“Information Assurance is the science of managing the risks to information assets. More specifically, IA practitioners seek to protect the confidentiality, integrity, and availability of data and their delivery systems, whether the data are in storage, processing, or transit, and whether threatened by malice or accident. Information Assurance is closely related to information security and the terms are sometimes used interchangeably; however, IA’s broader connotation also includes reliability and emphasizes strategic risk management tools and tactics. In addition to defending against malicious hackers and viruses, IA includes other corporate governance issues such as privacy, compliance, audits, business continuity, and disaster recovery. Further, while information security draws primarily from computer science, IA is interdisciplinary and draws from fraud examination, forensic science, military science, management science, systems engineering, security engineering, and criminology in addition to computer science. Therefore, IA is best thought of as a superset of information security.” - From Wikipedia
The Holistic Approach - Central to our methodology is the use of the Holistic Information Security Practitioner (HISP) framework in the development of SAA’s clients ISO/IEC 27001:2005 Information Security Management System (ISMS). The HISP framework allows for the creation of an ISMS that integrates other industry accepted frameworks such as ITIL, COBIT and COSO with applicable regulatory compliance requirements, providing third part certification of organizational information security management practices and demonstrated compliance with regulations and standards that are directly relevant to the unique business environment.
The Core of Our Strategy:
Information Assurance & Holistic Information Security
