U.S. Government and Information Assurance

Name - Last, First

E-mail @ drexel.edu

Introduction

According to all security studies recently published, the regulatory compliance appears as one of the most important drivers in security spending, representing the bigger part of security operating costs. Regulatory compliance is very often mentioned to attest an improved performance and accountability in security mechanism and procedures. This paper aims to analyze the contribution of different laws, rules, regulations standards, frameworks related to the IT Security. This greatly helps the governments to access the information and secure the information that they do not want to share and have to keep it confidential. But in this order we will be explaining this concept of Information Security Assurance with respect to company's example. Compliance and conformity concepts in information security are discussed:

To enlighten the relationship between the regulatory compliance and the overall security level for a given organization

To reveal the importance of the regulatory compliance for the information security assurance.

Information Security and US Government

Information security means all those preventive and reactive man, organizations and technological systems that allow safeguard and protect the information seeking to maintain confidentiality, the availability and integrity of it. The concept of information security should not be confused with that of computer security, since the latter is only responsible for security in the computer environment, being able to find information in different ways or forms. For the man as an individual, information security has a significant effect on their privacy, which can take different dimensions depending on the culture of it (ISACA, 2008).

The field of information security has grown and evolved considerably since the Second World War, becoming a worldwide accredited career. This field offers many areas of specialization, including the audit of information systems planning, business continuity, digital forensics and administration of safety management systems, among others.

History of Information Security

Since time immemorial man has jealously guarded and protected their knowledge because of the advantage and power it gave him over other men or societies. In ancient times arise libraries, places where you could back up the data to transmit and to avoid others to obtain, thus some of the earliest examples of data protection.

Sun Tzu in The Art of War and Niccolo Machiavelli in The Prince points to the importance of information on adversaries and full knowledge of his purpose for making decisions (ISACA, 2008). During World War II it created most of the intelligence services of the world to gain valuable and influential, creating large networks of espionage. As a form of protection comes the counter. With the passing of the years to increase the scope of technology, care information has become crucial for people, organizations and societies.

Conception of the Information Security

In the information security is important to note that its management is based on the technology and we know that may be confidential, the information is centralized and can have a high value. May be disclosed, misused, be stolen, deleted or sabotaged. This affects their availability and threatening. Information is power, and according to the strategic possibilities ...