Date of Award


Document Type


Degree Name

Master of Science


Department of Systems Engineering and Management

First Advisor

Dennis D. Strouble, PhD


Today, the threats to information security and assurance are great. While there are many avenues for IT professionals to safeguard against these threats, many times these defenses prove useless against typical system users. Mandated by laws and regulations, all government agencies and most private companies have established information assurance (IA) awareness programs, most of which include user training. Much has been given in the existing literature to laying out the guidance for the roles and responsibilities of IT professionals and higher level managers, but less is specified for "everyday" users of information systems. This thesis attempts to determine the content necessary to educate system users of their roles and responsibilities for IA. Using the NIST Special Publication 800-50 as a guide, categories of threats and knowledge areas are established and the literature is analyzed and separated into the categories. The thesis closes with a comparison of the IA awareness training modules of the United State's Air Force and Defense Information Systems Agency and a discussion of areas of further research concerning IA awareness training.

AFIT Designator


DTIC Accession Number