Innovative public governance through cloud computing: Information privacy, business models and performance measurement challenges

Purpose: The purpose of this paper is to identify and analyze challenges and to discuss proposed solutions for innovative public governance through cloud computing. Innovative technologies, such as federation of services and cloud computing, can greatly contribute to the provision of e-government services, through scaleable and flexible systems. Furthermore, they can facilitate in reducing costs and overcoming public information segmentation. Nonetheless, when public agencies use these technologies, they encounter several associated organizational and technical changes, as well as significant challenges. Design/methodology/approach: We followed a multidisciplinary perspective (social, behavioral, business and technical) and conducted a conceptual analysis for analyzing the associated challenges. We conducted focus group interviews in two countries for evaluating the performance models that resulted from the conceptual analysis. Findings: This study identifies and analyzes several challenges that may emerge while adopting innovative technologies for public governance and e-government services. Furthermore, it presents suggested solutions deriving from the experience of designing a related platform for public governance, including issues of privacy requirements, proposed business models and key performance indicators for public services on cloud computing. Research limitations/implications: The challenges and solutions discussed are based on the experience gained by designing one platform. However, we rely on issues and challenges collected from four countries. Practical implications: The identification of challenges for innovative design of e-government services through a central portal in Europe and using service federation is expected to inform practitioners in different roles about significant changes across multiple levels that are implied and may accelerate the challenges' resolution. Originality/value: This is the first study that discusses from multiple perspectives and through empirical investigation the challenges to realize public governance through innovative technologies. The results emerge from an actual portal that will function at a European level. © Emerald Group Publishing Limited

Evaluating m-government applications: an elaboration likelihood model framework

Mobile government application and services refer to governmental functions that are available to mobile devices, such as smart phones or personal digital assistants, to the users anytime/anywhere. M-Government and m-Participation are emergent concepts used to represent the evolving field of public administration functions provided as mobile services and the provision of participation to public consultations via mobile devices accordingly. In this paper we present an evaluation framework for m-government tools. The evaluation approach is grounded on the assumption that m-government tools should not only provide access to governmental information and functions, but they should also motivate users to participate to public policy making processes. The evaluation approach is based on the Elaboration Likelihood Model. Its novelty lies on a) its ability to capture the actual performance of a system instead of the users’ perceptions, and b) its capacity to assess the motivational and persuasive ability of a system.EU FP7 Marie Curie People Project “CEES - Citizen oriented Evaluation of E-Government Systems (reference IAPP-2008-230658) and EU FP7 Project “UbiPOL- Ubiquitous Participation Platform for Policy Making” (Reference INFSO-ICT-248010)

Evaluating e-Government services from a citizens' prespective: A reference process model

Evaluating and optimizing e-government services is imperative for governments especially due to the capacity of e-services to transform public administrations and assist the interactions of governments with citizens, businesses and other government agencies. Existing widely applied evaluation approaches neglect to incorporate citizens’ satisfaction measures. Several citizen satisfaction models and indicators have been suggested in academia; however a reference process model that can assist practitioners to apply these performance measures is missing. In this paper we draw upon the evaluation approach proposed by the EU funded project CEES and propose a reference process model that captures re-usable practices for e-government evaluation from a citizens’ perspective. The novelty of the proposed approach is that using DEA for evaluating the e-services the assessment results in suggestions for strategic improvement of the e-services.EU FP7 Marie Curie People Project “CEES - Citizen oriented Evaluation of E-Government Systems” (reference IAPP-2008-230658

A model for describing and maximising Security Knowledge Sharing to enhance security awareness

Employees play a crucial role in enhancing information security in the workplace, and this requires everyone having the requisite security knowledge and know-how. To maximise knowledge levels, organisations should encourage and facilitate Security Knowledge Sharing (SKS) between employees. To maximise sharing, we need first to understand the mechanisms whereby such sharing takes place and then to encourage and engender such sharing. A study was carried out to test the applicability of Transactive Memory Systems Theory in describing knowledge sharing in this context, which confirmed its applicability in this domain. To encourage security knowledge sharing, the harnessing of Self-Determination Theory was proposed— satisfying employee autonomy, relatedness and competence needs to maximise sharing. Such sharing is required to improve and enhance employee security awareness across organisations. We propose a model to describe the mechanisms for such sharing as well as the means by which it can be encouraged

DEFeND DSM: a data scope management service for model-based privacy by design GDPR compliance.

The introduction of the European General Data Protection Regulation (GDPR) has brought significant benefits to citizens, but it has also created challenges for organisations, which are facing with difficulties interpreting it and properly applying it. An important challenge is compliance with the Privacy by Design and by default (PbD) principles, which require that data protection is integrated into processing activities and business practices from the design stage. Recently, the European Data Protection Board (EDPB) released an official document with PbD guidelines, and there are various efforts to provide approaches to support these. However, organizations are still facing difficulties in identifying a flow for executing, in a coherent, linear and effective way, these activities, and a complete toolkit for supporting this. In this paper, we: (i) identify the most important PbD activities and strategies, (ii) design a coherent, linear and effective flow for them, and (iii) describe our comprehensive supporting toolkit, as part of the DEFeND EU Project platform. Specifically, within DEFeND, we identified candidate tools, fulfilling specific GDPR aspects, and integrated them in a comprehensive toolkit: the DEFeND Data Scope Management service (DSM). The aim of DSM is to support organizations for continuous GDPR compliance through Model-Based Privacy by Design analysis. Here, we present important PbD activities and strategies individuated, then describe DSM, its design, flow, and a preliminary case study and evaluation performed with pilots from the healthcare, banking, public administration and energy sectors

How integration of cyber security management and incident response enables organizational learning

Digital assets of organizations are under constant threat from a wide assortment of nefarious actors. When threats materialize, the consequences can be significant. Most large organizations invest in a dedicated information security management (ISM) function to ensure that digital assets are protected. The ISM function conducts risk assessments, develops strategy, provides policies and training to define roles and guide behavior, and implements technological controls such as firewalls, antivirus, and encryption to restrict unauthorized access. Despite these protective measures, incidents (security breaches) will occur. Alongside the security management function, many organizations also retain an incident response (IR) function to mitigate damage from an attack and promptly restore digital services. However, few organizations integrate and learn from experiences of these functions in an optimal manner that enables them to not only respond to security incidents, but also proactively maneuver the threat environment. In this article we draw on organizational learning theory to develop a conceptual framework that explains how the ISM and IR functions can be better integrated. The strong integration of ISM and IR functions, in turn, creates learning opportunities that lead to organizational security benefits including: increased awareness of security risks, compilation of threat intelligence, removal of flaws in security defenses, evaluation of security defensive logic, and enhanced security response

Factors of Implementing Citizen-Centric e-Government in Developing Countries: Namibia

Peer reviewe