As a student of Information Technology, I am well aware of the importance of information assurance engineers in organizations. The topic of my research is well aligned with my major and future career. Hence, it makes me a potential stakeholder in arena of information assurance. In order to effectively study my proposed research questions and to fulfill the research aims and objectives; I personally took keen interest in the study and actively participated in the process.
The present study can be categorized as an “action research” because as a stakeholder; I was involved in the processes of data collection, interpretation and organization of the study. I chose a qualitative approach and conducted interviews. The questions asked in the interviews were carefully developed to bring out the required information from the respondents. Being a student of the course; I was aware of the basic concepts and principles in information assurance. It allowed me to develop relevant questions which would adequately answer the research questions as well as my queries on information assurance. The participants of the study were information assurance professionals; my interaction with them allowed me to gain an insight on the profession as well.
I have always been intrigued by the procedures employed in organizations for securing their networks. Due to my interest in network security and protection of information and data, I decided to study the “need of expert information assurance engineers” and developed my research on the notion. The process of protecting and securing data is vital to the well being of an organization. It is ensured by guaranteeing its availability, providing restoration for the information systems by integrating reaction, detection and protection capabilities.
In U.S, public regulations, law, directives and certain guidelines, procedures and policies about information system security has led in an increase of documentation. It has been cited in the conference presentations, periodicals, and audit reports, and has been understood by the professionals of information technology that individuals are one of the weakest sources in attempting to provide security to networks and systems (Joseph & Daniel, 2002). Concentrating on this human factor and mainly emphasizing on the technology is important to provide an appropriate and adequate security level. It has been proposed in several studies that an integrating approach for the information assurance process can help in producing a better investment's results (Schou & Shoemaker, 2006).
In contemporary business, information assurance issues are becoming very common. Often, these issues arise due to human errors by IT professionals. Professionals of information technology are needed to assure the compliance of their information systems with security and privacy laws, directives, regulations, and the external guidelines, procedures and policies. This challenge has been confronted by both private and public organizations. Information assurance initiative for each of the organization should make use of measures to defend and protect information systems and information by ensuring ...