| INFORMATION ASSURANCE |
An information system is the organized collection, processing, transmission, and dissemination of
information in accordance with defined procedures, whether automated or manual. It includes the
information stored on the system, as well as the hardware and software used to maintain the
information. The purpose of an comprehensive Information Assurance (IA) program is to protect
information systems from unauthorized access, modification, disclosure, or destruction
Information is one of the most valuable assets of a Federal or Private Sector Client. They have
invested millions of dollars to develop and use information assets, to fulfill their mission. A
comprehensive Information Assurance (IA) program requires substantial resources to categorize
information, provide information security services—to maintain the availability, integrity, and
confidentiality of information.
The four main goals of G. W. Integrity Systems, Inc., Information Assurance program for
information systems are to establish and maintain the availability, integrity, and confidentially of
information in those systems.
G.W. Integrity Systems demonstrates its commitment to its IA clients in this regard by the extent
to which we help them fulfill their obligatory requirements as it relates to the following:
There is one principle, however, that pertains to the stated requirements, individually as well as
when integrated toward the achievement of a secured enterprise: project activities must be
planned and managed and proven techniques employed with respect to each stage of a secured
environment. G.W. Integrity Systems demonstrates its commitment to its IA clients in this regard
by the extent to which we employ automated tools (Foundstone, Web Inspect, Snare and etc) and
techniques, including the following:
If you would like to learn more about how we can help. Let’s Talk.
information in accordance with defined procedures, whether automated or manual. It includes the
information stored on the system, as well as the hardware and software used to maintain the
information. The purpose of an comprehensive Information Assurance (IA) program is to protect
information systems from unauthorized access, modification, disclosure, or destruction
Information is one of the most valuable assets of a Federal or Private Sector Client. They have
invested millions of dollars to develop and use information assets, to fulfill their mission. A
comprehensive Information Assurance (IA) program requires substantial resources to categorize
information, provide information security services—to maintain the availability, integrity, and
confidentiality of information.
The four main goals of G. W. Integrity Systems, Inc., Information Assurance program for
information systems are to establish and maintain the availability, integrity, and confidentially of
information in those systems.
- Availability refers to the ability of the Program Manager and all authorized users to access
the information to complete a function. Availability is essential to information that must
be accessible on a timely basis to meet mission requirements or avoid substantial losses.
Controls to protect the availability of information are required, if the information is
critical to corporate functions.
- Integrity refers to accuracy or completeness of the information, or the information adheres
to standards values. Information must be protected from unauthorized, unanticipated, or
unintentional modification or destruction. Integrity is important to all information-
inaccuracy compromises the value of the information system.
- Confidentiality refers to preventing the disclosure of the information. Information must
be protected from unauthorized or accidental disclosure.
- Cost Effective IA program mangers should balance resources applied to protective
techniques to protect information and control risks with the potential value of loss if no
action were taken. While it is often difficult to assign a dollar value to information,
Program Managers must balance the potential impact of losses on the company's mission
when priorities for allocation of organizational resources.
G.W. Integrity Systems demonstrates its commitment to its IA clients in this regard by the extent
to which we help them fulfill their obligatory requirements as it relates to the following:
- DIACAP (Policies: PL 100-235, DoDD 8500.1, DoDI 8500.2 & DoD 8500.1/2
- FIPS Publication 199 (Security Categorization),
- FIPS Publication 200 (Minimum Security Requirements),
- NIST Special Publication 800-18, Rev 1 (Security Planning),
- NIST Special Publication 800-26, Rev 1 (Reporting Formats),
- NIST Special Publication 800-30 (Risk Management),
- NIST Special Publication 800-37 (Certification & Accreditation),
- NIST Special Publication 800-53 (Recommended Security Controls),
- NIST Special Publication 800-53A (Security Control Assessment),
- NIST Special Publication 800-59 (National Security Systems),
- NIST Special Publication 800-60 (Security Category Mapping),
- Homeland Security Presidential Directive #7 Critical Infrastructure Identification,
Prioritization, and Protection, and - OMB Circular A-130 (Appendix III) Security of Federal Automated Information Resources.
There is one principle, however, that pertains to the stated requirements, individually as well as
when integrated toward the achievement of a secured enterprise: project activities must be
planned and managed and proven techniques employed with respect to each stage of a secured
environment. G.W. Integrity Systems demonstrates its commitment to its IA clients in this regard
by the extent to which we employ automated tools (Foundstone, Web Inspect, Snare and etc) and
techniques, including the following:
- Enterprise Mission Assurance Support System (eMASS),
- ASSERT,
- Security Testing & Evaluation (ST&E),
- POA&M Categorization,
- Risk Analysis,
- Contingency Plan Development,
- Business Resumption Plan Development,
- Security Awareness and Training, and
- SAS 70 Type II.
If you would like to learn more about how we can help. Let’s Talk.
 | |  | |  | |  |
Information Assurance (IA)
G.W. Integrity Systems, Inc
Management & Technology
Consultants
GregoryWaters@gwisinc.com
240.535.9644
©2007 All rights reserved.
Legal Disclaimer and Privacy
Management & Technology
Consultants
GregoryWaters@gwisinc.com
240.535.9644
©2007 All rights reserved.
Legal Disclaimer and Privacy
Anchored in Integrity