ISATRP

Information Security Assurance Training and Rating Program

Please keep your contact information current.
Please contact isatrp@isatrp.org if you feel your information needs updating.

Information Security Info
Information Security Assurance

ISAM Info
ISAM Certified People
ISAM Certification Classes
CPE Requirements

ISRM Info
ISRM Certified People
ISRM Certification Classes
CPE Requirements

ISA-CMM Info
Rated Organizations
CMM Manual

Other IAM Certified People
IEM Certified People

IA Regulations Comments

Information Security Assurance

Information Security Assurance is a high-level review of the Information System Security posture of operational system(s) for the purpose of identifying potential vulnerabilities. Once identified, recommendations are provided for the elimination or mitigation of the vulnerability.

An Information Security Assessment is the first step in the vulnerability discovery triad. It provides the initial, organizational wide information security analysis, which provides invaluable information for risk management decisions such as the implementation of countermeasures and the focus of further information security analysis.

The Information Security Assessment is a three-phased process that will assist the customer to define missions, identify the criticality impacts to the information necessary to support those missions, identify potential vulnerabilities, and provide recommended countermeasures. The analysis is accomplished through the review of documentation (e.g., policies and procedures), interview with all levels of organization personnel, system demonstrations, and techncial evaluation (scanning).