An action research program to improve information systems security compliance across government agencies

Stephen Smith, Rodger Jamieson, Donald Winchester

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

16 Citations (Scopus)

Abstract

Information Systems Security (ISSec) compliance is an important aspect of implementing e-government. This paper presents results from an action research project using longitudinal surveys as interventions to enhance understanding and improve security across the whole of the NSW government, in Australia. The ISO Standard AS/NZS ISO/IEC 17799:2001 Information Technology -Code of practice for information security management, was used a framework for developing the survey research instrument. The major findings are that this action research program led to an improvement in ISSec compliance by agencies, increased understanding and knowledge as agencies became more aware of ISSec issues, improved agencies ISSec policies and plans, as well as improved business continuity plans. This research is innovative as it is the first time that ISSec has been explored using an action research framework across whole of government.
Original languageEnglish
Title of host publicationProceedings of the 40th Annual Hawaii International Conference on System Sciences
Subtitle of host publication3-6 January, 2007, Big Island, Hawaii : abstracts and CD-ROM of full papers
EditorsRalph H. Sprague
Place of PublicationLos Alamitos, Calif.
PublisherInstitute of Electrical and Electronics Engineers (IEEE)
Pages1-10
Number of pages10
ISBN (Print)9780769527550
DOIs
Publication statusPublished - 2007
Externally publishedYes
EventAnnual Hawaii International Conference on System Sciences (40th : 2007) - Big Island, HI
Duration: 3 Jan 20076 Jan 2007

Conference

ConferenceAnnual Hawaii International Conference on System Sciences (40th : 2007)
CityBig Island, HI
Period3/01/076/01/07

Fingerprint

Dive into the research topics of 'An action research program to improve information systems security compliance across government agencies'. Together they form a unique fingerprint.

Cite this