Information assurance vulnerability assessment for identifying data quality based risks
As the Department of Defense (DoD) moves to create decision superiority through the use of network centric operations, decision-makers become increasingly exposed to data quality vulnerabilities that mimic integrity failures within the Information Assurance (IA) security program. This outcome is a result of the current IA enforcement mechanism known as Defense Information Assurance Certification and Accreditation Process (DIACAP) not begin designed to mitigate risks involving data quality (accuracy, relevance, timeliness, usability, completeness, brevity, and security) beyond those associated with security. Misconceptions and the uncertainty created by the inability of decision-makers to distinguish between poor quality data and breaches of IA integrity lead to a reduced trust of critical DoD information systems. This research presents a modified Action Research process to expand IA risk evaluation criteria beyond the current security paradigm with the purpose of identifying undocumented data quality based risks.