An action research program to improve information systems security compliance across government agencies

Stephen Smith; Rodger Jamieson; Donald Winchester

doi:10.1109/HICSS.2007.58

An action research program to improve information systems security compliance across government agencies

Stephen Smith, Rodger Jamieson, Donald Winchester

Research output: Contribution to conference › Conference paper

18 Citations (Scopus)

Abstract

Information Systems Security (ISSec) compliance is an important aspect of implementing e-government. This paper presents results from an action research project using longitudinal surveys as interventions to enhance understanding and improve security across the whole of the NSW government, in Australia. The ISO Standard AS/NZS ISO/IEC 17799:2001 Information Technology -Code of practice for information security management, was used a framework for developing the survey research instrument. The major findings are that this action research program led to an improvement in ISSec compliance by agencies, increased understanding and knowledge as agencies became more aware of ISSec issues, improved agencies ISSec policies and plans, as well as improved business continuity plans. This research is innovative as it is the first time that ISSec has been explored using an action research framework across whole of government.

Original language	English
Pages	99
Number of pages	1
DOIs	https://doi.org/10.1109/HICSS.2007.58
Publication status	Published - 1 Jan 2007
Externally published	Yes
Event	Proceedings of the Annual Hawaii International Conference on System Sciences - Duration: 1 Dec 2007 → …

Conference

Conference	Proceedings of the Annual Hawaii International Conference on System Sciences
Period	1/12/07 → …

Access to Document

10.1109/HICSS.2007.58

Cite this

@conference{90231964524c4c8284af8bfc782c0033,

title = "An action research program to improve information systems security compliance across government agencies",

abstract = "Information Systems Security (ISSec) compliance is an important aspect of implementing e-government. This paper presents results from an action research project using longitudinal surveys as interventions to enhance understanding and improve security across the whole of the NSW government, in Australia. The ISO Standard AS/NZS ISO/IEC 17799:2001 Information Technology -Code of practice for information security management, was used a framework for developing the survey research instrument. The major findings are that this action research program led to an improvement in ISSec compliance by agencies, increased understanding and knowledge as agencies became more aware of ISSec issues, improved agencies ISSec policies and plans, as well as improved business continuity plans. This research is innovative as it is the first time that ISSec has been explored using an action research framework across whole of government.",

author = "Stephen Smith and Rodger Jamieson and Donald Winchester",

year = "2007",

month = jan,

day = "1",

doi = "10.1109/HICSS.2007.58",

language = "English",

pages = "99",

note = "Proceedings of the Annual Hawaii International Conference on System Sciences ; Conference date: 01-12-2007",

}

TY - CONF

T1 - An action research program to improve information systems security compliance across government agencies

AU - Smith, Stephen

AU - Jamieson, Rodger

AU - Winchester, Donald

PY - 2007/1/1

Y1 - 2007/1/1

N2 - Information Systems Security (ISSec) compliance is an important aspect of implementing e-government. This paper presents results from an action research project using longitudinal surveys as interventions to enhance understanding and improve security across the whole of the NSW government, in Australia. The ISO Standard AS/NZS ISO/IEC 17799:2001 Information Technology -Code of practice for information security management, was used a framework for developing the survey research instrument. The major findings are that this action research program led to an improvement in ISSec compliance by agencies, increased understanding and knowledge as agencies became more aware of ISSec issues, improved agencies ISSec policies and plans, as well as improved business continuity plans. This research is innovative as it is the first time that ISSec has been explored using an action research framework across whole of government.

AB - Information Systems Security (ISSec) compliance is an important aspect of implementing e-government. This paper presents results from an action research project using longitudinal surveys as interventions to enhance understanding and improve security across the whole of the NSW government, in Australia. The ISO Standard AS/NZS ISO/IEC 17799:2001 Information Technology -Code of practice for information security management, was used a framework for developing the survey research instrument. The major findings are that this action research program led to an improvement in ISSec compliance by agencies, increased understanding and knowledge as agencies became more aware of ISSec issues, improved agencies ISSec policies and plans, as well as improved business continuity plans. This research is innovative as it is the first time that ISSec has been explored using an action research framework across whole of government.

U2 - 10.1109/HICSS.2007.58

DO - 10.1109/HICSS.2007.58

M3 - Conference paper

SP - 99

T2 - Proceedings of the Annual Hawaii International Conference on System Sciences

Y2 - 1 December 2007

ER -

An action research program to improve information systems security compliance across government agencies

Abstract

Conference

Access to Document

Fingerprint

Cite this