Comparing Information Assurance Awareness Training for End-Users: A Content Analysis Examination of Air Force and Defense Information Systems Agency User Training Modules

reportActive / Technical Report | Accession Number: ADA482729 | Open PDF

Abstract:

Today, the threats to information security and assurance are great. While there are many avenues for IT professionals to safeguard against these threats, many times these defenses prove useless against typical system users. Mandated by laws and regulations, all government agencies and most private companies have established information assurance IA awareness programs, most of which include user training. Much has been given in the existing literature to laying out the guidance for the roles and responsibilities of IT professionals and higher level managers, but less is specified for everyday users of information systems. This thesis attempts to determine the content necessary to educate system users of their roles and responsibilities for IA. Using the NIST Special Publication 800-50 as a guide, categories of threats and knowledge areas are established and the literature is analyzed and separated into the categories. The thesis closes with a comparison of the IA awareness training modules of the United States Air Force and Defense Information Systems Agency and a discussion of areas of further research concerning IA awareness training.

Security Markings

DOCUMENT & CONTEXTUAL SUMMARY

Distribution:
Approved For Public Release
Distribution Statement:
Approved For Public Release; Distribution Is Unlimited.

RECORD

Collection: TR
Identifying Numbers
Subject Terms