Moving towards information system security accreditation within Australian State government agencies

Stephen Smith, Rodger Jamieson, Deborah Bunker, Donald Winchester

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review


This paper investigates the current status of Information System Security (ISS) within New South Wales State government agencies in Australia. A 3-year longitudinal survey was used to increase awareness and motivate ISS managers. In addition, the survey was used as a management tool to monitor compliance with ISS standard's controls (AS/NZS17799:2001). In 2004 an amendment to the standard added critical success factors (CSFs) as being necessary for an agency's movement to accreditation. An analysis of the CSFs results was undertaken to determine the status of an independently acting agency's security readiness and they were summarized to then provide an overall measure. This measure provided a 'benchmark' for an agency's security readiness to the standard's CSFs (AS/NZS17799:2004.AMDT). While the process for improving security based on CSFs is adequate, actual improvement in ISS across government requires further effort. This research contributes to the level of understanding of ISS compliance within e-Government.
Original languageEnglish
Title of host publicationAMCIS 2008 Proceedings
Place of PublicationUnited States
PublisherAIS Electronic Library (AISeL)
Number of pages10
Publication statusPublished - 2008
Externally publishedYes
EventAmericas' Conference on Information Systems (14th : 2008) - Toronto, Canada
Duration: 14 Aug 200817 Aug 2008


ConferenceAmericas' Conference on Information Systems (14th : 2008)
CityToronto, Canada


  • E-Government
  • e-Commerce
  • Information Systems Security (ISS)
  • Longitudinal Survey
  • de jure ISS standards
  • International Standards Organization (ISO)
  • ISS standard AS/NZS17799:2004.AMDT (ISO 27001)
  • Critical Success Factors (CSFs)

Fingerprint Dive into the research topics of 'Moving towards information system security accreditation within Australian State government agencies'. Together they form a unique fingerprint.

Cite this