Protection of security information within goverments department in South Africa

Nkwana, Mokata Johannes

02 1900

The protection of security information in government departments requires the active engagement of executive management to assess emerging threats and provide strong security risk control measures. For most government departments, establishing effective protection of security information is a major initiative, given the often continuous, strategic nature of typical security efforts. This requires commitments or support from senior management and adequate resources. It necessitates the elevation of information security management to positions of authority commensurate to the required responsibilities. This has been the trend in recent years as government departments are increasingly dependent on their information assets and resources, while threats and disruptions continue to escalate in frequency and cost. It is clear from numerous recent studies that organisations that have taken the steps described in this research document and have implemented effective information security risk control measures have achieved significant results in reduced losses and improved resource management. Given the demonstrable benefits, it is surprising that there have not been greater progress in effectively managing information assets. Although regulatory compliance has been a major driver in improving the protection of security information overall, this study has also shown that nearly half of all government departments are failing to initiate meaningful compliance efforts. Failure to address the identified vulnerabilities by government departments will result in espionage, covert influencing manipulation, fraud, sabotage and corruption. Information security risk control measures include the elements required to provide senior management assurance that its direction and intent are reflected in the security posture of the organisation by utilising a structured approach to implement an information security programme. Once those elements are in place, senior management can be confident that adequate and effective protection of security information will protect, as far as possible, the department’s vital information assets. / Criminology and Security Science / M.Tech (Security Management)

Government department

Information security

Protective security

352.387682

Data protection -- South Africa

Data protection

Management of security information in the security industry

Govender, Doraval

06 1900

Incidents, threats and vulnerabilities have the potential to negatively affect an organisation’s assets. Information on these incidents, threats and vulnerabilities are important to security. It is therefore necessary for this security information to be effectively and efficiently managed, so that correct decisions may be made on the implementation of security risk control measures. This study explored the management of security information in the security industry by undertaking the following: • establishing the “status quo” of the collection and analysis of security information and the implementation of security risk control measures in practice; • identifying the nature and extent of problems experienced in the collection and analysis of security information and the implementation of security risk control measures; and the • discovery of a new Security Information Management Model (SIMM). Mixed methods research was used to study the management of security information in the security industry. The explorative research design was used for this purpose. Semi-structured and focus group interviews were conducted with senior security managers and operational security officers, respectively. The grounded theory research design was used to analyse the qualitative data in order to generate a substantive grounded theory. The theory is that security officers operate without a standardised framework to manage security information. The data from the semi-structured and the focus group interviews were used to design a questionnaire to conduct a survey using the quantitative approach. The non-experimental research design was used to conduct this self-administered questionnaire survey. The data from this questionnaire survey helped validate and confirm the substantive grounded theory. The study found that there was the need for a Security Information Management Model to manage security information in the security industry. Based on this finding the researcher recommended a new Security Information Management Model for the management of security information in the security industry. / Criminology / D. Litt. et Phil. (Criminology)

Security industry

Security information

Threat

Vulnerability

Incident

Information protection

Sharing of information

352.3790968

Criminal investigation -- South Africa

Crime analysis -- South Africa

Evidence, Criminal -- South Africa

Framework for digital preservation of electronic government in Ghana

Adu, Kofi Koranteng

January 2015

The global perspective on digital revolution is one that has received a rapturous approval from information professionals, scholars and practitioners. However, such an approval has come at a great cost to memory institutions as the preservation of digital information has proved to be a complex phenomenon to memory institutions. Guided by the multi method design and underpinned by the triangulation of questionnaires, interviews, observation and document analysis, the study examined digital preservation of e-government in Ghana. Findings revealed that the creation of databases, digital publication, emails, website information and tweets were often ocassioned by the use of ICT, e-government, and application of legislations and public policies. It observed that these types of digital records were in urgent need for preservation as most of the ministries and agencies were unable to access their digital records. While the application of a digital preservation tool (Lots of Copies Keeps Stuff Safe) was a familiar terrain to the ministries and agencies, there was expressed lack of awareness about digital preservation support organisations and digital preservation standards. The study identified funding, level of security and privacy, skills training and technological obsolescence as factors that pose key threats to digital preservation. It noted backup strategy, migration, metadata and trusted repositories as the most widely implemented preservation strategy across the ministries and agencies. On the other hand, cloud computing, refreshing and emulation were the least implemented preservation strategies used to address the digital preservation challenges . The study recommends that the ministries and agencies can address many of the digital preservation challenges if they leverage on collaborative and participatory opportunities. Such collaborative and participatory opportunities involve the use of experts from other institutions to share resources and use a common protocol through cloud computing and Open Data. It further recommends that the process of developing a digital preservation policy can be guided by a template document from other jurisdictions / Information Science / D. Litt et Phil. (Information Science)

Public sector organisations

Civil service

Digital preservation

Electronic records management

Electronic government

Electronic governance

Collaboration

Participation

Cloud computing

Open Data

352.3870285

Government publications -- Ghana

Historic preservation -- Ghana

Digital preservation -- Ghana

The impact of technology on human resources management at the Breede Valley Municipality

James, Megan Astrid

03 1900

Thesis (MPA (School of Public Management and Planning))--University of Stellenbosch, 2006. / South Africa has a shortage of skilled labour, which prevents the country from economically competing in the global village. Unfortunately little money was spent on the training and development of workers during the apartheid era. The new government has implemented legislation and various programmes to rectify the situation. Organisations in South Africa are beginning to recognise that a skilled workforce has the potential to provide them with the competitive edge. Instead of viewing training and development as an expense, as they often did in the past, many organisations are now beginning to view expenditure on training as an investment. Training and development is one of the many functions performed by human resources (HR) departments. Today HR is also required to play a larger strategic role within an organisation. Daily administrative duties, however, often prevent human resources managers from playing a more important strategic role. However, modern technology can simplify the way in which human resources departments perform their daily tasks. There are various computerised information systems and programs that can be used for this purpose. The high unemployment rate and the poor economic situation have also affected local government. Many municipalities have a limited budget with which they must provide their communities with basic services such as electricity and water, sanitation and refuse removal, municipal health services and fire fighting services. Municipalities also play a role in the development of their communities. The quality of services provided by the municipalities will depend on the employees of the municipalities. It is therefore important to improve the skills and competencies of the workers to ensure better service delivery to communities. Technology is increasingly being used to address challenges faced by municipalities, to enhance service delivery as well as to improve internal efficiency. Raw data can be converted to useful information that can help key decision makers make a more informed decision about projects. In this study, the Breede Valley Municipality was used as a case study to learn more about the problem under study. The objectives of the study was to identify: a) the advantages web-based technologies can hold for HR employees in their daily work; (b) how training and development is implemented within the municipality; and (c) the challenges, constraints and recommended steps for improvement. A thorough literature study formed the basis of the research and was supplemented with individual interviews with relevant employees at Breede Valley Municipality. This municipality, like most in South Africa, is tasked to deliver services to their communities with limited financial resources at their disposal. Optimal use of technology can assist the HR department to play a more strategic role within the municipality, in freeing them from their administrative tasks.

Theses -- Public management and planning

我國個人隱私保護對於檔案開放應用影響之研究 / The impact of information privacy on archival public access in Taiwan

黃鈺婷, Huang, Yu-Ting

Unknown Date

檔案管理之終極目標，是在於將經過專業化管理之檔案提供於使用者應用，以能充分發揮檔案所具有之歷史、真實憑證和資訊價值。在資訊化社會時代，檔案公開、政府資訊開放與個人隱私權的保護已成為現今民主社會的重要共識，然而個人隱私權和檔案公開政策的衝突卻一直是我國檔案開放應用實務的主要問題，而不利於促進國內檔案管理事業及檔案應用服務的推廣。 本研究藉由分析國內外主要檔案典藏機構之檔案開放應用規範，以及透過深度訪談法蒐集檔案管理人員及檔案使用者對於個人隱私保護相關法令、檔案開放應用法令與檔案應用服務之實務或使用經驗，探究我國個人隱私保護法令和政策對於檔案開放應用實務所造成的影響及問題。結果發現，目前個人隱私保護法令使國內檔案實務界對檔案開放應用的標準產生分歧、且對於涉及隱私資訊檔案的開放作法亦相對保守，加上具重要價值之機關檔案並未落實移轉、而仍分散於各機關之中，將使個人隱私保護標準更難以統一，究其根本原因後也呈現出《檔案法》之規定因過於廣泛有待修正的問題。 本研究建議，國內檔案實務需針對個人隱私保護標準建立共識、並以「通則開放」概念提供檔案之開放應用，而未來國內檔案實務界也須逐步改善機關檔案未落實移轉的問題和《檔案法》的修訂，以能符合使用者需求並充分公開具有珍貴價值之檔案資源。 / The goal of the archival management is providing the archival public access for users and to bring full play of archives’ values. Protecting rights of the archival public access, freedom of government information and information privacy are important principles in information society. However, policies of information privacy are severely impeded applications of archival public access in Taiwan, and may turn against the archival management. For this reason, this study analyzes contents of policies of archival public access from main archival institutions all over the world and collects archivists and users experience to find out the influnences of impact between information policies and aechival public access. The search result shows that there are no unified standards for providing private information from main archival institutions in Taiwan. Also, the over conservativeness of archival repositories to provide archives and the non-complete transfers of national archives become main problems. On the other hand, undefinite rules of the〝Archival Management Act〞in Taiwan are the prime reason that caused the problems. According the study, it suggests that the main archival repositories should to be more open and need define standards for providing the archival public access, and the National Archives Administration should promote the effect about transfering the national archivaes. Moreover, the〝Archival Management Act〞also needs to be revised so that policices of archival public access will be more effecient to fit the users’ needs.

檔案應用

個人隱私

政府資訊公開

《檔案法》

Archival public access

Information privacy

Freedom of government information

MODEL UPRAVLJANJA PERFORMANSAMA PROCESA SOCIJALNE ZAŠTITE I TRANZICIJE MODULA E-UPRAVE U PAMETNU UPRAVU

Klipa Đuro

10 April 2018

<p>Osnovni problem ovog istraživanja je identifikacija indikatora performansi sistema socijalne za&scaron;tite i razvoj modela koji omogućuju monitoring i upravljanje određenim segmentima sistema socijalne za&scaron;tite, kao konceptualno i metodolo&scaron;ki novog pristupa koji će omogućiti unapređenje performansi, detekciju eventualnih neželjenih efekata i anomalija u sistemu prilokom uvođenja i tako obezbediti da se spreče sistemske zloupotrebe i umanje neželjeni efekti primene. Ovo istraživanje se zasniva na činjenici da određene regionalno zavisne fluktuacije parametara sistema indukuju odstupanje od matematičkih modela, &scaron;to jasno pokazuje gde su propusti koje treba re&scaron;iti odgovarajućim promenama zakonske regulative i podzakonskih akata na osnovu kojih se sprovodi odgovarajući sistem socijalne za&scaron;tite.Predloženi model i koncept transformacije e-uprave u pametnu upravu biti će testiran u okviru programa dečijeg dodatka, kao studije slučaja i jednog od najvećih segmenata sistema socijalne za&scaron;tite, a dobijeni rezultati će moći da se iskoriste za kontrolu i unapređenje sličnih složenih podsistema u okviru celokupnog sistema socijalne za&scaron;tite.</p> / <p>The main problem of this research is the identification of indicators of the performance of the social protection system and the development of models that enable monitoring and management of certain segments of the social protection system, as a conceptual and methodologically new approach that will enable improvement of performance, detection of possible adverse effects and anomalies in the system during the introduction. to prevent systemic abuse and reduce adverse effects of administration. This research is based on the fact that certain regionally dependent fluctuations in the system parameters induce deviation from mathematical models, which clearly shows where the flaws to be solved by appropriate changes in the legislation and bylaws on the basis of which the corresponding social protection system is implemented. The proposed model and the concept of e-government transformation into smart governance will be tested under the child-allowance program, as case studies and one of the largest segments of the social protection system, and the results obtained will be able to use for the control and improvement of similar complex subsystems within the overall social protection system.</p>

論澳門保密制度的刑事立法保護及其完善 / Discussion of Macau's criminal legislation protection on confidentiality system and how to perfect relevant problems

廖志漢

January 2012

University of Macau / Faculty of Law

資訊披露 -- 法規 -- 澳門

官方機密 -- 法規 -- 澳門

政府資訊 -- 法規 -- 澳門

Information management in the age of E-government - the case of South Africa

Sihlezana, Nothando Daphne

03 1900

Thesis (MPhil (Information Science))--University of Stellenbosch, 2006. / The purpose of the research study was to explore how information is managed, in selected South African government departments, since the South African government is moving into the age of e-government and electronic service delivery. This study has tested and found that the degree to which information and knowledge are captured and used to support good governance depends on whether a strong underlying information management infrastructure is in place. A descriptive literature study was conducted to obtain information and views from available related literature that also served as the theoretical basis for the subsequent argument that the success of e-government depends on good information management, not just establishing an on-line presence. The primary data collection for this study was conducted from government employees, junior, middle and senior management level, employed by various Departments, in the National Offices. The findings indicate that a carefully considered plan and strategy for information management infrastructure development are required that include generating a shared vision for information management, a strong action and wide awareness and support by the key stakeholders. Various conclusions have been reached through this study i.e.: • The creation, use and preservation of electronic records pose special challenges requiring new techniques and tools but based on traditional information management principles and goals. • A learning culture and strong infrastructure of laws, policies, standards, practices, systems and people are required to support information management for both traditional and e-governance needs. • Good recordkeeping is a core component of good governance, especially in an increasingly information and technology-intensive environment. A number of recommendations are made, including suggestions that the South African Government should develop the information management structures within the Departments and identify the barriers to information sharing, and also barriers related to culture and structure.

Knowledge management

Electronic public recordsSouth Africa

Theses -- Information science

Dissertations -- Information science

A framework for management of electronic records in support of e-government in Kenya

Ambira, Cleophas Mutundu

January 2016

Effective management of electronic records (MER) facilitates implementation of e- government. While studies have been carried out on management of records in Kenya, none of these studies has focused on MER in support of e-government implementation in Kenya. To address the knowledge gap, the current study sought to establish the current state regarding MER in support of e-government in Kenya. The study investigated how MER supported e-government in Kenya with a view to develop a best-practice framework for MER in support of e-government. The specific objectives of the study were to: ascertain current status of MER in government ministries in Kenya; determine the current level of e-government utilization; establish the effectiveness of existing practices for MER in supporting e-government; identify challenges faced by ministries in MER that could impact on implementation of e- government; propose recommendations that could improve MER in ministries to support e-government effectiveness and develop a framework for MER in support of e-government. The theoretical framework was the European Commission’s (2001) Model Requirements for Electronic Records Management (MoReq) and the United Nation’s (2001) five-stage e-government maturity model. The study was anchored on the interpretive research paradigm and adopted qualitative research methodology using phenomenological design. The study sample consisted of 52 respondents drawn from eighteen government ministries, the Kenya ICT Authority (ICTA), the Kenya National Archives and Documentation Service (KNADS) and five e- government service areas. Maximum variation sampling technique was used. Data was collected through face-face interviews and analysed using thematic analysis. The findings established that: the general status of MER in government ministries is inadequately positioned to support e-government; utilization of e-government in Kenya had grown significantly and more ministries were adopting e-government services; although some initiatives have been undertaken to enhance MER, the existing practices for MER require improvement to ensure they adequately support e-government; there exists several challenges in the MER that impact on implementation of e-government. The study concluded that the current practices for managing electronic records in support of e-government implementation were not adequate. Recommendations and a best-practise framework for managing electronic records in support of e-government have been provided. Suggestions for further research are provided. / Information Science / D. Litt. et. Phil. (Information Science)

Kenya

Records management

Electronic records

Management of electronic records

Electronic records management

E-government

E-government maturity

352.38096762

Protection of security information within government departments in South Africa

Nkwana, Mokata Johannes

02 1900

The protection of security information in government departments requires the active engagement of executive management to assess emerging threats and provide strong security risk control measures. For most government departments, establishing effective protection of security information is a major initiative, given the often continuous, strategic nature of typical security efforts. This requires commitments or support from senior management and adequate resources. It necessitates the elevation of information security management to positions of authority commensurate to the required responsibilities. This has been the trend in recent years as government departments are increasingly dependent on their information assets and resources, while threats and disruptions continue to escalate in frequency and cost. It is clear from numerous recent studies that organisations that have taken the steps described in this research document and have implemented effective information security risk control measures have achieved significant results in reduced losses and improved resource management. Given the demonstrable benefits, it is surprising that there have not been greater progress in effectively managing information assets. Although regulatory compliance has been a major driver in improving the protection of security information overall, this study has also shown that nearly half of all government departments are failing to initiate meaningful compliance efforts. Failure to address the identified vulnerabilities by government departments will result in espionage, covert influencing manipulation, fraud, sabotage and corruption. Information security risk control measures include the elements required to provide senior management assurance that its direction and intent are reflected in the security posture of the organisation by utilising a structured approach to implement an information security programme. Once those elements are in place, senior management can be confident that adequate and effective protection of security information will protect, as far as possible, the department’s vital information assets. / Criminology and Security Science / M. Tech. (Security Management)

Government departments

Information security

Protective security

352.387682

Data protection -- South Africa

Data protection -- South Africa