritymanagement: anIntroduction.
Possibilities of certification to the requirements of the standard BS 7799 - preparationforBS 7799 certification.
Management BS 7799 for risk assessment and management - Guide to BS 7799 risk assessment and riskmanagement.
Are you ready for an audit to the requirements of the standard BS 7799- AreyoureadyforaBS 7799 audit?
Guidance for auditing the requirements of the standard - BS 7799 guidetoBS 7799 auditing.
Today, general issues of information security management of companies and organizations, as well as the development of security audits to meet the requirements of the standard BS 7799 handled by an international committee jointTechnicalCommitteeISO/ IECJTC 1 in collaboration with the British Standards Institution britishStandardsInstitution(BSI) – (www. bsi- global. com), and in particular the service UKAS (UnitedKingdomAccreditedService). The named service accredits organizations for the right to audit information security in accordance with the standard BSISO/ IEC 7799:2000 (BS 7799-1:2000) . The certificates issued by these bodies are recognized in many countries. Note that in the case of certification of a company according to the standards ISO 9001 or ISO 9002 standard BSISO/ IEC 7799:2000 (BS 7799-1:2000) allows you to combine information security system certification with certification for compliance with standards ISO 9001 or ISO/9002 both at the initial stage and during control checks. To do this, it is necessary to fulfill the condition of participation in the combined certification of a registered auditor according to the standard BSISO/ IEC 7799:2000 (BS 7799-1:2000). At the same time, joint testing plans should clearly indicate the procedures for checking the information security system, and certifying bodies should ensure the thoroughness of the information security check.
The British Standards Institute (BSI), with the participation of commercial organizations such as Shell, National Westminster Bank, Midland Bank, Unilever, British Telecommunications, Marks & Spencer, Logica, and others, developed an information security standard, which in 1995 was adopted as a national standard BS 7799 management of information security of the organization, regardless of the scope of the company.
In accordance with this standard, any security service, IT department, company management must begin to work in accordance with the general regulations. It doesn't matter if we are talking about the protection of paper documents or electronic data. Currently, the British Standard BS 7799 is supported in 27 countries, including the countries of the British Commonwealth, as well as Sweden and the Netherlands. In 2000, the ISO International Standards Institute based on the British BS 7799 developed and released the international security management standard ISO / IEC 17799. Today it can be argued that BS 7799 and ISO 17799 are one and the same standard, which today has worldwide recognition and status international ISO standard.
However, it should be noted the original content of the BS 7799 standard, which is still used in a number of countries. It consists of two parts.
· Security policy.
Organization of protection.
· Classification and management of information resources.
· Personnel Management.
· Physical security.
· Administration of computer systems and networks.
· Management of access to systems.
· Development and maintenance of systems.
Planning for the smooth operation of the organization.
Checking the system for compliance with IS requirements.
"Part 2: System Specifications"(1998) considers these same aspects in terms of certification information system to meet the requirements of the standard.
It defines possible functional specifications for corporate information security management systems in terms of their verification against the requirements of the first part of this standard. In accordance with the provisions of this standard, the procedure for auditing corporate information systems is also regulated.
Additional recommendations for information security management are contained in the British Standards Institution (BSI) http://www.bsi-giobal.com/, published in the period 1995-2003 in the following series:
· Introduction to the problem of information security management - Information security management: an introduction.
· Certification options for BS 7799 -Preparing for BS 7799 certification.
· Guide to BS 7799 risk assessment and risk management.
· Are you ready for a BS 7799 audit?
· Guidance for auditing requirements standard -BS 7799 Guide to BS 7799 auditing.
Today, the international Joint Technical Committee ISO/IEC JTC 1 together with the British Standards Institution (BSI) – (www.bsi-global .com), and in particular the UKAS (United Kingdom Accredited Service). The named service accredits organizations for the right to audit information security in accordance with the BS ISO/IEC 7799:2000 standard (BS 7799-1:2000). The certificates issued by these bodies are recognized in many countries.
Note that in the case of certification of a company according to ISO standards 9001 or ISO 9002 standard BS ISO/IEC 7799:2000 (BS 7799-1:2000) allows you to combine information security system certification with ISO 9001 or 9002 certification both at the initial stage and during control checks. To do this, you must fulfill the condition of participation in the combined certification of a registered auditor according to BS ISO/IEC 7799:2000 (BS 7799-1:2000). At the same time, joint testing plans should clearly indicate the procedures for checking the information security system, and certifying bodies should ensure the thoroughness of the information security check.
Loading...