Has anyone implemented the ISO17799 Toolkit. Were the questionnairs/checklist/policies etc. valuable, could they be used immediately or did they require lots of customization. I know there is no cookie cutter approach but I would like to know if the toolkit is a good approach or if doing the pieces individually make more sense.
