An Exploration of the Current State of Information Assurance Education
S. Cooper, C. Nickell, V. Piotrowski, B. Oldfield, A. Abdallah, M. Bishop, B. Caelli, M. Dark, E. Hawthorne, L. Hoffman, L. Pérez, C. Pfleeger, R. Raines, C. Schou, and J. Brynielsson, “An Exploration of the Current State of Information Assurance Education,” ACM SIGCSE Bulletin 41(4) pp. 109–125 (Dec. 2009).
- Published version web page, free at ACM Digital Library 
- Published version web page, paper paywalled at ACM Digital Library: [DOI] [URL]
- Authors’ final version:
Information Assurance and computer security are serious worldwide concerns of governments, industry, and academia. Computer security is one of the three new focal areas of the ACM/IEEE's Computer Science Curriculum update in 2008. This ACM/IEEE report describes, as the first of its three recent trends, “the emergence of security as a major area of concern.” The importance of Information Assurance and Information Assurance education is not limited to the United States. Other nations, including the United Kingdom, Australia, New Zealand, Canada, and other members from NATO countries and the EU, have inquired as to how they may be able to establish Information Assurance education programs in their own country.
The goal of this document is to explore the space of various existing Information Assurance educational standards and guidelines, and how they may serve as a basis for helping to define the field of Information Assurance. It was necessary for this working group to study what has been done for other areas of computing. For example, computer science (CS 2008 and associate-degree CS 2009), information technology (IT 2008), and software engineering (SE 2004), all have available curricular guidelines.
In its exploration of existing government, industry, and academic Information Assurance guidelines and standards, as well as in its discovery of what guidance is being provided for other areas of computing, the working group has developed this paper as a foundation, or a starting point, for creating an appropriate set of guidelines for Information Assurance education. In researching the space of existing guidelines and standards, several challenges and opportunities to Information Assurance education were discovered. These are briefly described and discussed, and some next steps suggested.