![]() | This article is rated Start-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||||||||||||||
|
![]() | Text and/or other creative content from this version of BS 7799 was copied or moved into ISO/IEC 27001 with this edit. The former page's history now serves to provide attribution for that content in the latter page, and it must not be deleted as long as the latter page exists. |
![]() | Text and/or other creative content from this version of ISO/IEC 27001:2005 was copied or moved into ISO/IEC 27001 with this edit. The former page's history now serves to provide attribution for that content in the latter page, and it must not be deleted as long as the latter page exists. |
![]() | Text and/or other creative content from this version of ISO/IEC 27001:2013 was copied or moved into ISO/IEC 27001 with this edit. The former page's history now serves to provide attribution for that content in the latter page, and it must not be deleted as long as the latter page exists. |
-- Perhaps someone could flesh this out with its history, as BS 7799-2 etal? 194.247.50.172 ( talk)
I'd like to know why someone keeps putting back the http://www.standardsdirect.org/iso17799.htm link? This link is NOT neutral, it belongs to a company that only distributes the standard for a profit. It makes me feel that it is the owner of that standard store that comes back top put the link back every time this link is removed. So the question I'm asking is why this specific standard store? Why not another one? There are several stores that sell standards, so why promote this one? Why not put a link to ISO's or BSI's standard store instead? At least, all the money would go to standard makers...—Preceding unsigned comment added by 10072osi ( talk • contribs) 03:30, 9 October 2008
No, I'm not a standard vendor, nor an employee of BSI or ISO. We don't need to have a financial interest in this to disagree with you. I just think Wikipedia should be neutral and not promote any specific vendor. StandardsDirect is a BSI reseller, out of several BSI standards resellers. It is unfair to the other resellers to put Standardsdirect there. The facts that it was the first one or has the same prices as others is not relevant to this. Do you see links to resellers of Cisco or Checkpoint products under the firewall Wikipedia page? No, because it wouldn't have its place there. Same thing here. ( Veridion) 18:53, 18 October 2008
Look at the history of this page - every time someone erases the StandardsDirect links, some nice soul comes back to put it back on. Someone is REALLY interested in maintaining this link there, and this is probably someone who's deriving revenues from this link. Otherwise, I just don't see why someone would spend so much effort to keep putting this link back in again and again over a period of years. Also, every time someone erases the StandardDirect link, someone comes back within HOURS, not days, HOURS, to put it back on. Someone is obviously monitoring this page and putting the StandardsDirect link back every time it gets erased.
I don't have a problem with the StandardsDirect guys making a living, but I just don't think Wikipedia is a place to get free advertisement. Otherwise, we end up with the same issue: why would Wikipedia support these guys rather than any other guys? If Wikipedia supports one standards reseller over any other, how to justify it? And that's the problem. Wikipedia, because it has to be an objective and neutral web-encyclopedia, cannot support any specifi organizations, unless they are the creator of the content, which is clearly not the case with StandardsDirect. StandardsDirect clearly is only a reseller, so Wikipedia cannot link to them. I don't sell standards (I do sell ISO 27001 training courses - but not in competition with StandardsDirect), I have nothing against standardsDirect, I'm just unhappy with the way they use Wikipedia as an advertisement tool. I think Wikipedia shouls either 1) not link to any standards reseller or 2) if it has to link to one, link to the original creators of the standard (either ISO or BSI) ( Veridion 02:33, 19 October 2008).
Second message to 81.159.231.84: I am not a standard vendor. To quote you earlier: Please be sure to substantiate before you make such remarks about anyone at all. ;) But that's beside the point: a vendor could rightfully complain that Wikipedia, a neutral encyclopedia is giving an unfair commercial advantage to StandardsDirect, and that would be a fair remark. Wikipedia can't be seen to promote one vendor over another.
Third message to 81.159.231.84: according to www.register.com, StandardsDirect was created in 2003:
BSI was selling the BS7799 standard online way before that. So I don't know where you got this line saying that that StandardsDirect was the first one, but they weren't. So this right to be in Wikipedia because they were the first is a fabrication: they weren't the first - BSI was. So following your logic, it should be BSI's site that should be linked on that page, not StandardsDirect ( Veridion03:35, 20 October 2008)
OK, I'll rephrase my previous comments: Someone who REALLY likes Standardsdirect is clearly using Wikipedia to provide it with extra visibility. Just to support my point, that someone who REALLY likes StandardsDirect has put links to its purchase page to the following wikipedia entries: ISO 10006, BS 25999, BS 7799, ISO/IEC 20000, ISO/IEC 27000-series and Business continuity planning. (veridion) —Preceding unsigned comment added by 12.38.54.70 ( talk) 20:53, 20 October 2008 (UTC)
I'm sorry that you find my squabbling tiresome, but I think this addresses a fundamental issue: should Wikipedia promote one vendor over others? If so, what should be the criteria? (veridion)
Also, am I the only one not aware of Wikipedia's rules regarding links ( Links_normally_to_be_avoided)? These rules clearly stipulate that the following are prohibiited:
Obviously, this is the case with the presence of StandardsDirect here (veridion). —Preceding unsigned comment added by 12.38.54.85 ( talk) 21:51, 21 October 2008 (UTC)
-- And its actual contents? 194.247.50.172 ( talk)
I removed the link to a standards purchase site, standardsdirect.org. See Wikipedia talk:WikiProject Spam/2008 Archive Nov 1#StandardsDirect.org for more about this site. As I see it, Wikipedia is not a directory and we're not here to help people sell things. Most of these standardsdirect.org links have been added by single purpose accounts who likely have a conflict of interest. See:
If an established, high-volume editor wants to add it back to the article, by all means go ahead. Otherwise, it stays out pending resolution at the spam discussion link above. -- A. B. ( talk • contribs) 00:40, 23 October 2008 (UTC)
The link to www.iso27000.org looks to me like yet another SD link, at least SD is promoted on that site.
More importantly, though, what happened to the original content on this page about what ISO/IEC 27001 is all about? It seems to have become a very brief introduction then a dubious description about the certification process, not about the standard itself. NoticeBored ( talk) 20:09, 2 January 2009 (UTC)
I see that a new page has been added called 'ISO/IEC 27001:2013' - and I question why this is a NEW page and not added to the current ISO/IEC 27001 page (which has newly been changed to 'ISO/IEC 27001:2005'). I think for the uninitiated having separate pages for each version of a standard will be confusing and unhelpful. Especially since it implies that the 2013 version is an entirely different entity from the 2005 version, which isn't the case. What do others think? Alkazzi ( talk) 09:06, 3 July 2013 (UTC)
I still don't see the merit in ISO/IEC 27001:2013 having its own page. This is a revision of the 2005 version of the same standard.
The changes are related to the new high level format, and less prescriptive information security risk management requirements allowing organizations to take a holistic/single approach to risk management across their organizations. Notwithstanding it is still ISO/IEC 27001: the same standard, with the same purpose, with the same history and background as the 2005 version. To treat it as a new and separate entity just adds confusion in my view.
Would it not be more useful to keep to one article which includes a section on the evolution of the standard, as per the ISO 9000 article? Otherwise you either duplicate the background information or require readers to bounce back and forth between articles to get the whole story - neither approach is very satisfactory, surely? Alkazzi ( talk) 09:41, 11 July 2013 (UTC)
See at 27 November, The two page are merged, but under the title of "ISO/IEC 27001:2013". Concerning the relationship, it should be more proper to be in name of "ISO 27001", be more generic. and the 2013 version is only one of the revision. And due to ISO revision cycle, there will be version 2018 soon. — Preceding unsigned comment added by 14.0.157.195 ( talk) 03:49, 27 November 2017 (UTC)
Picking up the discussion from above: the two articles "ISO/IEC 27001:2005" and "ISO/IEC 27001:2013" are merely describing several revisions of the same standard and should be merged into "ISO/IEC 27001". Hekerui ( talk) 19:51, 3 September 2017 (UTC)
I went forward with this merger. Hekerui ( talk) 09:35, 10 January 2018 (UTC)
![]() | This article is rated Start-class on Wikipedia's
content assessment scale. It is of interest to the following WikiProjects: | |||||||||||||||||||||||||||||||
|
![]() | Text and/or other creative content from this version of BS 7799 was copied or moved into ISO/IEC 27001 with this edit. The former page's history now serves to provide attribution for that content in the latter page, and it must not be deleted as long as the latter page exists. |
![]() | Text and/or other creative content from this version of ISO/IEC 27001:2005 was copied or moved into ISO/IEC 27001 with this edit. The former page's history now serves to provide attribution for that content in the latter page, and it must not be deleted as long as the latter page exists. |
![]() | Text and/or other creative content from this version of ISO/IEC 27001:2013 was copied or moved into ISO/IEC 27001 with this edit. The former page's history now serves to provide attribution for that content in the latter page, and it must not be deleted as long as the latter page exists. |
-- Perhaps someone could flesh this out with its history, as BS 7799-2 etal? 194.247.50.172 ( talk)
I'd like to know why someone keeps putting back the http://www.standardsdirect.org/iso17799.htm link? This link is NOT neutral, it belongs to a company that only distributes the standard for a profit. It makes me feel that it is the owner of that standard store that comes back top put the link back every time this link is removed. So the question I'm asking is why this specific standard store? Why not another one? There are several stores that sell standards, so why promote this one? Why not put a link to ISO's or BSI's standard store instead? At least, all the money would go to standard makers...—Preceding unsigned comment added by 10072osi ( talk • contribs) 03:30, 9 October 2008
No, I'm not a standard vendor, nor an employee of BSI or ISO. We don't need to have a financial interest in this to disagree with you. I just think Wikipedia should be neutral and not promote any specific vendor. StandardsDirect is a BSI reseller, out of several BSI standards resellers. It is unfair to the other resellers to put Standardsdirect there. The facts that it was the first one or has the same prices as others is not relevant to this. Do you see links to resellers of Cisco or Checkpoint products under the firewall Wikipedia page? No, because it wouldn't have its place there. Same thing here. ( Veridion) 18:53, 18 October 2008
Look at the history of this page - every time someone erases the StandardsDirect links, some nice soul comes back to put it back on. Someone is REALLY interested in maintaining this link there, and this is probably someone who's deriving revenues from this link. Otherwise, I just don't see why someone would spend so much effort to keep putting this link back in again and again over a period of years. Also, every time someone erases the StandardDirect link, someone comes back within HOURS, not days, HOURS, to put it back on. Someone is obviously monitoring this page and putting the StandardsDirect link back every time it gets erased.
I don't have a problem with the StandardsDirect guys making a living, but I just don't think Wikipedia is a place to get free advertisement. Otherwise, we end up with the same issue: why would Wikipedia support these guys rather than any other guys? If Wikipedia supports one standards reseller over any other, how to justify it? And that's the problem. Wikipedia, because it has to be an objective and neutral web-encyclopedia, cannot support any specifi organizations, unless they are the creator of the content, which is clearly not the case with StandardsDirect. StandardsDirect clearly is only a reseller, so Wikipedia cannot link to them. I don't sell standards (I do sell ISO 27001 training courses - but not in competition with StandardsDirect), I have nothing against standardsDirect, I'm just unhappy with the way they use Wikipedia as an advertisement tool. I think Wikipedia shouls either 1) not link to any standards reseller or 2) if it has to link to one, link to the original creators of the standard (either ISO or BSI) ( Veridion 02:33, 19 October 2008).
Second message to 81.159.231.84: I am not a standard vendor. To quote you earlier: Please be sure to substantiate before you make such remarks about anyone at all. ;) But that's beside the point: a vendor could rightfully complain that Wikipedia, a neutral encyclopedia is giving an unfair commercial advantage to StandardsDirect, and that would be a fair remark. Wikipedia can't be seen to promote one vendor over another.
Third message to 81.159.231.84: according to www.register.com, StandardsDirect was created in 2003:
BSI was selling the BS7799 standard online way before that. So I don't know where you got this line saying that that StandardsDirect was the first one, but they weren't. So this right to be in Wikipedia because they were the first is a fabrication: they weren't the first - BSI was. So following your logic, it should be BSI's site that should be linked on that page, not StandardsDirect ( Veridion03:35, 20 October 2008)
OK, I'll rephrase my previous comments: Someone who REALLY likes Standardsdirect is clearly using Wikipedia to provide it with extra visibility. Just to support my point, that someone who REALLY likes StandardsDirect has put links to its purchase page to the following wikipedia entries: ISO 10006, BS 25999, BS 7799, ISO/IEC 20000, ISO/IEC 27000-series and Business continuity planning. (veridion) —Preceding unsigned comment added by 12.38.54.70 ( talk) 20:53, 20 October 2008 (UTC)
I'm sorry that you find my squabbling tiresome, but I think this addresses a fundamental issue: should Wikipedia promote one vendor over others? If so, what should be the criteria? (veridion)
Also, am I the only one not aware of Wikipedia's rules regarding links ( Links_normally_to_be_avoided)? These rules clearly stipulate that the following are prohibiited:
Obviously, this is the case with the presence of StandardsDirect here (veridion). —Preceding unsigned comment added by 12.38.54.85 ( talk) 21:51, 21 October 2008 (UTC)
-- And its actual contents? 194.247.50.172 ( talk)
I removed the link to a standards purchase site, standardsdirect.org. See Wikipedia talk:WikiProject Spam/2008 Archive Nov 1#StandardsDirect.org for more about this site. As I see it, Wikipedia is not a directory and we're not here to help people sell things. Most of these standardsdirect.org links have been added by single purpose accounts who likely have a conflict of interest. See:
If an established, high-volume editor wants to add it back to the article, by all means go ahead. Otherwise, it stays out pending resolution at the spam discussion link above. -- A. B. ( talk • contribs) 00:40, 23 October 2008 (UTC)
The link to www.iso27000.org looks to me like yet another SD link, at least SD is promoted on that site.
More importantly, though, what happened to the original content on this page about what ISO/IEC 27001 is all about? It seems to have become a very brief introduction then a dubious description about the certification process, not about the standard itself. NoticeBored ( talk) 20:09, 2 January 2009 (UTC)
I see that a new page has been added called 'ISO/IEC 27001:2013' - and I question why this is a NEW page and not added to the current ISO/IEC 27001 page (which has newly been changed to 'ISO/IEC 27001:2005'). I think for the uninitiated having separate pages for each version of a standard will be confusing and unhelpful. Especially since it implies that the 2013 version is an entirely different entity from the 2005 version, which isn't the case. What do others think? Alkazzi ( talk) 09:06, 3 July 2013 (UTC)
I still don't see the merit in ISO/IEC 27001:2013 having its own page. This is a revision of the 2005 version of the same standard.
The changes are related to the new high level format, and less prescriptive information security risk management requirements allowing organizations to take a holistic/single approach to risk management across their organizations. Notwithstanding it is still ISO/IEC 27001: the same standard, with the same purpose, with the same history and background as the 2005 version. To treat it as a new and separate entity just adds confusion in my view.
Would it not be more useful to keep to one article which includes a section on the evolution of the standard, as per the ISO 9000 article? Otherwise you either duplicate the background information or require readers to bounce back and forth between articles to get the whole story - neither approach is very satisfactory, surely? Alkazzi ( talk) 09:41, 11 July 2013 (UTC)
See at 27 November, The two page are merged, but under the title of "ISO/IEC 27001:2013". Concerning the relationship, it should be more proper to be in name of "ISO 27001", be more generic. and the 2013 version is only one of the revision. And due to ISO revision cycle, there will be version 2018 soon. — Preceding unsigned comment added by 14.0.157.195 ( talk) 03:49, 27 November 2017 (UTC)
Picking up the discussion from above: the two articles "ISO/IEC 27001:2005" and "ISO/IEC 27001:2013" are merely describing several revisions of the same standard and should be merged into "ISO/IEC 27001". Hekerui ( talk) 19:51, 3 September 2017 (UTC)
I went forward with this merger. Hekerui ( talk) 09:35, 10 January 2018 (UTC)