Information Assurance (IA) ensures that the integrity, availability, confidentiality and authenticity of data and systems are protected during usage, processing, storage and transmission of information.

Below are the processes that help achieve IA:

1. Developing local policies, processes and guidelines.
2. Designing network and user authentication strategy.
3. Identifying network vulnerabilities and threats.
4. Identifying problems and resource requirements.
5. Creating plan for identified resource requirements.
6. Applying appropriate information assurance controls.
7. Performing certification and accreditation.
8. Providing information assurance training.

The Information Security Management Program

• It is a combination of well-defined policies, processes, procedures, standards and guidelines to establish the required level of information security.
• It enables business to operate in a state of reduced risk.
• Information Security Management Framework includes:
  1. Security Policy
  2. Roles and Responsibilities
  3. Security Guidelines and Framework
  4. Risk Management
  5. Technical Security Architecture
  6. Asset Classification
  7. Security Management and Operations
  8. Business Resilience
  9. Business Continuity Management
  10. Disaster Recovery
  11. Training and Awareness
  12. Security Metrics and Reporting
  13. Governance
  14. Compliance