Information Assurance
From GovITwiki
Information Assurance (IA) is defined as measures that protect and defend information and information systems by ensuring their availability, integrity, authentication, confidentiality, and non-repudiation. This includes providing for restoration of information systems by incorporating protection, detection, and reaction capabilities
Information Assurance falls into the following broad categories.
- Planning
- Government IT Policy
- Architecture
- Services
- Certification and Accreditation
- Monitoring and Incident Response
- Enterprise Security Program Management
- Training and Education
It can also extend to things like enterprise architechture, information security, intrusion detection and response,network security mangement, vulnerability assessments, protection against phishing, Log Analysis, password rules and management, incident response, public key infrastructure (PKI) systems and management, VPN management, Spam filtering, data and database protection, detection and prevention of worms and viruses, FISMA compliance information sharing processes and rules, HIPAA compliance, communications security, firewall installation, configuration and management, computer forensics, insider threat monitoring and management, and continuity of operations (COOP).
Information technology governance is closely related.
