2. WHAT IS IA?
Information assurance (IA) is the
practice of protecting against and
managing risk related to the use,
storage and transmission of data and
information systems. Information
assurance processes typically ensure
the following functions for data and
associated information systems.
3. Information assurance refers to the set of policies, process,
and controls that are implemented to ensure the
confidentiality, integrity, and availability of information. It
encompasses a broad range of practices, including risk
management, cybersecurity, data privacy, compliance, and
incident response.
The goal of information assurance is to protect sensitive and
valuable information from unauthorized access, use,
disclosure, or modification, and to ensure that the
information is accurate, reliable, and available when
needed.
Define Information
Assurance?
4. WHAT IS THE GOAL OF
INFORMATION ASSURANCE?
The purpose of IA is to reduce information risks by ensuring the information on which the
business makes decisions is reliable. This purpose is achieved by following:
Risk management: Businesses face legal fines and penalties if the information in the network
is compromised. IA enables risk assessment to identify vulnerabilities and the potential
impact on the business in terms of compliance, cost and operational continuity. The goal is to
mitigate potential threats.
Encryption at rest and in transit: IA mandates end-to-end encryption to protect privacy by
ensuring no human or computer can read data at rest and in transit except the intended
parties. The goal is to help businesses stay compliant with regulatory requirements and
standards.
Data integrity: Bad business decisions usually stem from bad data. IA focuses on auditing
data collection and tracking process, improving transparency in the organizational process.
The goal is to manage data in a way that a future audit can retrace the process, leading to
better decision-making.
5. THE 5 PILLARS OF INFORMATION
ASSURANCE
Integrity.
Availability.
Authentication.
Confidentiality.
Nonrepudiation.
5
6. • An assurance example includes an
organization that is transitioning from paper
records to digital records. This company
may have a policy and systems that provide
data protection, authorized access,
availability, confidentiality, and also audit
trails across all data formats.
WHAT IS AN EXAMPLE OF
INFORMATION ASSURANCE?