Sample Essay on Information Assurance Security Plan

Information Assurance Security Plan


Information assurance is a practice that entails the maintenance of information integrity and safety, and management of risks that are linked to application, processing, storage and distribution of various kinds of data. Information has been associated with a variety of threats. All these have impacted adverse consequences for both clients and organization. The information assurance security plan will help in addressing the data safety requirements of Kemper Corporation, an organization that deals with the provision of different insurance covers for people within the United States of America.

Assessment of Risks

Kemper Corporation has a numerous data bases that hold private information of clients and stakeholders of the company. The information should be safeguarded from misuse or unauthorized access by any third party. As a result of advancement in technology, clients have been given the opportunity to access the services of the company online. Kemper Corporation has also been reported to focus its information assurance on specific systems and has not begun using enterprise approach on its information assurance security plan. Enterprise information assurance information system is whereby an organization makes all conclusive assessment of the whole networks of the company. The concentration on a particular system may not provide a decisive security strategy. There are also challenges faced by the organization when it comes to dealing with its own problems.

If the company does not focus on all the systems used in an enterprise approach, it will be faced with numerous Image 2challenges. One of them is that information risks are not consistently mitigated, thereby making some business activities too risky for the company. For example, Kemper Corporation may find that the management of data bases that hold the information of clients could be too dangerous and this could end up hindering the ability of the company to conduct assessment and verification of some of the data.

Enhancements in a single system are negatively impacted by errors in other networks. For example, the client information upgrades could be negatively influenced by the data systems of other stakeholders that have problems. This could be used by third parties for accessing the stakeholders’ information. Without the application of the enterprise approach, the poor cultural assumptions regarding security are not addresses. This could hamper the full implementation of the information assurance policies.

Key Information Assurance Considerations

Because of the fact that the company has a variety of information databases that are run through different systems, the information assurance concern should be improving the security through an enterprise level change instead of the traditional approach of the system level accreditation process. This can be linked to the fact that information systems generally have complex interconnections. This is an implication that securing the whole information system of the company through various inter-relations may be an attempt in futility by the organization. The entire company will only be fully secure when there are no weak links. Vulnerable units in various systems may prove to be quite expensive to the organization with regards to risks. The identification of the ideal investment opportunities and implementation of information assurance should be accorded an enterprise view.

Options for Kemper

An enterprise approach to information security for Kemper Corporation can take a variety of avenues. One of them is obtaining board level commitment for an enterprise strategy for data safety. This will be important in making sure that all departments involve their own information systems in addressing the information security system of the company.

There is also another option of using a business change framework. This can help in making sure that all business approaches are improved towards the achievement of new information assurance security. It will be critical in enabling all the departments and levels to adopt the new strategy of the organization regarding data safety. Besides, it will also make sure that the other activities of the company are simultaneously enhanced with the information assurance security.

The Information Technology of the organization should initiate plans for the identification, consultation and influencing the stakeholders. Even though the company has the responsibility of safeguarding the stakeholders’ information, the interested parties also have certain obligations to a particular degree. This will be critical in making sure that all stakeholders are involved in the information assurance security operations and plans for the organization.


The primary objective of the information assurance security plan should be that of securing information that could be used in harming the company. This is an implication that Kemper Corporation should see to it that all the information pertaining to its stakeholders is protected. This will only be attained if the company takes a holistic approach to the information security plan.

The organization should also make sure that all the stakeholders embrace the holistic approach. With this, all interested parties play their roles in ensuring that the projected goals of the information assurance security plan are met. This will be critical in enhancing the mitigation of all risks, and it could be achieved from different stakeholders.

See more at  .