{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,8,2]],"date-time":"2025-08-02T18:01:09Z","timestamp":1754157669450,"version":"3.41.2"},"reference-count":7,"publisher":"Emerald","issue":"2","license":[{"start":{"date-parts":[[1998,5,1]],"date-time":"1998-05-01T00:00:00Z","timestamp":893980800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/www.emerald.com\/insight\/site-policies"}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[1998,5,1]]},"abstract":"<jats:p>Electronic commerce has become a reality, but unfortunately it is held back by the lack of information security associated with it. Business partners will have to prove to each other that they are adequately secured, before electronic commerce will really blossom. This can best be done through a scheme whereby information security can be evaluated and certified. To enable this, some international or generally accepted information security standard needs to act as a memorandum against which evaluation can be conducted. The British Standard, BS 7799, can fulfill this role as it is becoming very well known internationally. This paper proposes a scheme whereby information security, within an organization, can be evaluated against BS 7799 and certification can take place, if successful. This scheme will provide the mutual trust between business partners, as far as information security is concerned, that is required in electronic commerce.<\/jats:p>","DOI":"10.1108\/09685229810209397","type":"journal-article","created":{"date-parts":[[2007,4,13]],"date-time":"2007-04-13T10:16:37Z","timestamp":1176459397000},"page":"72-77","source":"Crossref","is-referenced-by-count":13,"title":["The evaluation and certification of information security against BS 7799"],"prefix":"10.1108","volume":"6","author":[{"given":"Lynette","family":"Barnard","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Rossouw","family":"von Solms","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"140","reference":[{"key":"key2022031620320480800_b1","unstructured":"British Standards Institute (1993, BS 7799: Code of Practice for Information Security Management (CoP). PD0003, UK.."},{"key":"key2022031620320480800_b2","unstructured":"Department of Defense (DoD) (1985, Department of defense trusted computer system evaluation criteria (TCSEC), Washington DC."},{"key":"key2022031620320480800_b3","unstructured":"Information Technology Security Evaluation Criteria (ITSEC)I (1990), Harmonised criteria of France, Germany, The Netherlands and the UK."},{"key":"key2022031620320480800_b4","unstructured":"Knight, J. (1995, Software Quality and ISO 9000 : Concepts, Short course notes for Software engineering applications laboratory at the Department of Electrical Engineering at the University of the Witwatersrand, Johannesburg, South Africa."},{"key":"key2022031620320480800_b5","unstructured":"Stalling, W. (1995, Networks and Internetwork Security, Prentice Hall, Englewood Cliffs, NJ."},{"key":"key2022031620320480800_b6","unstructured":"Von Solms, R. (1996, Computer security IV (CPS4002) [Course notes], Port Elizabeth Technikon, South Africa."},{"key":"key2022031620320480800_b7","doi-asserted-by":"crossref","unstructured":"Von Solms, R. (1997, \u201cDriving safely on the Information Superhighway\u201d, Information Management & Computer Security, Vol. 5 No. 1, pp. 20\u20102.","DOI":"10.1108\/09685229710168006"}],"container-title":["Information Management &amp; Computer Security"],"original-title":[],"language":"en","link":[{"URL":"http:\/\/www.emeraldinsight.com\/doi\/full-xml\/10.1108\/09685229810209397","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685229810209397\/full\/xml","content-type":"application\/xml","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/www.emerald.com\/insight\/content\/doi\/10.1108\/09685229810209397\/full\/html","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,7,25]],"date-time":"2025-07-25T00:09:47Z","timestamp":1753402187000},"score":1,"resource":{"primary":{"URL":"http:\/\/www.emerald.com\/ics\/article\/6\/2\/72-77\/178424"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[1998,5,1]]},"references-count":7,"journal-issue":{"issue":"2","published-print":{"date-parts":[[1998,5,1]]}},"alternative-id":["10.1108\/09685229810209397"],"URL":"https:\/\/doi.org\/10.1108\/09685229810209397","relation":{},"ISSN":["0968-5227"],"issn-type":[{"type":"print","value":"0968-5227"}],"subject":[],"published":{"date-parts":[[1998,5,1]]}}}