Date of Award
Master of Science
Department of Systems Engineering and Management
Dennis D. Strouble, PhD
Today, the threats to information security and assurance are great. While there are many avenues for IT professionals to safeguard against these threats, many times these defenses prove useless against typical system users. Mandated by laws and regulations, all government agencies and most private companies have established information assurance (IA) awareness programs, most of which include user training. Much has been given in the existing literature to laying out the guidance for the roles and responsibilities of IT professionals and higher level managers, but less is specified for "everyday" users of information systems. This thesis attempts to determine the content necessary to educate system users of their roles and responsibilities for IA. Using the NIST Special Publication 800-50 as a guide, categories of threats and knowledge areas are established and the literature is analyzed and separated into the categories. The thesis closes with a comparison of the IA awareness training modules of the United State's Air Force and Defense Information Systems Agency and a discussion of areas of further research concerning IA awareness training.
DTIC Accession Number
Frugé, John W., "Comparing Information Assurance Awareness Training for End-Users: A Content Analysis Examination of Air Force and Defense Information Systems Agency User Training Modules" (2008). Theses and Dissertations. 2854.