Information Technology Reference
In-Depth Information
table 9.14 Applied iA
2
Summary: information infrastructure
IA
2
Topic
Description
Mechanism
Information infrastructure
Drivers
Protect the information infrastructure environment.
IA
2
view
Applicable IA
2
views: Information/data, infrastructure
(technical)
IA core principles
Applicable IA core principles:
Confidentiality-integrity-availability (CIA)
Possession-authenticity-utility (PAU)
Privacy-authorized use-nonrepudiation (PAN)
Includes the possession of the components (protect
against theft), ensuring of appropriate administration
(nonrepudiation of modifications to key infrastructure
components), and utility of infrastructure
Compliance
requirements
Legislative, policy, guidelines, government directives, or
other requirements specifically calling out or implying the
need to protect the information infrastructure
ELCM application
Applicable ELCM elements: Develop/acquire, implement,
test, deploy, train, O&M, retire
Verification
Formal C&A; discrete and aggregate testing of infrastructure
safeguards
Operations
Applicable IA operations cycle phases: Anticipate, defend,
monitor, respond
−
Organization
A distributed, multinational organization consisting of 90,000+
associates.
Sensitive information communicated across the organization's loca-
tions must be protected.
Physical site
Physically distributed within United States and throughout the world
with 600+ sites.
Many sites are not within Company X's control; they are customer
sites or rented offices in publicly accessible buildings.
Manage, track, and audit physical access to campuses, buildings, and
rooms.
Physical proximity to local or regional hazards.
Technical
Data
n
n
−
n
n
n
n
n
−
