Definition The word "assurance", within the context of information security, can be thought of as a set of organizational policies and procedures that address all of the tasks required to guarantee the confidentiality, integrity and availability of an organization’s information assets.
Confidentiality relates to keeping data and information from unauthorized disclosure. Integrity relates to the accuracy of information and Availability to timely access for authorized users. Organizations and individuals are expected to practice due diligence without hampering business operations. Information "assurance" is obtained when the system has the characteristics of confidentiality, integrity and availability.
Its Relevance: . Business continuity would be impossible without providing for the confidentiality, integrity and availability of information assets. Also, many businesses and organization have a fiduciary responsibility to assure its information assets.. Anything less would likely be considered as negligence in a lawsuit. There are, also, many federal and state laws and regulations that govern how the security of certain information assets are guaranteed. Failure to provide assurance is equal to failing to perform a fiduciary responsibility.