What is Assurance?


"Having security mechanisms in place does not prevent your system from being vulnerable"

"A number of security incidents have been reported even on highly protected systems"

"Are deployed security mechanisms protecting your assets? Assurance evaluation will give you the response!"


European Council Council of the European Union
Information assurance in the field of communication and information systems is defined as the confidence that such systems will protect the information they handle and will function as they need to, when they need to, under the control of legitimate users. Effective information assurance must ensure appropriate levels of confidentiality, integrity, availability, non-repudiation and authenticity. (European Council)
 
ISACA
Assurance is defined as the degree of confidence that the security needs of a system are satisfied. (US National Institute of Standards and Technology (NIST), NIST Internal Report (NISTIR) 5472 A Head Start on Assurance: Proceedings of an Invitational Workshop on Information Technology (IT) Assurance and Trustworthiness, USA, 1994) Assurance does not add any additional controls to counter risks related to security, but it does provide confidence that the controls that have been implemented will reduce the anticipated risk. Assurance can also be viewed as the confidence that the safeguards will function as intended. (ISO, ISO/IEC 21827:2002 Information technology — Systems Security Engineering—Capability Maturity Model® (SSE-CMM®), Switzerland, 2002)
 
ISO
Quality assurance (QA) A planned and systematic pattern of all actions necessary to provide adequate confidence that an item or product conforms to established technical requirements (ISO/IEC24765)
 

moon-cloud assurance

The assurance provided by moon-cloud is based on evidence continuously captured on the system. Evidence are the results of the moon-cloud monitoring and testing activities and can be made available to the moon-cloud user for deep inspection. Moon-cloud assurance guarantees that system requirements in terms of security and performance are continuously meet.

What do you gain form moon-cloud assurance?

  • Better Security control and system stability

  • Deep continuous control of the security landscape

  • State of the art audit tool