Mission assurance

Mission Assurance is a full life-cycle engineering process to identify and mitigate design, production, test, and field support deficiencies of mission success.

1 Aspects of Mission Assurance
2 Mission Assurance and Information Assurance Implementation Conflicts
3 See also
4 References

Aspects of Mission Assurance

Mission Assurance includes the disciplined application of system engineering, risk management, quality, and management principles to achieve success of a design, development, testing, deployment, and operations process. Mission Assurance's ideal is achieving 100% customer success every time. Mission Assurance reaches across the enterprise, supply base, business partners, and customer base to enable customer success.^[1]

The ultimate goal of Mission Assurance is to create a state of resilience that supports the continuation of an agency's critical business processes and protects its employees, assets, services, and functions. Mission Assurance addresses risks in a uniform and systematic manner across the entire enterprise. ^[2]

Mission Assurance is an emerging cross-functional discipline that demands its contributors (project management, governance, system architecture, design, development, integration, testing, and operations) provide and guarantee their combined performance in use.^[3]

The United States Department of Defense 8500-series of policies has three defined mission assurance categories that form the basis for availability and integrity requirements. ^[4] ^[5] A Mission Assurance Category (MAC) is assigned to all DoD systems ^[6]. It reflects the importance of an information system for the successful completion of a DoD mission. It also determines the requirements for availability and integrity.

MAC I systems handle information vital to the operational readiness or effectiveness of deployed or contingency forces. Because the loss of MAC I data would cause severe damage to the successful completion of a DoD mission, MAC I systems must maintain the highest levels of both integrity and availability and use the most rigorous measure of protection.
MAC II systems handle information important to the support of deployed and contingency forces. The loss of MAC II systems could have a significant negative impact on the success of the mission or operational readiness. The loss of integrity of MAC II data is unacceptable; therefore MAC II systems must maintain the highest level of integrity. The loss of availability of MAC II data can be tolerated only for a short period of time, so MAC II systems must maintain a medium level of availability. MAC II systems require protective measures above industry best practices to ensure adequate integrity and availability of data.
MAC III systems handle information that is necessary for day-to-day operations, but not directly related to the support of deployed or contingency forces. The loss of MAC III data would not have an immediate impact on the effectiveness of a mission or operational readiness. Since the loss of MAC III data would not have a significant impact on mission effectiveness or operational readiness in the short term, MAC III systems are required to maintain basic levels of integrity and availability. MAC III systems must be protected by measures considered as industry best practices.

NASA's Process Based Mission Assurance Knowledge Based System is an implementation of Mission Assurance that provides "quick and easy access to critical Safety & Mission Assurance data... across all NASA programs and projects." ^[7]

Mission Assurance and Information Assurance Implementation Conflicts

In practice, the security-focused desires of Information Assurance (IA) to protect data and systems often conflicts with Mission Assurance 'get the job done' attitude. This conflict is largely eliminated when the focus of Information Assurance is bifurcated into (1) protecting the infrastructure and data, and (2) securely sharing information with authorized recipients.

References

^ "Mission Assurance - Gov't Needs To Manage Risk Differently in Face of New Operating Realities". Booz Allen Hamilton Inc on 8 Mar 04. http://www.boozallen.com/consulting-services/services_article/659316. Retrieved 2009-09-04.
^ "The Role of CMMI in Mission Assurance". John Grimm, Vice President of Engineering, Raytheon Intelligence and Information Systems, 16 Nov 04. http://www.dtic.mil/ndia/2004cmmi/CMMIGS/NDIARoleofCMMIinMA_final.pdf. Retrieved 2009-09-04.
^ "The Need for Mission Assurance". RAHUL GUPTA, PRTM, 2006. http://www.prtm.com/uploadedFiles/Strategic_Viewpoint/Articles/Article_Content/PRTM_The_Need.pdf. Retrieved 2009-09-04.
^ "Information Assurance Mission Assurance Category and Confidentiality Level". Department of Defense. https://www.mpm.osd.mil/documents/OUID051606_IACategory.pdf. Retrieved 2009-09-04.
^ "DoD Instruction 8500.2, Information Assurance (IA) Implementation, 2/6/2003". Department of Defense. http://www.dtic.mil/whs/directives/corres/pdf/850002p.pdf. Retrieved 2010-03-06.
^ "DIACAP Overview". Department of Defense. http://iase.disa.mil/eta/diacap/index.htm. Retrieved 2011-03-09.
^ "Process Based Mission Assurance Knowledge Based System". NASA. http://pbma.nasa.gov/pbma_main. Retrieved 2009-09-04.

Mission assurance

Contents

Aspects of Mission Assurance

Mission Assurance and Information Assurance Implementation Conflicts

See also

References