DAIG  Information Assurance IA Update  COL Frederick Henry Chief, DAIG-IA Division  August 2008

DAIG Information Assurance IA Update COL Frederick Henry Chief, DAIG-IA Division August 2008 PowerPoint PPT Presentation

  • Uploaded on
  • Presentation posted in: General

Download Presentation

DAIG Information Assurance IA Update COL Frederick Henry Chief, DAIG-IA Division August 2008

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -

Presentation Transcript

1. Track 2, Session 4 DAIG Information Assurance (IA) Update COL Frederick Henry Chief, DAIG-IA Division August 2008

2. 2

3. Role of the Inspector General

4. Information Assurance (IA) Measures that protect and defend information and information systems by ensuring their Integrity, Confidentiality, Availability, Authentication, and Non-repudiation. These measures include providing for restoration of information systems by incorporating Protection, Detection, and Reaction capabilities.

5. 5 1. Conduct IA Compliance Inspections IG IA Division Mission

6. Organizational Structure 6

7. Re-Engineering IA Compliance

8. 8 4 Phase IA Compliance Model

9. 4 Phase IA Compliance Model Phase 1 (Conduct IA Self Assessment)

10. 4 Phase IA Compliance Model Phase 2 (Assistance)

11. 4 Phase IA Compliance Model Phase 3 (Compliance Validation)

12. Army IA Compliance Checklist Incident Handling IA Training and Certification Information Assurance Vulnerability Management (IAVM) Wireless Security Portable Electronic Devices (PED) Army Web Risk Content Management Personally Identifiable Information (PII) Protection

13. 4 Phase IA Compliance Model Phase 4 (Follow Up)

14. IA Compliance Strategy Reference Guide Senior Army Leadership The Adjutant Generals Commanders Garrison Commanders DOIMs Inspectors General IA and non-IA Community

16. FY08 Inspections

17. Inspection Activities 1st , 2nd and 3rd Qtr FY 08 Total Inspections: 14 AC: 10 RC: 3 ARNG: 2 USAR: 1 MWR: 1 DOIM: 9 Tenant Unit: 5 Units to Pass Inspection: 0

18. Functional Area Trends

19. Functional Area Risk Exposure

20. Interesting Trends

21. IA Program Management Not validating personnel security requirements Lack awareness of CIO/G-6 IA Best Business Practices (BBPs) Unfunded requirements in BBPs General lack of awareness and understanding of IA policy and procedures Systemic Findings

22. Systemic Findings IA Training & Certification DOD 8570.01-M Lack of understanding about IA position and personnel designation, certification, and training requirements Difficult to identifying proper amounts of funding Not using Army Training and Certification Tracking System (ATCTS)

23. FISMA No functional COOP COOP personnel not properly trained Portable Electronic Device (PED) Limited knowledge of Data At Rest (DAR) and Personnel Identifiable Information (PII) requirements Use of personal devices on Army systems Systemic Findings

24. Emerging Concerns Certification and Accreditation DIACAP requirements not understood Lack of guidance for the DIACAP Implementation Plan (DIP) Not allowing enough time for DIACAP process Not conducting annual review of IA controls Not following up on POA&Ms Wireless Security Misunderstanding and misuse of new wireless technologies and policies Systemic Findings


26. Way Ahead IA Self Assessments Trend data shows strong correlation between risk exposure and completion of the self assessment (Phase 1) Practical exercise at the new DOIM Course (Phase 1 & 2) DOIM Survey Approved for release by IMCOM; data compiled by DAIG Planning for FY 09 Inspection Schedule Align several inspections with the SDOIM Implementation effort Cover down in each component Annual IA Report Present IA findings/trends to SA Show correlation of findings from DOIM survey and systemic trends Target: 1 QTR FY 09

27. Contact Information COL Frederick Henry Chief, IA Division Cell (BB): 703 677-5713 Voice: 703 602-5992 NIPR: [email protected] SIPR: [email protected] Mr Don Watson Deputy Chief, IA Division Cell (BB): 703 459-3265 Voice: 703 602-8496 NIPR: [email protected] SIPR: [email protected]

28. Questions

29. 29

30. IA Personnel Structure

31. IA De-Confliction WG

32. IG IA Strategic Communications Stand-To articles (15 May 07) Interviews Inserts to publications TIG Bulletin IG IA Compliance Strategy Reference Guide DAIG IA Newsletter Briefings (conferences) LandWarNet Conference Tactical IA Conference Garrison CDR/CSM Conference NGB IT Conference IG Regional Conferences Working Groups (HQDA, DoD, and Joint)

  • Login