Use this URL to cite or link to this record in EThOS: https://ethos.bl.uk/OrderDetails.do?uin=uk.bl.ethos.731493
Title: Tackling the barriers to achieving Information Assurance
Author: Simmons, Andrea C.
ISNI:       0000 0004 6497 2431
Awarding Body: University of Wolverhampton
Current Institution: University of Wolverhampton
Date of Award: 2017
Availability of Full Text:
Access from EThOS:
Access from Institution:
Abstract:
This original, reflective practitioner study researched whether professionalising IA could be successfully achieved, in line with the UK Cyber Security Strategy expectations. The context was an observed changing dominant narrative from IA to cybersecurity. The research provides a dialectical relationship with the past to improve IA understanding. The Academic contribution: Using archival and survey data, the research traced the origins of the term IA and its practitioner usage, in the context of the increasing use of the neologism of cybersecurity, contributing to knowledge through historical research. Discourse analysis of predominantly UK government reports, policy direction, legislative and regulatory changes, reviewing texts to explore the functions served by specific constructions, mainly Information Security (Infosec) vs IA. The Researcher studied how accounts were linguistically constructed in terms of the descriptive, referential and rhetorical language used, and the function that serves. The results were captured in a chronological review of IA ontology. The Practitioner contribution: Through an initial Participatory Action Research (PAR) public sector case study, the researcher sought to make sense of how the IA profession operates and how it was maturing. Data collection from self-professed IA practitioners provided empirical evidence. The researcher undertook evolutionary work analysing survey responses and developed theories from the analysis to answer the research questions. The researcher observed a need to implement a unified approach to Information Governance (IG) on a large organisation-wide scale. Using a constructivist grounded theory the researcher developed a new theoretical framework - i3GRC™ (Integrated and Informed Information Governance, Risk, and Compliance) - based on what people actually say and do within the IA profession. i3GRC™ supports the required Information Protection (IP) through maturation from IA to holistic IG. Again, using PAR, the theoretical framework was tested through a private sector case study, the resultant experience strengthening the bridge between academia and practitioners.
Supervisor: Not available Sponsor: Not available
Qualification Name: Thesis (Ph.D.) Qualification Level: Doctoral
EThOS ID: uk.bl.ethos.731493  DOI: Not available
Keywords: Information Assurance (IA) ; IA Professionalism ; IA Practitioner ; Governance ; Risk and Compliance (GRC) ; Information Security ; Cyber Security ; History of Information Assurance
Share: