Audience and Purpose:
In this day and time when information is the key to success of individual and organizations, safeguarding the information system from possible attacks is indispensable. The protection methods used to assure that a system is hacker resistant are termed as information assurance. The purpose of this paper is to explain what information assurance is and why it is needed.
Without proper information assurance, we are constantly vulnerable to unwelcome attacks.
Information systems have become increasingly vulnerable today as more and more ways to attack have emerged. Miscreants would do anything to enter a system and access protected data. Thus it has become very more important to assure that systems have reliability, integrity and security in all respects.
Corporate sector is essentially at risk because of the vast amount of data that is entered on a regular basis. Most companies today are including information assurance in their risk management programs. It is even more important now than before to have businesses include risk management strategies that give top priority to information assurance.
The regulation of business and corporate risk management are inextricably linked. Regulation is one way in which risks are managed in modern societies and corporate risk management is a form of self-regulation... Systems of "enforced self-regulation" combine state and corporate regulation; they seek to penetrate the everyday life of the company and to harness its management tools in such a way as to align regulatory objectives and corporate strategy'.
Information assurance is required by all sectors but the level of protection required may differ. For example government systems might require highest degree of security while a home owned business may require lower security.
Information security is only a part of the piece in the provision of a reliable service. It cannot, therefore, be addressed separately. Different sectors use information differently and there needs to be an implicit recognition of this in the analysis of business processes."
The main purpose of having information assurance in any organization is to promote trust and confidence and thus system needs to be reliable, secure and private. IA is this concerned with maintenance of accuracy of the information and its protection, and encompasses such broad things as information security management, risk management and business continuity management.
It is important for organizations to embrace information assurance as not just an add-on but as an essential and integral part of the system. Thus the aim of IA should be develop a "culture of Information Assurance" in which all stakeholders, from junior employees through to the top management understand their responsibilities.
You’re 78% through this paper. Sign up to read the full paper.
Sign Up Now — Instant Access Already a member? Log inAlways verify citation format against your institution’s current style guide requirements.