So it’s interesting, yesterday, I was in a vendor presentation about Building Automation Systems (BAS) and cabling systems. On one of their slides, it talked about how their products meets the ISO standards (ISO 17799). Since I’ve been studying for my CISSP, I was thinking that I should know that one, but it was a 17799 number and I thought the security standards were ISO 27000 series. So, I figure it would be a great reminder and a refresher to look it up.
After looking it up, here are the facts to remember:
ISO 17799 = ISO 27002
ISO 17799 was renumbered in 2005 to ISO 27002 .
So that tells me that vendors just put numbers down to impress people, they really don’t know that it is an out of date standard and the standard should have been supersede by ISO 27002.
 E. Conrad, 11th Hour CISSP Study Guide, Syngress, Burlington, MA, 2011, pp 14.