Abstract
This paper investigates the current status of Information System Security (ISS) within New South Wales State government agencies in Australia. A 3-year longitudinal survey was used to increase awareness and motivate ISS managers. In addition, the survey was used as a management tool to monitor compliance with ISS standard's controls (AS/NZS17799:2001). In 2004 an amendment to the standard added critical success factors (CSFs) as being necessary for an agency's movement to accreditation. An analysis of the CSFs results was undertaken to determine the status of an independently acting agency's security readiness and they were summarized to then provide an overall measure. This measure provided a 'benchmark' for an agency's security readiness to the standard's CSFs (AS/NZS17799:2004.AMDT). While the process for improving security based on CSFs is adequate, actual improvement in ISS across government requires further effort. This research contributes to the level of understanding of ISS compliance within e-Government.
Original language | English |
---|---|
Pages | 2515-2524 |
Number of pages | 10 |
Publication status | Published - 1 Dec 2008 |
Externally published | Yes |
Event | 14th Americas Conference on Information Systems, AMCIS 2008 - Duration: 1 Dec 2008 → … |
Conference
Conference | 14th Americas Conference on Information Systems, AMCIS 2008 |
---|---|
Period | 1/12/08 → … |
Keywords
- Critical success factors (CSFs)
- De jure ISS standards
- E-commerce
- E-government
- ISS standard AS/NZS17799:2004.AMDT (ISO 27001)
- Information systems security (ISS)
- International standards organization (ISO)
- Longitudinal survey