Moving towards information system security accreditation within Australian state government agencies

Stephen Smith, Rodger Jamieson, Deborah Bunker, Donald Winchester

Research output: Contribution to conferenceConference paper

Abstract

This paper investigates the current status of Information System Security (ISS) within New South Wales State government agencies in Australia. A 3-year longitudinal survey was used to increase awareness and motivate ISS managers. In addition, the survey was used as a management tool to monitor compliance with ISS standard's controls (AS/NZS17799:2001). In 2004 an amendment to the standard added critical success factors (CSFs) as being necessary for an agency's movement to accreditation. An analysis of the CSFs results was undertaken to determine the status of an independently acting agency's security readiness and they were summarized to then provide an overall measure. This measure provided a 'benchmark' for an agency's security readiness to the standard's CSFs (AS/NZS17799:2004.AMDT). While the process for improving security based on CSFs is adequate, actual improvement in ISS across government requires further effort. This research contributes to the level of understanding of ISS compliance within e-Government.
Original languageEnglish
Pages2515-2524
Number of pages10
Publication statusPublished - 1 Dec 2008
Externally publishedYes
Event14th Americas Conference on Information Systems, AMCIS 2008 -
Duration: 1 Dec 2008 → …

Conference

Conference14th Americas Conference on Information Systems, AMCIS 2008
Period1/12/08 → …

Keywords

  • Critical success factors (CSFs)
  • De jure ISS standards
  • E-commerce
  • E-government
  • ISS standard AS/NZS17799:2004.AMDT (ISO 27001)
  • Information systems security (ISS)
  • International standards organization (ISO)
  • Longitudinal survey

Fingerprint

Dive into the research topics of 'Moving towards information system security accreditation within Australian state government agencies'. Together they form a unique fingerprint.

Cite this