Investigating Factors of Non-compliance of information security management in Public Sector, South Africa
Date
2012-10-04
Authors
Abrahams, Tania
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
Cybercrime is on the increase and rampant globally. Although we have
implemented various mechanisms, international agreements, legislation and
policy documents, we are unable to combat this phenomenon. Public Service
is inherently dependant on the availability, integrity and confidentiality of its
mission critical information to deliver an effective and efficient service to the
citizens of the SOUTH AFRICA. This is informed by key legislative
requirements and policy documents to ensure information is protected and
secured, to avoid and minimise risks. SOUTH AFRICA has legislation that
compels compliance and it is a matter of state security that information is
protected and preserved.
The increased usage of information and communication technologies in the
public service have exposed and made the institution vulnerable to potential
intrusions. Global trends indicate that Senior Managers are not implementing
information security policies and procedures. Although policies and
procedures exist for the secure control of information it is not known how high
their awareness levels are to ensure the procedures are operationalised.
The purpose of this research is to investigate factors of non-compliance of
information security management in the Public Service of South Africa.
The researcher followed a scientific research methodology process by
developing a problem and purpose statement. With the aid of the literature
review the researcher was able to formulate Hypothesis, with the key themes
focussing on adherence of governance and international standards, employee
information security awareness and roles and responsibilities of employees
when handling government information, based on Minimum Information
Security Standards that provide procedures and standards to protect
information.