Security Risk Analysis & Assessment, and ISO 27000 Compliance

ISO 17799





This is widely considered to be the ulitmate toolset for security risk professionals.

It can now be viewed on its own dedicated website:





Main Page
COBRA Benefits
COBRA Knowledge
ISO 17799
Module Manager
Evaluation Copy
COBRA Purchase
Contact Page



Buy It Here!


The Leading Security Risk Analysis and ISO 27000 Compliance Tool





ISO 17799 / BS7799 Compliance Checking Made Easy

BS7799, was first published in February 1995 as a comprehensive set of controls comprising best practices in information security. Since then it has grown steadily in influence and importance.

The standard is intended to serve as a single reference point for identifying a range of controls needed for most situations where information systems are used in industry and commerce, and to be used by large, medium and small organizations. It was significantly revised and improved in May 1999. In December 2000 it was published by ISO as ISO 17799.

With certification schemes firmly in place, ISO 17799 may ultimately become a benchmark against which all organizations will be measured. There have even been suggestions in some quarters of mandatory inclusion of an organization's ISO 17799 status within its annual returns/report.



The Standard

ISO17799 covers the whole gamut of information security issues. It consists of ten discrete core sections, each focusing upon a specific aspect (ranging from Systems Development to Business Continuity). Within these, the detailed standards and controls are documented and explained.


The Problem

Establishing your current position with respect to the standard is of course the first step to conformance. This can actually be much harder than may appear, and can be an intensive and costly exercise.

How do you measure your own ISO17799 compliance level? Thereafter, how should you plan and implement changes to improve this situation? In short, how do you shape up against it and what can you do to comply?


The Solution

COBRA ISO17799 Consultant is an integral part of the COBRA suite. It a knowledge based PC product designed to guide you through this exercise. It will carefully measure your compliance and situation, making specific recommendations where appropriate.

Through a series of questions with multiple choice responses, COBRA ISO17799 Consultant will take you through the whole of the standard. It will:


Establish your compliance level for each of the ten categories covered

Identify which additional controls can be applied to increase compliance and thus improve your security

Produce a comprehensive and professional report, in business format.


ISO17799 Consultant is extremely easy to use and requires no prior training. It is also flexible, focusing upon your individual needs and organizational culture. Unlike some other approaches, it is not just 'an electronic tick list'. In short, it delivers added value - containing real knowledge and expertise. It acts as a true consultant, but with unquestionable objectivity.

If you wish to gauge your position against the code, or simply wish to improve your security and compliance level, COBRA ISO17799 Consultant is the essential aid.


Product Modification

Through the optional Module Manager component/system, the facility is provided to tailor the system to unique individual requirements or company culture. The questions, reports, and underlying profiles and recommendations can all be readily changed using this system. Again, simplicity of use and flexibility is the key. The whole of the ISO 17799 knowledge base can be altered and adapted with ease.


Further Information

For more information on the COBRA SO17799 Consultant system, please contact contact us. Alternatively, to evaluate or trial the product, visit the COBRA download page.



business continuity plan   COBRA Purchase Page business continuity plan




    Return to Main Page


Main Page ] ISO 17799 Contents ]