Information assurance (INAS)
The protection of systems and information in storage, processing, or transit from unauthorised access or modification. Denial of service to unauthorised users; or the provision of service to authorised users. Includes those measures necessary to detect, document and counter threats to the integrity of stored information, such as the application of firewalls and intrusion detection systems (IDS).
Level 3 Applies procedures to enhance resilience to unauthorised access. Recognises when an IT network/system has been attacked, can take immediate action to limit damage and escalates event to higher authority.
Level 4 Investigates suspected attacks and recommends remedial action.
Level 5 Develops procedures and implements the application of firewalls and IDS to improve network/system resilience.
Level 6 Protects and defends information and information systems by ensuring availability, integrity, authentication, confidentiality and non-repudiation. Provides for restoration of information systems by ensuring that protection, detection and reaction capabilities are incorporated.