An action research program to improve information systems security compliance across government agencies

Stephen Smith, Rodger Jamieson, Donald Winchester

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionResearchpeer-review

Abstract

Information Systems Security (ISSec) compliance is an important aspect of implementing e-government. This paper presents results from an action research project using longitudinal surveys as interventions to enhance understanding and improve security across the whole of the NSW government, in Australia. The ISO Standard AS/NZS ISO/IEC 17799:2001 Information Technology -Code of practice for information security management, was used a framework for developing the survey research instrument. The major findings are that this action research program led to an improvement in ISSec compliance by agencies, increased understanding and knowledge as agencies became more aware of ISSec issues, improved agencies ISSec policies and plans, as well as improved business continuity plans. This research is innovative as it is the first time that ISSec has been explored using an action research framework across whole of government.
LanguageEnglish
Title of host publicationProceedings of the 40th Annual Hawaii International Conference on System Sciences
Subtitle of host publication3-6 January, 2007, Big Island, Hawaii : abstracts and CD-ROM of full papers
EditorsRalph H. Sprague
Place of PublicationLos Alamitos, Calif.
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages1-10
Number of pages10
ISBN (Print)9780769527550
DOIs
Publication statusPublished - 2007
Externally publishedYes
EventAnnual Hawaii International Conference on System Sciences (40th : 2007) - Big Island, HI
Duration: 3 Jan 20076 Jan 2007

Conference

ConferenceAnnual Hawaii International Conference on System Sciences (40th : 2007)
CityBig Island, HI
Period3/01/076/01/07

Fingerprint

Information systems
Security of data
Information technology
Compliance
Industry

Cite this

Smith, S., Jamieson, R., & Winchester, D. (2007). An action research program to improve information systems security compliance across government agencies. In R. H. Sprague (Ed.), Proceedings of the 40th Annual Hawaii International Conference on System Sciences: 3-6 January, 2007, Big Island, Hawaii : abstracts and CD-ROM of full papers (pp. 1-10). Los Alamitos, Calif.: Institute of Electrical and Electronics Engineers (IEEE). https://doi.org/10.1109/HICSS.2007.58
Smith, Stephen ; Jamieson, Rodger ; Winchester, Donald. / An action research program to improve information systems security compliance across government agencies. Proceedings of the 40th Annual Hawaii International Conference on System Sciences: 3-6 January, 2007, Big Island, Hawaii : abstracts and CD-ROM of full papers. editor / Ralph H. Sprague. Los Alamitos, Calif. : Institute of Electrical and Electronics Engineers (IEEE), 2007. pp. 1-10
@inproceedings{e73d26e2ca2848c587cbc8a60b1140ab,
title = "An action research program to improve information systems security compliance across government agencies",
abstract = "Information Systems Security (ISSec) compliance is an important aspect of implementing e-government. This paper presents results from an action research project using longitudinal surveys as interventions to enhance understanding and improve security across the whole of the NSW government, in Australia. The ISO Standard AS/NZS ISO/IEC 17799:2001 Information Technology -Code of practice for information security management, was used a framework for developing the survey research instrument. The major findings are that this action research program led to an improvement in ISSec compliance by agencies, increased understanding and knowledge as agencies became more aware of ISSec issues, improved agencies ISSec policies and plans, as well as improved business continuity plans. This research is innovative as it is the first time that ISSec has been explored using an action research framework across whole of government.",
author = "Stephen Smith and Rodger Jamieson and Donald Winchester",
year = "2007",
doi = "10.1109/HICSS.2007.58",
language = "English",
isbn = "9780769527550",
pages = "1--10",
editor = "Sprague, {Ralph H.}",
booktitle = "Proceedings of the 40th Annual Hawaii International Conference on System Sciences",
publisher = "Institute of Electrical and Electronics Engineers (IEEE)",
address = "United States",

}

Smith, S, Jamieson, R & Winchester, D 2007, An action research program to improve information systems security compliance across government agencies. in RH Sprague (ed.), Proceedings of the 40th Annual Hawaii International Conference on System Sciences: 3-6 January, 2007, Big Island, Hawaii : abstracts and CD-ROM of full papers. Institute of Electrical and Electronics Engineers (IEEE), Los Alamitos, Calif., pp. 1-10, Annual Hawaii International Conference on System Sciences (40th : 2007), Big Island, HI, 3/01/07. https://doi.org/10.1109/HICSS.2007.58

An action research program to improve information systems security compliance across government agencies. / Smith, Stephen; Jamieson, Rodger; Winchester, Donald.

Proceedings of the 40th Annual Hawaii International Conference on System Sciences: 3-6 January, 2007, Big Island, Hawaii : abstracts and CD-ROM of full papers. ed. / Ralph H. Sprague. Los Alamitos, Calif. : Institute of Electrical and Electronics Engineers (IEEE), 2007. p. 1-10.

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionResearchpeer-review

TY - GEN

T1 - An action research program to improve information systems security compliance across government agencies

AU - Smith, Stephen

AU - Jamieson, Rodger

AU - Winchester, Donald

PY - 2007

Y1 - 2007

N2 - Information Systems Security (ISSec) compliance is an important aspect of implementing e-government. This paper presents results from an action research project using longitudinal surveys as interventions to enhance understanding and improve security across the whole of the NSW government, in Australia. The ISO Standard AS/NZS ISO/IEC 17799:2001 Information Technology -Code of practice for information security management, was used a framework for developing the survey research instrument. The major findings are that this action research program led to an improvement in ISSec compliance by agencies, increased understanding and knowledge as agencies became more aware of ISSec issues, improved agencies ISSec policies and plans, as well as improved business continuity plans. This research is innovative as it is the first time that ISSec has been explored using an action research framework across whole of government.

AB - Information Systems Security (ISSec) compliance is an important aspect of implementing e-government. This paper presents results from an action research project using longitudinal surveys as interventions to enhance understanding and improve security across the whole of the NSW government, in Australia. The ISO Standard AS/NZS ISO/IEC 17799:2001 Information Technology -Code of practice for information security management, was used a framework for developing the survey research instrument. The major findings are that this action research program led to an improvement in ISSec compliance by agencies, increased understanding and knowledge as agencies became more aware of ISSec issues, improved agencies ISSec policies and plans, as well as improved business continuity plans. This research is innovative as it is the first time that ISSec has been explored using an action research framework across whole of government.

U2 - 10.1109/HICSS.2007.58

DO - 10.1109/HICSS.2007.58

M3 - Conference proceeding contribution

SN - 9780769527550

SP - 1

EP - 10

BT - Proceedings of the 40th Annual Hawaii International Conference on System Sciences

A2 - Sprague, Ralph H.

PB - Institute of Electrical and Electronics Engineers (IEEE)

CY - Los Alamitos, Calif.

ER -

Smith S, Jamieson R, Winchester D. An action research program to improve information systems security compliance across government agencies. In Sprague RH, editor, Proceedings of the 40th Annual Hawaii International Conference on System Sciences: 3-6 January, 2007, Big Island, Hawaii : abstracts and CD-ROM of full papers. Los Alamitos, Calif.: Institute of Electrical and Electronics Engineers (IEEE). 2007. p. 1-10 https://doi.org/10.1109/HICSS.2007.58