Information systems security compliance in e-government

Stephen Smith, Rodger Jamieson, Hung Nguyen, Donald Winchester

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionResearchpeer-review

Abstract

The aim of this research paper is the development of a Fuzzy Logic model framed on Activity Theory to predict and benchmark compliance of Government agencies activities, with information systems security (ISS) standard, AS17799 (2006). The ISS standard has 10 main categories and 127 controls for which survey questions were asked in an online process. This project is a longitudinal study that commenced in 2002. The questions for the Fuzzy Logic project were piloted in August 2002, followed by three annual surveys from November 2002. The paper describes the development of an enhanced Fuzzy Logic model using Activity Theory. The results from the Fuzzy Logic model helped to focus attention and monitor the progress of agencies that appear unlikely to reach ISS compliance. The main contribution of this study is the simplification of a complex system guided by Activity Theory using a fuzzy logic tool for analysis of a large number of inputs across a large number of agencies. A practical contribution to the New South Wales Government was that the Fuzzy Logic tool removed the complexity in computation, saved time and resources. Our approach using Fuzzy Logic also permits input from expert's embracing an organisations human capital.
LanguageEnglish
Title of host publicationPACIS 2009 proceedings
Subtitle of host publication13th Pacific Asia Conference on Information Systems : IT services in a global environment
Place of PublicationIndia
PublisherAssociation for Information Systems
Pages1-13
Number of pages13
Publication statusPublished - 2009
EventPacific Asia Conference on Information Systems (13th : 2009) - Hyderabad, India
Duration: 10 Jul 200912 Jul 2009

Conference

ConferencePacific Asia Conference on Information Systems (13th : 2009)
CityHyderabad, India
Period10/07/0912/07/09

Fingerprint

Fuzzy logic
Information systems
Compliance
Large scale systems

Keywords

  • Dynamic Systems
  • e-Government
  • Fuzzy Logic
  • Information Systems (IS) Security

Cite this

Smith, S., Jamieson, R., Nguyen, H., & Winchester, D. (2009). Information systems security compliance in e-government. In PACIS 2009 proceedings: 13th Pacific Asia Conference on Information Systems : IT services in a global environment (pp. 1-13). India: Association for Information Systems.
Smith, Stephen ; Jamieson, Rodger ; Nguyen, Hung ; Winchester, Donald. / Information systems security compliance in e-government. PACIS 2009 proceedings: 13th Pacific Asia Conference on Information Systems : IT services in a global environment. India : Association for Information Systems, 2009. pp. 1-13
@inproceedings{97ff5754d76a416ea3bf05f301a7dc4c,
title = "Information systems security compliance in e-government",
abstract = "The aim of this research paper is the development of a Fuzzy Logic model framed on Activity Theory to predict and benchmark compliance of Government agencies activities, with information systems security (ISS) standard, AS17799 (2006). The ISS standard has 10 main categories and 127 controls for which survey questions were asked in an online process. This project is a longitudinal study that commenced in 2002. The questions for the Fuzzy Logic project were piloted in August 2002, followed by three annual surveys from November 2002. The paper describes the development of an enhanced Fuzzy Logic model using Activity Theory. The results from the Fuzzy Logic model helped to focus attention and monitor the progress of agencies that appear unlikely to reach ISS compliance. The main contribution of this study is the simplification of a complex system guided by Activity Theory using a fuzzy logic tool for analysis of a large number of inputs across a large number of agencies. A practical contribution to the New South Wales Government was that the Fuzzy Logic tool removed the complexity in computation, saved time and resources. Our approach using Fuzzy Logic also permits input from expert's embracing an organisations human capital.",
keywords = "Dynamic Systems, e-Government, Fuzzy Logic, Information Systems (IS) Security",
author = "Stephen Smith and Rodger Jamieson and Hung Nguyen and Donald Winchester",
year = "2009",
language = "English",
pages = "1--13",
booktitle = "PACIS 2009 proceedings",
publisher = "Association for Information Systems",
address = "United States",

}

Smith, S, Jamieson, R, Nguyen, H & Winchester, D 2009, Information systems security compliance in e-government. in PACIS 2009 proceedings: 13th Pacific Asia Conference on Information Systems : IT services in a global environment. Association for Information Systems, India, pp. 1-13, Pacific Asia Conference on Information Systems (13th : 2009), Hyderabad, India, 10/07/09.

Information systems security compliance in e-government. / Smith, Stephen; Jamieson, Rodger; Nguyen, Hung; Winchester, Donald.

PACIS 2009 proceedings: 13th Pacific Asia Conference on Information Systems : IT services in a global environment. India : Association for Information Systems, 2009. p. 1-13.

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionResearchpeer-review

TY - GEN

T1 - Information systems security compliance in e-government

AU - Smith, Stephen

AU - Jamieson, Rodger

AU - Nguyen, Hung

AU - Winchester, Donald

PY - 2009

Y1 - 2009

N2 - The aim of this research paper is the development of a Fuzzy Logic model framed on Activity Theory to predict and benchmark compliance of Government agencies activities, with information systems security (ISS) standard, AS17799 (2006). The ISS standard has 10 main categories and 127 controls for which survey questions were asked in an online process. This project is a longitudinal study that commenced in 2002. The questions for the Fuzzy Logic project were piloted in August 2002, followed by three annual surveys from November 2002. The paper describes the development of an enhanced Fuzzy Logic model using Activity Theory. The results from the Fuzzy Logic model helped to focus attention and monitor the progress of agencies that appear unlikely to reach ISS compliance. The main contribution of this study is the simplification of a complex system guided by Activity Theory using a fuzzy logic tool for analysis of a large number of inputs across a large number of agencies. A practical contribution to the New South Wales Government was that the Fuzzy Logic tool removed the complexity in computation, saved time and resources. Our approach using Fuzzy Logic also permits input from expert's embracing an organisations human capital.

AB - The aim of this research paper is the development of a Fuzzy Logic model framed on Activity Theory to predict and benchmark compliance of Government agencies activities, with information systems security (ISS) standard, AS17799 (2006). The ISS standard has 10 main categories and 127 controls for which survey questions were asked in an online process. This project is a longitudinal study that commenced in 2002. The questions for the Fuzzy Logic project were piloted in August 2002, followed by three annual surveys from November 2002. The paper describes the development of an enhanced Fuzzy Logic model using Activity Theory. The results from the Fuzzy Logic model helped to focus attention and monitor the progress of agencies that appear unlikely to reach ISS compliance. The main contribution of this study is the simplification of a complex system guided by Activity Theory using a fuzzy logic tool for analysis of a large number of inputs across a large number of agencies. A practical contribution to the New South Wales Government was that the Fuzzy Logic tool removed the complexity in computation, saved time and resources. Our approach using Fuzzy Logic also permits input from expert's embracing an organisations human capital.

KW - Dynamic Systems

KW - e-Government

KW - Fuzzy Logic

KW - Information Systems (IS) Security

M3 - Conference proceeding contribution

SP - 1

EP - 13

BT - PACIS 2009 proceedings

PB - Association for Information Systems

CY - India

ER -

Smith S, Jamieson R, Nguyen H, Winchester D. Information systems security compliance in e-government. In PACIS 2009 proceedings: 13th Pacific Asia Conference on Information Systems : IT services in a global environment. India: Association for Information Systems. 2009. p. 1-13