Definition The word "assurance", within the context of information systems security, can be thought of as a set of organizational policies and procedures that addresses all of the tasks required to guarantee the confidentiality, integrity and availability of an organization’s information assets. Confidentiality relates to keeping data and information from unauthorized disclosure. Integrity relates to the accuracy of information and Availability to timely access for authorized users. Organizations and individuals are expected to practice due diligence without hampering business operations.
Its Relevance: Organizations have a fiduciary responsibility to provide for the confidentiality, integrity and availability of information assets. Anything less would likely be considered as negligence in a lawsuit. There are, also, many federal and state laws and regulations that govern how the security of certain information assets are guaranteed. Failure to provide assurance is equal to failing to perform a fiduciary responsibility.
Return from "Assurance" to Words [A - C]