Moving towards information system security accreditation within Australian State government agencies

Stephen Smith, Rodger Jamieson, Deborah Bunker, Donald Winchester

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionResearchpeer-review

Abstract

This paper investigates the current status of Information System Security (ISS) within New South Wales State government agencies in Australia. A 3-year longitudinal survey was used to increase awareness and motivate ISS managers. In addition, the survey was used as a management tool to monitor compliance with ISS standard's controls (AS/NZS17799:2001). In 2004 an amendment to the standard added critical success factors (CSFs) as being necessary for an agency's movement to accreditation. An analysis of the CSFs results was undertaken to determine the status of an independently acting agency's security readiness and they were summarized to then provide an overall measure. This measure provided a 'benchmark' for an agency's security readiness to the standard's CSFs (AS/NZS17799:2004.AMDT). While the process for improving security based on CSFs is adequate, actual improvement in ISS across government requires further effort. This research contributes to the level of understanding of ISS compliance within e-Government.
LanguageEnglish
Title of host publicationAMCIS 2008 Proceedings
Place of PublicationUnited States
PublisherAIS Electronic Library (AISeL)
Pages1-10
Number of pages10
Publication statusPublished - 2008
Externally publishedYes
EventAmericas' Conference on Information Systems (14th : 2008) - Toronto, Canada
Duration: 14 Aug 200817 Aug 2008

Conference

ConferenceAmericas' Conference on Information Systems (14th : 2008)
CityToronto, Canada
Period14/08/0817/08/08

Fingerprint

Accreditation
Information systems
Managers

Keywords

  • E-Government
  • e-Commerce
  • Information Systems Security (ISS)
  • Longitudinal Survey
  • de jure ISS standards
  • International Standards Organization (ISO)
  • ISS standard AS/NZS17799:2004.AMDT (ISO 27001)
  • Critical Success Factors (CSFs)

Cite this

Smith, S., Jamieson, R., Bunker, D., & Winchester, D. (2008). Moving towards information system security accreditation within Australian State government agencies. In AMCIS 2008 Proceedings (pp. 1-10). United States: AIS Electronic Library (AISeL).
Smith, Stephen ; Jamieson, Rodger ; Bunker, Deborah ; Winchester, Donald. / Moving towards information system security accreditation within Australian State government agencies. AMCIS 2008 Proceedings. United States : AIS Electronic Library (AISeL), 2008. pp. 1-10
@inproceedings{aff8528e2efc4ab18099313d09273d9f,
title = "Moving towards information system security accreditation within Australian State government agencies",
abstract = "This paper investigates the current status of Information System Security (ISS) within New South Wales State government agencies in Australia. A 3-year longitudinal survey was used to increase awareness and motivate ISS managers. In addition, the survey was used as a management tool to monitor compliance with ISS standard's controls (AS/NZS17799:2001). In 2004 an amendment to the standard added critical success factors (CSFs) as being necessary for an agency's movement to accreditation. An analysis of the CSFs results was undertaken to determine the status of an independently acting agency's security readiness and they were summarized to then provide an overall measure. This measure provided a 'benchmark' for an agency's security readiness to the standard's CSFs (AS/NZS17799:2004.AMDT). While the process for improving security based on CSFs is adequate, actual improvement in ISS across government requires further effort. This research contributes to the level of understanding of ISS compliance within e-Government.",
keywords = "E-Government, e-Commerce, Information Systems Security (ISS), Longitudinal Survey, de jure ISS standards, International Standards Organization (ISO), ISS standard AS/NZS17799:2004.AMDT (ISO 27001), Critical Success Factors (CSFs)",
author = "Stephen Smith and Rodger Jamieson and Deborah Bunker and Donald Winchester",
year = "2008",
language = "English",
pages = "1--10",
booktitle = "AMCIS 2008 Proceedings",
publisher = "AIS Electronic Library (AISeL)",

}

Smith, S, Jamieson, R, Bunker, D & Winchester, D 2008, Moving towards information system security accreditation within Australian State government agencies. in AMCIS 2008 Proceedings. AIS Electronic Library (AISeL), United States, pp. 1-10, Americas' Conference on Information Systems (14th : 2008), Toronto, Canada, 14/08/08.

Moving towards information system security accreditation within Australian State government agencies. / Smith, Stephen; Jamieson, Rodger; Bunker, Deborah; Winchester, Donald.

AMCIS 2008 Proceedings. United States : AIS Electronic Library (AISeL), 2008. p. 1-10.

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionResearchpeer-review

TY - GEN

T1 - Moving towards information system security accreditation within Australian State government agencies

AU - Smith, Stephen

AU - Jamieson, Rodger

AU - Bunker, Deborah

AU - Winchester, Donald

PY - 2008

Y1 - 2008

N2 - This paper investigates the current status of Information System Security (ISS) within New South Wales State government agencies in Australia. A 3-year longitudinal survey was used to increase awareness and motivate ISS managers. In addition, the survey was used as a management tool to monitor compliance with ISS standard's controls (AS/NZS17799:2001). In 2004 an amendment to the standard added critical success factors (CSFs) as being necessary for an agency's movement to accreditation. An analysis of the CSFs results was undertaken to determine the status of an independently acting agency's security readiness and they were summarized to then provide an overall measure. This measure provided a 'benchmark' for an agency's security readiness to the standard's CSFs (AS/NZS17799:2004.AMDT). While the process for improving security based on CSFs is adequate, actual improvement in ISS across government requires further effort. This research contributes to the level of understanding of ISS compliance within e-Government.

AB - This paper investigates the current status of Information System Security (ISS) within New South Wales State government agencies in Australia. A 3-year longitudinal survey was used to increase awareness and motivate ISS managers. In addition, the survey was used as a management tool to monitor compliance with ISS standard's controls (AS/NZS17799:2001). In 2004 an amendment to the standard added critical success factors (CSFs) as being necessary for an agency's movement to accreditation. An analysis of the CSFs results was undertaken to determine the status of an independently acting agency's security readiness and they were summarized to then provide an overall measure. This measure provided a 'benchmark' for an agency's security readiness to the standard's CSFs (AS/NZS17799:2004.AMDT). While the process for improving security based on CSFs is adequate, actual improvement in ISS across government requires further effort. This research contributes to the level of understanding of ISS compliance within e-Government.

KW - E-Government

KW - e-Commerce

KW - Information Systems Security (ISS)

KW - Longitudinal Survey

KW - de jure ISS standards

KW - International Standards Organization (ISO)

KW - ISS standard AS/NZS17799:2004.AMDT (ISO 27001)

KW - Critical Success Factors (CSFs)

M3 - Conference proceeding contribution

SP - 1

EP - 10

BT - AMCIS 2008 Proceedings

PB - AIS Electronic Library (AISeL)

CY - United States

ER -

Smith S, Jamieson R, Bunker D, Winchester D. Moving towards information system security accreditation within Australian State government agencies. In AMCIS 2008 Proceedings. United States: AIS Electronic Library (AISeL). 2008. p. 1-10