Moving Towards Information System Security Accreditation within Australian State Government Agencies

نویسندگان

  • Stephen Smith
  • Rodger Jamieson
  • Deborah Bunker
  • Donald Winchester
چکیده

This paper investigates the current status of Information System Security (ISS) within New South Wales State government agencies in Australia. A 3-year longitudinal survey was used to increase awareness and motivate ISS managers. In addition, the survey was used as a management tool to monitor compliance with ISS standard’s controls (AS/NZS17799:2001). In 2004 an amendment to the standard added critical success factors (CSFs) as being necessary for an agency’s movement to accreditation. An analysis of the CSFs results was undertaken to determine the status of an independently acting agency’s security readiness and they were summarized to then provide an overall measure. This measure provided a ‘benchmark’ for an agency’s security readiness to the standard’s CSFs (AS/NZS17799:2004.AMDT). While the process for improving security based on CSFs is adequate, actual improvement in ISS across government requires further effort. This research contributes to the level of understanding of ISS compliance within e-Government.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Circuits of Power: A Study of Mandated Compliance to an Information Systems Security De Jure Standard in a Government Organization

Organizations need to protect information assets against cyber crime, denial-of-service attacks, web hackers, data breaches, identity and credit card theft, and fraud. Criminals often try to achieve financial, political, or personal gain through these attacks, so the threats that their actions prompt are insidious motivators for organizations to adopt information systems security (ISS) approach...

متن کامل

Evaluation of current Australian health service accreditation processes (ACCREDIT-CAP): protocol for a mixed-method research project

INTRODUCTION Accreditation programmes aim to improve the quality and safety of health services, and have been widely implemented. However, there is conflicting evidence regarding the outcomes of existing programmes. The Accreditation Collaborative for the Conduct of Research, Evaluation and Designated Investigations through Teamwork-Current Accreditation Processes (ACCREDIT-CAP) project is desi...

متن کامل

Implementing an Information Security Continuous Monitoring Solution—A Case Study

The threats to government computer systems and networks continue to evolve and grow due to steady advances in the sophistication of attack technology, the ease of obtaining such technology, and the increasing use of these techniques by state and nonstate actors to gain intelligence and/or disrupt operations. The US Government Accountability Office (GAO) cites that from 2006 to 2012, the number ...

متن کامل

Mapping Information Security Standards: A Counter-Terrorism Example

Although practitioners have mapped the alignment between IT-related standards, this work has rarely been reported in the academic literature. In particular the methods used have not been made explicit, which has limited the value of any reported results. The research described in this paper demonstrates a rigorous method for mapping the alignment between two example IT security standards. The t...

متن کامل

Identifying and Ranking Technology-Telecommunications Context of Information Security anagement System in E-Government Using Fuzzy AHP Approach

In recent years, many security threats have entered into the organizations’ information and changed the  organizational performance resulting in their exorbitant costs. This question is of particular importanceabout government agencies that use information and Internet systems. This issue enabled the top managers of organizations to implement a security system and minimize these costs. Using In...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2008