1.Information Assurance (IA) in the field of communication and information systems is the confidence that such systems will protect the information they handle and will function as they need to, when they need to, under the control of legitimate users.
2.Effective Information Assurance shall ensure appropriate levels of:
:
the guarantee that information is genuine and from bona fide sources;
:
the property of being accessible and usable upon request by an authorised entity;
:
the property that information is not disclosed to unauthorised individuals, entities or processes;
:
the property of safeguarding the accuracy and completeness of assets and information;
:
the ability to prove an action or event has taken place, so that this event or action cannot subsequently be denied.
3.IA shall be based on a risk management process.