{"id":116,"date":"2023-11-22T23:20:51","date_gmt":"2023-11-22T23:20:51","guid":{"rendered":"http:\/\/10.1.250.135\/ozus\/?page_id=116"},"modified":"2023-11-23T15:58:27","modified_gmt":"2023-11-23T15:58:27","slug":"information-security-assessment-methodology","status":"publish","type":"page","link":"https:\/\/ozus.com\/index.php\/information-security-assessment-methodology\/","title":{"rendered":"Information Security Assessment Methodology"},"content":{"rendered":"\n<p>INFOSEC Assessment Methodology (IAM) is a detailed and systematic method for examining security vulnerabilities from an organizational perspective<br \/>as opposed to a only a technical perspective. Often overlooked are the processes, procedures, documentation, and informal activities that directly impact an organization&#8217;s overall security posture but that might not necessarily be technical in nature.<\/p>\n<p>NSA developed the IAM to give organizations a repeatable framework for conducting organizational types of assessments.<br \/>We can also provide clients, appropriate information on what to look for in an assessment provider.<\/p>\n<p>The IAM is also intended to rase awareness of the need for organizational types of assessment versus the purely technical type of assessment.<\/p>\n<p>National Security Agency&#8217;s IAM is a baseline measurement of the controls implemented to protect information that is transmitted, processed, or stored by a specific system.<br \/>Simplified, this is a measurement of the security posture of a system or organization.<br \/>[table id=1 \/]<\/p>\n<h3>Phases of the IAM<\/h3>\n<h1>Organizationl Information Criticality Matrix (OICM)<\/h1>\n<p>The OICM is based on the client decisions about the information types within their own organization that are<br \/>critical for the completion of their mission and meeting organizational goals.<\/p>\n<center><img decoding=\"async\" src=\"\/images\/_images\/content_sh1.png\" alt=\"-\" width=\"100%\" height=\"20\" \/><\/center>\n<h1>System Information Criticality<\/h1>\n<p>Defines those specific systems that process, transmit, or store the client&#8217;s critical information.<br \/>These are the key information systems that have the greatest impact on the client&#8217;s operations.<br \/>From a technical perspective, these are the systems that will be most focused on during any technical evaluations<br \/>that occour in conjuction with the IAM assessment process.<br \/>From a purely organizaitonal perspective, these are the systems that need the deepest scrutiny because the<br \/>compromise or complete loss of these particular information systems would most likely have a distinct and<br \/>often painful impact on the organization.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>INFOSEC Assessment Methodology (IAM) is a detailed and systematic method for examining security vulnerabilities from an organizational perspectiveas opposed to a only a technical perspective. Often overlooked are the processes, procedures, documentation, and informal activities that directly impact an organization&#8217;s overall security posture but that might not necessarily be technical in nature. NSA developed the &#8230; <a title=\"Information Security Assessment Methodology\" class=\"read-more\" href=\"https:\/\/ozus.com\/index.php\/information-security-assessment-methodology\/\" aria-label=\"Read more about Information Security Assessment Methodology\">Read more<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"footnotes":""},"class_list":["post-116","page","type-page","status-publish"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/ozus.com\/index.php\/wp-json\/wp\/v2\/pages\/116","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/ozus.com\/index.php\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/ozus.com\/index.php\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/ozus.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/ozus.com\/index.php\/wp-json\/wp\/v2\/comments?post=116"}],"version-history":[{"count":1,"href":"https:\/\/ozus.com\/index.php\/wp-json\/wp\/v2\/pages\/116\/revisions"}],"predecessor-version":[{"id":117,"href":"https:\/\/ozus.com\/index.php\/wp-json\/wp\/v2\/pages\/116\/revisions\/117"}],"wp:attachment":[{"href":"https:\/\/ozus.com\/index.php\/wp-json\/wp\/v2\/media?parent=116"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}