We are independent & ad-supported. We may earn a commission for purchases made through our links.
Advertiser Disclosure
Our website is an independent, advertising-supported platform. We provide our content free of charge to our readers, and to keep it that way, we rely on revenue generated through advertisements and affiliate partnerships. This means that when you click on certain links on our site and make a purchase, we may earn a commission. Learn more.
How We Make Money
We sustain our operations through affiliate commissions and advertising. If you click on an affiliate link and make a purchase, we may receive a commission from the merchant at no additional cost to you. We also display advertisements on our website, which help generate revenue to support our work and keep our content free for readers. Our editorial team operates independently of our advertising and affiliate partnerships to ensure that our content remains unbiased and focused on providing you with the best information and recommendations based on thorough research and honest evaluations. To remain transparent, we’ve provided a list of our current affiliate partners here.
Security

Our Promise to you

Founded in 2002, our company has been a trusted resource for readers seeking informative and engaging content. Our dedication to quality remains unwavering—and will never change. We follow a strict editorial policy, ensuring that our content is authored by highly qualified professionals and edited by subject matter experts. This guarantees that everything we publish is objective, accurate, and trustworthy.

Over the years, we've refined our approach to cover a wide range of topics, providing readers with reliable and practical advice to enhance their knowledge and skills. That's why millions of readers turn to us each year. Join us in celebrating the joy of learning, guided by standards you can trust.

What Is Information Assurance?

By Kenneth W. Michael Wills
Updated: May 16, 2024
Views: 11,254
References
Share

Most organizations rely on information that is stored and accessed electronically, through any number of information systems and networks. With the storage and accessibility of critical information through electronic means comes inherent risk for how that information is stored and accessed, by whom and for what purposes. Information assurance (IA) is the term used to define the practices and processes involved in managing those associated risks to effectively mitigate potential damage. There are three commonly used models of information assurance, each building upon its predecessor. Those models include the CIA triad, the Five Pillars of IA, and the Parker’s Hexad model.

The CIA triad is considered the first model of information assurance introduced to define effective practices of assuring information security and integrity. Based on three main components of IA management, the CIA triad is aptly named due to its emphasis on confidentiality, integrity and availability at the core of the model. Many organizations, in particular military and civilian intelligence agencies in the United States, rely on the CIA triad to secure both the storage and access to sensitive data. While this model serves well as a foundation, it does miss out on some very important attributes to IA management. Subsequently, other models were developed to account for those dimensions.

Picking up where the CIA triad model leaves off, the Five Pillars model of information assurance adds a few other dimensions to the process and procedures designed to secure information. Mainly used by the Department of Defense in the United States and various other governmental organizations, those added dimensions include non-repudiation and authentication. Organizations outside of government tend to use a blended approach of both these models, usually placing emphasis on the components they feel are most important to their organizational mission. Many businesses, however, have seen it appropriate to incorporate a better-rounded model of managing information assurance risks, and thus the development of a third model.

Donn B. Parker is responsible for introducing the Parker’s Hexad Model of information assurance, which focuses on many of the same attributions, while adding an additional component and eliminating overlapping components. Six core attributes make up the model: confidentiality, possession, integrity, authenticity, availability and utility. Authenticity in this model, however, differs from the definition of authentication used by the Five Pillars model, referring to the validity of data at all times, rather than identifying and granting access to users. Although this model is not as prevalent in deployment, many organizations that rely on information that must be presented in its original format and content will often prefer it. Such organizations might include legal firms that need to ensure the evidence secured in cases has not been tampered with.

Share
EasyTechJunkie is dedicated to providing accurate and trustworthy information. We carefully select reputable sources and employ a rigorous fact-checking process to maintain the highest standards. To learn more about our commitment to accuracy, read our editorial process.
Link to Sources
Discussion Comments
By anon301450 — On Nov 04, 2012

The information provided in this article is exhaustive and I am confident it's going to enable me make informed and wise decisions concerning my choice for a career in this field.

Share
https://www.easytechjunkie.com/what-is-information-assurance.htm
Copy this link
EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.

EasyTechJunkie, in your inbox

Our latest articles, guides, and more, delivered daily.