Towards an information security framework for government to government transactions : a perspective from East Africa

The need for a regional framework for information security in e-Government for the East African Community (EAC) has become more urgent with the signing in 2009 of the EAC Common Market Protocol. This protocol will entail more electronic interactions amongst government agencies in the EAC partner states which are Burundi, Kenya, Rwanda, Tanzania, and Uganda. Government to Government (G2G) transactions are the backbone of e-Government transactions. If a government wants to provide comprehensive services that are easy to use by citizens, employees or businesses, it needs to be able to combine information or services that are provided by different government agencies or departments. Furthermore, the governments must ensure that the services provided are secure so that citizens trust that an electronic transaction is as good as or better than a manual one. Thus governments in the EAC must address information security in ways that take into consideration that these governments have limited resources and skills to use for e-Government initiatives. The novel contribution of this study is an information security framework dubbed the TOG framework, comprising of technical, operational, governance, process and maturity models to address information security requirements for G2G transactions in the EAC. The framework makes reference to standards that can be adopted by the EAC while taking into consideration contextual factors which are resource, legislative and cultural constraints. The process model uses what is termed a ‘Plug and Play’ approach which provides the resource poor countries with a means of addressing information security that can be implemented as and when resources allow but eventually leading to a comprehensive framework. Thus government agencies can start implementation based on the operational and technical guidelines while waiting for governance structures to be put in place, or can specifically address governance requirements where they already exist. Conversely, governments using the same framework can take into consideration existing technologies and operations while putting governance structures in place. As a proof of concept, the proposed framework is applied to a case study of a G2G transaction in Tanzania. The framework is evaluated against critical success factors.ComputingD. Phil. (Computer Science

A Sustainable Information Security Framework for e-Government - Case of Tanzania

The government of Tanzania adopted an e-Government strategy in 2009 that is aimed at improving efficiency in government and providing better services to citizens. Information security is identified as one of the requirements for the successful e-Government implementation although the government has not adopted any standards or issued guidelines to government agencies with regards to information security. Comprehensive addressing of information security can be an expensive undertaking and without guidelines information security implementations may be more prone to failure. In a resource poor country such as Tanzania, there is a need for a cost effective and sustainable means of addressing information security in e-Government implementations. In this paper the authors present a case study of an e-Government interaction between a ministry and a government agency and the information security challenges identified in the implementation. In order to address these challenges an information security framework is conceptualized using action research. The framework is applied in the case study to address the identified challenges and the means to address future challenges in a sustainable manner is identified. Finally, the proposed framework is evaluated against Tanzanian and international metrics.Institute for Corporate Citizenshi

A sustainable information security framework for e-Government – case of Tanzania

The government of Tanzania adopted an e-Government strategy in 2009 that is aimed at improving efficiency in government and providing better services to citizens. Information security is identified as one of the requirements for the successful e-Government implementation although the government has not adopted any standards or issued guidelines to government agencies with regards to information security. Comprehensive addressing of information security can be an expensive undertaking and without guidelines information security implementations may be more prone to failure. In a resource poor country such as Tanzania, there is a need for a cost effective and sustainable means of addressing information security in e-Government implementations. In this paper the authors present a case study of an e-Government interaction between a ministry and a government agency and the information security challenges identified in the implementation. In order to address these challenges an information security framework is conceptualized using action research. The framework is applied in the case study to address the identified challenges and the means to address future challenges in a sustainable manner is identified. Finally, the proposed framework is evaluated against Tanzanian and international metrics