Scribd Logo
Upload

Welcome to Scribd!

  • IAS Lesson 1

    Uploaded by

    ROMMEL DORIN
    6 views23 pages
    The document outlines the objectives of an information assurance and security lesson which are to understand the differences between information assurance and security, explain the meaning and significance of information assurance, describe the two perspectives and three tendencies of organizations regarding information assurance, and discuss the challenges and security professionals related to information assurance. It provides introductory information on information security and assurance and explains key concepts.

    Original Description:

    Original Title

    IAS Lesson 1.pptx

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    The document outlines the objectives of an information assurance and security lesson which are to understand the differences between information assurance and security, explain the meaning and significance of information assurance, describe the two perspectives and three tendencies of organizations regarding information assurance, and discuss the challenges and security professionals related to information assurance. It provides introductory information on information security and assurance and explains key concepts.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    6 views23 pages

    IAS Lesson 1

    Uploaded by

    ROMMEL DORIN
    The document outlines the objectives of an information assurance and security lesson which are to understand the differences between information assurance and security, explain the meaning and significance of information assurance, describe the two perspectives and three tendencies of organizations regarding information assurance, and discuss the challenges and security professionals related to information assurance. It provides introductory information on information security and assurance and explains key concepts.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 23

    IAS: Information

    Assurance and
    Security
    Lesson 1
    CCS
    Outline

    At the end of this session the student should be


    able to:
    a. Understand and differentiate IA and IS
    b. Understand the meaning of IA and its
    significance relative to the operation of
    private and public organizations
    c. Explain the 2 perspective of IA
    d. Explain the 3 tendencies of organization with
    respect to IA

    CCS
    Introduction

    ▪ What is Information Security?


    ▪ What is Information Assurance?
    ▪ Why there is a need for these?

    CCS
    Introduction

    “Information assurance and


    security is the management and
    protection of knowledge,
    information, and data.”

    CCS
    Introduction

    ▪ Information assurance, which focuses on


    ensuring the availability, integrity,
    authentication, confidentiality, and
    non-repudiation of information and systems.
    ▪ These measures may include providing for
    restoration of information systems by
    incorporating protection, detection, and
    reaction capabilities.

    CCS
    Introduction

    ▪ Information security, which centers on the


    protection of information and information
    systems from unauthorized access, use,
    disclosure, disruption, modification, or
    destruction in order to provide
    confidentiality, integrity, and availability.

    CCS
    Introduction

    ▪ Information systems play an important


    role in the infrastructure that supports
    commerce,banking,telecommunication
    s, health care, and national security,
    driving the need for qualified
    information assurance and security
    specialists.

    CCS
    The Meaning & Significance of IA

    ▪ IA is the process for protecting


    and defending information by
    ensuring its confidentiality,
    integrity, and availability.
    ▪ IA involves protecting the rights of
    people and organizations.

    CCS
    2 Perspectives of IA

    ▪ First, IA can provide organizations


    with the ability to protect their own
    rights as entities to survive,
    coexist, and grow, since
    information is so integral to their
    management and operations.

    CCS
    2 Perspectives of IA

    ▪ Second, IA can provide


    organizations with the ability to
    protect the rights of other parties
    that support and interact with
    them.

    CCS
    3 Fundamental Tendencies

    ▪ Tendencies to perpetuate
    existence (survival)
    ▪ To integrate the functions of
    organizational parts (coexistence)
    ▪ To grow and develop (growth).

    CCS
    3 Fundamental Tendencies

    ▪ The organization’s tendency or


    drive to perpetuate its own
    existence (survival) results in its
    “technical” component or
    subsystem.

    CCS
    3 Fundamental Tendencies

    ▪ The organization’s tendency or


    drive to integrate its parts or
    functions results in its “political”
    component or subsystem.

    CCS
    3 Fundamental Tendencies

    ▪ The organization’s “cultural”


    component or subsystem results
    from its tendency or drive to grow
    and develop.

    CCS
    3 Fundamental Tendencies

    ▪ The “success” of an organization


    can be construed as the extent to
    which its rights can be protected
    to ensure that it can:

    CCS
    3 Fundamental Tendencies

    1. Technically produce a product or


    service that the environment
    values and is willing to “pay” for.
    This will ensure the organization’s
    survival.

    CCS
    3 Fundamental Tendencies

    2. Provide an internal political order that will


    permit work to be divided up and integrated
    such that each member feels he/she is
    valued and is making a meaningful
    contribution. This will promote coexistence
    by creating a common vision around which
    each member can manage him- or herself.

    CCS
    3 Fundamental Tendencies

    3. Provide a culture in which members


    share a common set of beliefs of the
    direction, movement, form, and substance
    needed to fulfill the needs of customers.
    This will ensure that the organization grows
    and develops at a pace commensurate with
    the needs it has emerged to fulfill (Cook
    and Smith, 1986).

    CCS
    Challenges

    ▪ Organizational Vulnerability to Chain


    Reactions of Environmental Events
    ▪ The Significant Rise and Criticality of
    Unstructured Information
    ▪ Expansion of the Use and Criticality of
    Organizations’ Intranets
    ▪ Increasing Public Concern for the Privacy of
    Information
    ▪ The Continuing Spread of Corporate
    Espionage

    CCS
    Security Professionals

    ▪ Chief Information Officer (CIO) An


    executive-level position that oversees the
    organization’s computing technology and
    strives to create efficiency in the processing
    and access of the organization’s information.

    CCS
    Security Professionals

    ▪ Chief Information Security Officer (CISO)


    Typically considered the top information
    security officer in an organization. The CISO
    is usually not an executive-level position, and
    frequently the person in this role reports to
    the CIO.

    CCS
    Security Professionals

    CCS
    Assignment:

    Research about the organizations


    (professional) local and abroad
    that deals with Information
    Security and Assurance.

    CCS

    You might also like