High Table Logo Website

Home / ISO 27001 Glossary of Terms / BS 7799

BS 7799

11/09/2025

Author: Stuart Barker | ISO 27001 Expert and Thought Leader

BS 7799 Definition - ISO 27001 Glossary

BS 7799 is the British Standard that served as the original foundation for the entire ISO 27000 family of information security standards. Published by the British Standards Institution (BSI) in 1995, it was the first international-level framework for an Information Security Management System (ISMS). While the standard has since been withdrawn and replaced by its ISO counterparts, it is a crucial part of the history of ISO 27001.

Context

The BS 7799 standard was initially split into two main parts:

  • BS 7799-1: A Code of Practice for information security management, which evolved into ISO/IEC 27002. This document provides detailed guidance and controls.
  • BS 7799-2: The specification for an ISMS, which eventually became ISO/IEC 27001. This part is the certifiable standard that defines the requirements for an ISMS.

Why it matters

Understanding BS 7799 provides valuable historical context and shows the evolution of ISO 27001 from a British standard to a globally recognised framework. It also highlights that the core principles of information security management have remained consistent over time.

Tags:
Stuart Barker, ISO 27001 expert

Stuart Barker
ISO 27001 Expert and Thought Leader

ISO 27001 Toolkit Business Edition
ISO 27001 Jumpstart Kit
ISO 27001 Consultant Toolkit
Stuart Barker, ISO 27001 expert

About the author

Stuart Barker is an information security practitioner of over 30 years. He holds an MSc in Software and Systems Security and an undergraduate degree in Software Engineering. He is an ISO 27001 expert and thought leader holding both ISO 27001 Lead Implementer and ISO 27001 Lead Auditor qualifications. In 2010 he started his first cyber security consulting business that he sold in 2018. He worked for over a decade for GE, leading a data governance team across Europe and since then has gone on to deliver hundreds of client engagements and audits.

He regularly mentors and trains professionals on information security and runs a successful ISO 27001 YouTube channel where he shows people how they can implement ISO 27001 themselves. He is passionate that knowledge should not be hoarded and brought to market the first of its kind online ISO 27001 store for all the tools and templates people need when they want to do it themselves.

In his personal life he is an active and a hobbyist kickboxer.

His specialisms are ISO 27001 and SOC 2 and his niche is start up and early stage business.