Information Assurance Program Compliance and Awareness
What is it? The Army Information Assurance (IA) Program (AR 25-2) is a unified approach to protect unclassified, sensitive, or classified information stored, processed, accessed, or transmitted by Army information systems, and is established to consolidate and focus Army efforts in securing that information, including its associated systems and resources, to increase the level of trust of this information and the originating source.
What is the Army doing? Due to recent events involving the compromise of sensitive information and information systems within the federal government, the Army Chief of Staff considers IA to be a significant operational readiness concern for the Army and has directed the Army Inspector General Agency (DAIG) to establish an IA Compliance Division to ensure that the total Army is implementing existing IA policy.
What continued efforts does the Army have planned for the future? The Army has developed a new IA compliance strategy which is comprised of four components: (1) Universal IA Compliance Checklist; (2) Four Phase Compliance Strategy: Self-Assessment, Assistance, Compliance and Validation, and Follow Up; (3) Leader Engagement; and (4) IA Compliance Awareness. The guidance and direction for the new IA compliance strategy will be addressed in a future Army CIO/G6 Best Business Practice. The CIO/G-6 has developed a web-based IA Self Assessment Virtual Training Tool that assists Army organizations in understanding and achieving IA compliance. This tool is a definitive and comprehensive IA compliance resource that empowers and educates both leaders and IA professionals through easy access to critical IA regulatory guidance. The Army Inspector General Information Assurance Division has developed the Army's IA compliance checklist which currently includes all of the questions from the IA Self Assessment Virtual Training Tool. This checklist will be used by DAIG for IA compliance inspections across the Army.
Why is this important to the Army? The Army must ensure information assurance in the face of increasing complexity, uncertainty, and interconnection brought about by an unprecedented reliance on technology to conduct Army operations. The Army faces insider and outsider threats which can potentially impact Army operations. To achieve a sustainable information assurance capability, the Army must make information assurance the responsibility of leaders at all levels who will exercise the authority, accountability, and resources to act and enforce compliance. Every member of the Total Army plays a vital role in ensuring information assurance as adversaries and other unauthorized personnel attempt to influence our personnel into either revealing information or acting in a manner that would result in unauthorized access to an Army information system, network, or sensitive information.
- 2007 Strategic Communication Guide - Be Army Strong, and Army Smart. Read the 2007 Army Strategic Communications Guide.