Open access repository

Home Open access repository

In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).

» Openaccess proceedings » 5th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2011)

5th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2011)

5th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2011)
London, UK, July 7-8, 2011
ISBN: 978-1-84102-284-0

Title: Towards An Information Security Maturity Model for Secure e-Government Services: A Stakeholders View
Author(s): Geoffrey Karokola, Stewart Kowalski, Louise Yngström
Reference: pp58-73
Keywords: e-Government, Information Security, Maturity Model, Security services, Technical and Non-technical security
Abstract: The paper proposes a comprehensive information security maturity model (ISMM) that addresses both technical and socio/non-technical security aspects. The model is intended for securing e-government services (implementation and service delivery) in an emerging and increasing security risk environment. The paper utilizes extensive literature review and survey study approaches. A total of eight existing ISMMs were selected and critically analyzed. Models were then categorized into security awareness, evaluation and management orientations. Based on the model’s strengths – three models were selected to undergo further analyses and then synthesized. Each of the three selected models was either from the security awareness, evaluation or management orientations category. To affirm the findings – a survey study was conducted into six government organizations located in Tanzania. The study was structured to a large extent by the security controls adopted from the Security By Consensus (SBC) model. Finally, an ISMM with five critical maturity levels was proposed. The maturity levels were: undefined, defined, managed, controlled and optimized. The papers main contribution is the proposed model that addresses both technical and non-technical security services within the critical maturity levels. Additionally, the paper enhances awareness and understanding on the needs for security in e-government services to stakeholders.
Download count: 1578

How to get this paper:

Download a free PDF copy of this paperBuy this book at Lulu.com

PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.