The rise of the Internet and internet-related technologies in the latter half of the 1990s and into the new millennium has changed, and continues to change, how businesses, organizations, and agencies conduct their business. Namely, the Internet and its related technologies have enabled organizations to:

• become more operationally efficient
• reduce operational cost
• increase revenue and profit
• deliver services and products to customers more quickly
• increase customer satisfaction and confidence

What hasn't changed is the need for accurate, timely and reliable information, without compromising any intellectual property or capital, to make the decisions necessary to achieve the desired business outcomes. Making "informed" business decisions is not a new concept, but it can be challenging if there is little or no assurance in the information at hand when a business decision needs to be made. Acting on bad information can be disruptive, if not catastrophic, to a business, and the chances of encountering bad information have been greatly increased through the widespread use of the Internet.

To counter the threat of bad information while still providing protection for intellectual property, businesses, organizations, and agencies are implementing information assurance solutions. Information assurance solutions attempt to guarantee accurate, timely and reliable information by addressing information requirements with respect to authentication, integrity, privacy, availability, and liability. Unfortunately, most of these solutions are technology-focused and don't address the real business risks that need to be mitigated. Additionally, some organizations believe that once an information assurance solution is deployed the job is complete and no further monitoring or maintenance is needed.

Instead, what is needed is a comprehensive information assurance solution development method that is 1) driven by business requirements, and 2) focused on mitigating business risk. In addition that method needs to provide a solution that can be deployed and operated within the existing business environment, monitored and maintained over time, and extended or adapted to meet changing business needs and risks.

A&N has developed a comprehensive information assurance solution method that meets the requirements noted above. We developed this method based on our long term relationship with the DoD and have tailored it to apply to any industry or market segment. The method forces a thought process to identify critical business requirements and risks before selecting, developing and deploying an information assurance solution. By following such a thought process, an organization can better justify its plans for deploying information assurance capabilities and ensure that those capabilities will meet real business needs and mitigate real business risks.

Please contact us for more information on our information assurance solution development method.