Louise Yngström

Learn More
The development of Information and Communication Technology (ICT) systems towards materialization into e-Government applications is expected to tremendously change the ways governments deliver their core business services to citizens and how citizens can interact with their governments. There are also high expectations that these changes will play major(More)
The paper proposes a comprehensive information security maturity model (ISMM) that addresses both technical and socio/non-technical security aspects. The model is intended for securing e-government services (implementation and service delivery) in an emerging and increasing security risk environment. The paper utilizes extensive literature review and survey(More)
e-Government maturity models (eGMMs) lack security services (technical and socio/non-technical) in its critical maturity stages. The paper proposes a comprehensive framework for integrating IT security services into eGMM critical stages. The proposed framework is a result of integrating information security maturity model (ISMM) critical levels into(More)
Information security education and training needs to be valued and assessed from various perspectives. This study presents two differing viewpoints from which such an evaluation can be perceived – those of the individual and the organisation. Some sorts of profits are sought after by each of the two, although this is expressed and hence valued differently(More)
The evaluation of information systems security is a process in which the evidence for assurance is identified, gathered, and analysed against criteria for security functionality and assurance level. This can result in a measure of trust that indicates how well the system meets particular security target. However, as the information systems complexity(More)
Reliability of IT systems and infrastructure is a critical need for organizations to trust their business processes. This makes security evaluation of IT systems a prime concern for these organizations. Common Criteria is an elaborate, globally accepted security evaluation process that fulfills this need. However CC rigidly follows the initial specification(More)