Implementation of Information Assurance Risk Management Training into Existing Department of the Navy Training Pipelines

With the implementation and continuing research on information systems such as Information Technology for the 21st Century (IT-21) Navy-Marine Corps Intranet (NMCI), and "Network-Centric warfare" there is little doubt that the Navy is becoming heavily dependent on information and information systems. Though much has been accomplished technically to protect and defend these systems an important security issue has thus far been overlooked the human factor. Information Assurance Risk Management (IARM) was a proposal to standardize the way DON personnel discuss, treat, and implement information assurance. IARM addresses the human security aspect of information and information systems in a regimented way to be understandable through all levels of the DON. To standardize the way DON personnel perceive information assurance, they must be taught what IARM is and how to use it. Can an IARM course be implemented in the DON, and if so, at what level and to whom should it be taught?Naval Postgraduate School Monterey CA is the author of 'Implementation of Information Assurance Risk Management Training into Existing Department of the Navy Training Pipelines', published 2002 under ISBN 9781423510864 and ISBN 1423510860.