I have been researching the origins of ISO27k, particularly the bit before it was launched as BS7799 in 1995, to complete the 'definitive history' on ISO27001security.com.
I dimly recall using an A5/booklet version of the Code of Practice for Information Security released by BSI DISC as PD003 in 1993, and an accompanying informational booklet PD005. I have also heard about but can't quite remember a "Users code of practice for security" released by the UK's National Computing Center (NCC) in the late 80s/early 90s, which I believe was largely derived from a Royal Dutch/Shell information security policy manual.
Does anyone reading this have copies of PD003, PD005, the NCC document or Shell's original policy manual, please, or other relevant information from that pre-1995 period? If so, please contact me (gary@isect.com). I'd really appreciate your help to set the record straight.
Thanks to Howard and Steve, I have been offered further information on the Shell input. I'm still looking for the early NCC and BSI DISC publications, purely for historical research purposes. TIA. Gary.
ReplyDelete