In 2014, we launched our open-access repository which offers full text access to conference proceedings from many of our events including the INC and HAISA series. These papers are free to access and distribute (subject to citing the source).
» Openaccess proceedings » 5th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2011)
 | 5th International Symposium on Human Aspects of Information Security and Assurance (HAISA 2011) |
Title: Towards An Information Security Maturity Model for Secure e-Government Services: A Stakeholders View
Author(s): Geoffrey Karokola, Stewart Kowalski, Louise Yngström
Reference: pp58-73
Keywords: e-Government, Information Security, Maturity Model, Security services, Technical and Non-technical security
Abstract: The paper proposes a comprehensive information security maturity model (ISMM) that addresses both technical and socio/non-technical security aspects. The model is intended for securing e-government services (implementation and service delivery) in an emerging and increasing security risk environment. The paper utilizes extensive literature review and survey study approaches. A total of eight existing ISMMs were selected and critically analyzed. Models were then categorized into security awareness, evaluation and management orientations. Based on the model’s strengths – three models were selected to undergo further analyses and then synthesized. Each of the three selected models was either from the security awareness, evaluation or management orientations category. To affirm the findings – a survey study was conducted into six government organizations located in Tanzania. The study was structured to a large extent by the security controls adopted from the Security By Consensus (SBC) model. Finally, an ISMM with five critical maturity levels was proposed. The maturity levels were: undefined, defined, managed, controlled and optimized. The papers main contribution is the proposed model that addresses both technical and non-technical security services within the critical maturity levels. Additionally, the paper enhances awareness and understanding on the needs for security in e-government services to stakeholders.
Download count: 2017
How to get this paper:
PDF copy of this paper is free to download. You may distribute this copy providing you cite this page as the source.