Information Security Policy for E-government in Saudi Arabia: Effectiveness, Vulnerabilities and Threats

This study focuses on the issue of information security policy for e-government in Saudi Arabia. It evaluates the three fundamental pillars that determine data security such as effectiveness, vulnerabilities, and threats. The paper is seeking to reveal the risks of information security policy for e-government in Saudi Arabia as well as to examine the vulnerabilities and the effectiveness of the system. The methodology applied inductive approach where both qualitative and quantitative research method were used. A survey by use of questionnaires and an interview was conducted. Information Security Policy for E-government in Saudi Arabia: Effectiveness, Vulnerabilities and Threats v Execusive Summary Introduction: In many countries, the implementation of e-Government has proved useful in providing efficient services to consumers. Such a program increases work speed and causes no unnecessary delays. This study assesses the effectiveness of Yesser, the egovernment program that Saudi Arabia adopted in 2007. This study also provides recommendations to improve the security of the Yesser Program, to further professionalize IT specialists, and to increase the level of consumer participation, which will improve of the quality of life for Saudi citizens. Literature Review: The primary purpose of producing literature review is to support the findings of this study via the theoretical justifications obtained from literature. The review revealed that in Saudi Arabia, there is the absence of agencies to monitor the accountability of egovernment services. Most of the workers of offices in Saudi Arabia lack professionalism, and this is a great weakness in the implementation of appropriate policy for e-government. In order for the government to solve this problem, it needs to restructure these rules and regulations to attain online transactions that are more democratic and transparent. In order to have an effective and efficient implementation of the e-government program, there must be qualified personnel to perform such a task. The absence of such staff in Saudi Arabia poses a major challenge to the IT policy. The government of Saudi Arabia should come up with highly training programs in addition to sufficient number of IT specialists. Research Methodology: The research method for this study uses inductive approach and a mixed design following the philosophy of positivism of case study. Data for the case of Saudi Arabia is collected via primary source and the instruments are questionnaire survey (quantitative part) and face-to-face interview (qualitative part). Quantitative data analysis includes frequency distribution, clustered bar graphs, and pie charts. Analysis of qualitative data is a three-step process that includes reducing the data, displaying the data, and verifying or drawing conclusion. Information Security Policy for E-government in Saudi Arabia: Effectiveness, Vulnerabilities and Threats vi Findings: The current study has identified those organizational and technological issues that affect the information security in Saudi Arabia at national level. Moreover, many areas are highlighted where modifications can make the practice of e-government safer. The measures taken by Saudi government in developing organizations are far admired than the cultural development. Lack of awareness in the citizens and inadequate training of the employees dealing with e-services is not satisfactory. Moreover, the most advancing measures taken to reduce security threats of information shared via internet are infrastructure development. However, it needs to be updated regularly as the challenges to information security are always changing. Despite all the attempts to ensure information security in e-government of Saudi Arabia, trust of the citizens in the applications is still low. Thus, Saudi government must given priority to the awareness programs. Information Security Policy for E-government in Saudi Arabia: Effectiveness, Vulnerabilities and Threats vii Table of