205 resultados para Security classification (Government documents)
Resumo:
The construction industry is categorised as being an information-intensive industry and described as one of the most important industries in any developed country, facing a period of rapid and unparalleled change (Industry Science Resources 1999) (Love P.E.D., Tucker S.N. et al. 1996). Project communications are becoming increasingly complex, with a growing need and fundamental drive to collaborate electronically at project level and beyond (Olesen K. and Myers M.D. 1999; Thorpe T. and Mead S. 2001; CITE 2003). Yet, the industry is also identified as having a considerable lack of knowledge and awareness about innovative information and communication technology (ICT) and web-based communication processes, systems and solutions which may prove beneficial in the procurement, delivery and life cycle of projects (NSW Government 1998; Kajewski S. and Weippert A. 2000). The Internet has debatably revolutionised the way in which information is stored, exchanged and viewed, opening new avenues for business, which only a decade ago were deemed almost inconceivable (DCITA 1998; IIB 2002). In an attempt to put these ‘new avenues of business’ into perspective, this report provides an overall ‘snapshot’ of current public and private construction industry sector opportunities and practices in the implementation and application of web-based ICT tools, systems and processes (e-Uptake). Research found that even with a reserved uptake, the construction industry and its participating organisations are making concerted efforts (fortunately with positive results) in taking up innovative forms of doing business via the internet, including e-Tendering (making it possible to manage the entire tender letting process electronically and online) (Anumba C.J. and Ruikar K. 2002; ITCBP 2003). Furthermore, Government (often a key client within the construction industry),and with its increased tendency to transact its business electronically, undoubtedly has an effect on how various private industry consultants, contractors, suppliers, etc. do business (Murray M. 2003) – by offering a wide range of (current and anticipated) e-facilities / services, including e-Tendering (Ecommerce 2002). Overall, doing business electronically is found to have a profound impact on the way today’s construction businesses operate - streamlining existing processes, with the growth in innovative tools, such as e-Tender, offering the construction industry new responsibilities and opportunities for all parties involved (ITCBP 2003). It is therefore important that these opportunities should be accessible to as many construction industry businesses as possible (The Construction Confederation 2001). Historically, there is a considerable exchange of information between various parties during a tendering process, where accuracy and efficiency of documentation is critical. Traditionally this process is either paper-based (involving large volumes of supporting tender documentation), or via a number of stand-alone, non-compatible computer systems, usually costly to both the client and contractor. As such, having a standard electronic exchange format that allows all parties involved in an electronic tender process to access one system only via the Internet, saves both time and money, eliminates transcription errors and increases speed of bid analysis (The Construction Confederation 2001). Supporting this research project’s aims and objectives, researchers set to determine today’s construction industry ‘current state-of-play’ in relation to e-Tendering opportunities. The report also provides brief introductions to several Australian and International e-Tender systems identified during this investigation. e-Tendering, in its simplest form, is described as the electronic publishing, communicating, accessing, receiving and submitting of all tender related information and documentation via the internet, thereby replacing the traditional paper-based tender processes, and achieving a more efficient and effective business process for all parties involved (NT Governement 2000; NT Government 2000; NSW Department of Commerce 2003; NSW Government 2003). Although most of the e-Tender websites investigated at the time, maintain their tendering processes and capabilities are ‘electronic’, research shows these ‘eTendering’ systems vary from being reasonably advanced to more ‘basic’ electronic tender notification and archiving services for various industry sectors. Research also indicates an e-Tender system should have a number of basic features and capabilities, including: • All tender documentation to be distributed via a secure web-based tender system – thereby avoiding the need for collating paperwork and couriers. • The client/purchaser should be able to upload a notice and/or invitation to tender onto the system. • Notification is sent out electronically (usually via email) for suppliers to download the information and return their responses electronically (online). • During the tender period, updates and queries are exchanged through the same e-Tender system. • The client/purchaser should only be able to access the tenders after the deadline has passed. • All tender related information is held in a central database, which should be easily searchable and fully audited, with all activities recorded. • It is essential that tender documents are not read or submitted by unauthorised parties. • Users of the e-Tender system are to be properly identified and registered via controlled access. In simple terms, security has to be as good as if not better than a manual tender process. Data is to be encrypted and users authenticated by means such as digital signatures, electronic certificates or smartcards. • All parties must be assured that no 'undetected' alterations can be made to any tender. • The tenderer should be able to amend the bid right up to the deadline – whilst the client/purchaser cannot obtain access until the submission deadline has passed. • The e-Tender system may also include features such as a database of service providers with spreadsheet-based pricing schedules, which can make it easier for a potential tenderer to electronically prepare and analyse a tender. Research indicates the efficiency of an e-Tender process is well supported internationally, with a significant number, yet similar, e-Tender benefits identified during this investigation. Both construction industry and Government participants generally agree that the implementation of an automated e-Tendering process or system enhances the overall quality, timeliness and cost-effectiveness of a tender process, and provides a more streamlined method of receiving, managing, and submitting tender documents than the traditional paper-based process. On the other hand, whilst there are undoubtedly many more barriers challenging the successful implementation and adoption of an e-Tendering system or process, researchers have also identified a range of challenges and perceptions that seem to hinder the uptake of this innovative approach to tendering electronically. A central concern seems to be that of security - when industry organisations have to use the Internet for electronic information transfer. As a result, when it comes to e-Tendering, industry participants insist these innovative tendering systems are developed to ensure the utmost security and integrity. Finally, if Australian organisations continue to explore the competitive ‘dynamics’ of the construction industry, without realising the current and future, trends and benefits of adopting innovative processes, such as e-Tendering, it will limit their globalising opportunities to expand into overseas markets and allow the continuation of international firms successfully entering local markets. As such, researchers believe increased knowledge, awareness and successful implementation of innovative systems and processes raises great expectations regarding their contribution towards ‘stimulating’ the globalisation of electronic procurement activities, and improving overall business and project performances throughout the construction industry sectors and overall marketplace (NSW Government 2002; Harty C. 2003; Murray M. 2003; Pietroforte R. 2003). Achieving the successful integration of an innovative e-Tender solution with an existing / traditional process can be a complex, and if not done correctly, could lead to failure (Bourn J. 2002).
Resumo:
The stakeholder approach which emerged under the auspices of new public management has been in use in public agencies for the past 25 years. However it remains a difficult and demanding task for agencies to determine who their stakeholders are and how to optimise interactions with them. This paper will examine how government agencies identify, classify and engage with stakeholders who have competing demands, differing access to resources and the ability to exert political pressure. To do this, the stakeholder approaches of nine agencies at three levels of government in Queensland were studied. The contribution of this paper is the development of a Stakeholder Classification Model for Public Agencies which could be used to create more focused and relevant stakeholder interventions.
Resumo:
Value creation is an area with long-standing importance in the marketing field, yet little is known about the value construct itself. In social marketing, value can be regarded as an incentive for consumers to perform desirable behaviours that lead to bother greater social good and individual benefit. An understanding of customer value in the consumption of social products is an important aspect of designing social marketing interventions that can effectively change social behaviours. This paper uses qualitative data, gathered during depth interviews, to explore the value dimensions women experience from using government-provided breast screening services every two years. Thematic analysis was used in discovering that emotional functional, social and altruistic dimensions of value were present in womens’ experiences with these services as well as in the outcomes from using them.
Resumo:
Understanding the complex dynamic and uncertain characteristics of organisational employees who perform authorised or unauthorised information security activities is deemed to be a very important and challenging task. This paper presents a conceptual framework for classifying and organising the characteristics of organisational subjects involved in these information security practices. Our framework expands the traditional Human Behaviour and the Social Environment perspectives used in social work by identifying how knowledge, skills and individual preferences work to influence individual and group practices with respect to information security management. The classification of concepts and characteristics in the framework arises from a review of recent literature and is underpinned by theoretical models that explain these concepts and characteristics. Further, based upon an exploratory study of three case organisations in Saudi Arabia involving extensive interviews with senior managers, department managers, IT managers, information security officers, and IT staff; this article describes observed information security practices and identifies several factors which appear to be particularly important in influencing information security behaviour. These factors include values associated with national and organisational culture and how they manifest in practice, and activities related to information security management.
Resumo:
Protection of “critical infrastructure” has become a major issue for govern- ments worldwide. Yet in Australia, as in many other countries, including the United States, an estimated 90% of critical infrastructure is privately owned or operated commercially – in other words, critical infrastructure protection is not the exclusive domain of government. As a result, information sharing between government and the private sector has become a vitally important component of effective risk management. However, establishing effective arrangements of this kind between the public and private sector needs to take account of existing regimes of access and public disclosure which relate to government-held documents; in particular, that which is established by freedom of information (FOI) legislation. This article examines the extent to which the current Commonwealth FOI regime is likely to act as an impediment to the private sector operators of critical infrastructure participat- ing in government-operated information sharing arrangements. By examining developments in other jurisdictions, principally the United States, the article considers whether amendments to the current Australian FOI regime are necessary to ensure effective participation, consistent with the underlying object and purpose of FOI.
Resumo:
Researching administrative history is problematical. A trail of authoritative documents is often hard to find; and useful summaries can be difficult to organise, especially if source material is in paper formats in geographically dispersed locations. In the absence of documents, the reasons for particular decisions and the rationale underpinning particular policies can be confounded as key personnel advance in their professions and retire. The rationale for past decisions may be lost for practical purposes; and if an organisation’s memory of events is diminished, its learning through experience is also diminished. Publishing this document tries to avoid unnecessary duplication of effort by other researchers that need to venture into how policies of charging for public sector information have been justified. The author compiled this work within a somewhat limited time period and the work does not pretend to be a complete or comprehensive analysis of the issues.----- A significant part of the role of government is to provide a framework of legally-enforceable rights and obligations that can support individuals and non-government organisations in their lawful activities. Accordingly, claims that governments should be more ‘business-like’ need careful scrutiny. A significant supply of goods and services occurs as non-market activity where neither benefits nor costs are quantified within conventional accounting systems or in terms of money. Where a government decides to provide information as a service; and information from land registries is archetypical, the transactions occur as a political decision made under a direct or a clearly delegated authority of a parliament with the requisite constitutional powers. This is not a market transaction and the language of the market confuses attempts to describe a number of aspects of how governments allocate resources.----- Cost recovery can be construed as an aspect of taxation that is a sole prerogative of a parliament. The issues are fundamental to political constitutions; but they become more complicated where states cede some taxing powers to a central government as part of a federal system. Nor should the absence of markets be construed necessarily as ‘market failure’ or even ‘government failure’. The absence is often attributable to particular technical, economic and political constraints that preclude the operation of markets. Arguably, greater care is needed in distinguishing between the polity and markets in raising revenues and allocating resources; and that needs to start by removing unhelpful references to ‘business’ in the context of government decision-making.
Resumo:
This research used the Queensland Police Service, Australia, as a major case study. Information on principles, techniques and processes used, and the reason for the recording, storing and release of audit information for evidentiary purposes is reported. It is shown that Law Enforcement Agencies have a two-fold interest in, and legal obligation pertaining to, audit trails. The first interest relates to the situation where audit trails are actually used by criminals in the commission of crime and the second to where audit trails are generated by the information systems used by the police themselves in support of the recording and investigation of crime. Eleven court cases involving Queensland Police Service audit trails used in evidence in Queensland courts were selected for further analysis. It is shown that, of the cases studied, none of the evidence presented was rejected or seriously challenged from a technical perspective. These results were further analysed and related to normal requirements for trusted maintenance of audit trail information in sensitive environments with discussion on the ability and/or willingness of courts to fully challenge, assess or value audit evidence presented. Managerial and technical frameworks for firstly what is considered as an environment where a computer system may be considered to be operating “properly” and, secondly, what aspects of education, training, qualifications, expertise and the like may be considered as appropriate for persons responsible within that environment, are both proposed. Analysis was undertaken to determine if audit and control of information in a high security environment, such as law enforcement, could be judged as having improved, or not, in the transition from manual to electronic processes. Information collection, control of processing and audit in manual processes used by the Queensland Police Service, Australia, in the period 1940 to 1980 was assessed against current electronic systems essentially introduced to policing in the decades of the 1980s and 1990s. Results show that electronic systems do provide for faster communications with centrally controlled and updated information readily available for use by large numbers of users who are connected across significant geographical locations. However, it is clearly evident that the price paid for this is a lack of ability and/or reluctance to provide improved audit and control processes. To compare the information systems audit and control arrangements of the Queensland Police Service with other government departments or agencies, an Australia wide survey was conducted. Results of the survey were contrasted with the particular results of a survey, conducted by the Australian Commonwealth Privacy Commission four years previous, to this survey which showed that security in relation to the recording of activity against access to information held on Australian government computer systems has been poor and a cause for concern. However, within this four year period there is evidence to suggest that government organisations are increasingly more inclined to generate audit trails. An attack on the overall security of audit trails in computer operating systems was initiated to further investigate findings reported in relation to the government systems survey. The survey showed that information systems audit trails in Microsoft Corporation's “Windows” operating system environments are relied on quite heavily. An audit of the security for audit trails generated, stored and managed in the Microsoft “Windows 2000” operating system environment was undertaken and compared and contrasted with similar such audit trail schemes in the “UNIX” and “Linux” operating systems. Strength of passwords and exploitation of any security problems in access control were targeted using software tools that are freely available in the public domain. Results showed that such security for the “Windows 2000” system is seriously flawed and the integrity of audit trails stored within these environments cannot be relied upon. An attempt to produce a framework and set of guidelines for use by expert witnesses in the information technology (IT) profession is proposed. This is achieved by examining the current rules and guidelines related to the provision of expert evidence in a court environment, by analysing the rationale for the separation of distinct disciplines and corresponding bodies of knowledge used by the Medical Profession and Forensic Science and then by analysing the bodies of knowledge within the discipline of IT itself. It is demonstrated that the accepted processes and procedures relevant to expert witnessing in a court environment are transferable to the IT sector. However, unlike some discipline areas, this analysis has clearly identified two distinct aspects of the matter which appear particularly relevant to IT. These two areas are; expertise gained through the application of IT to information needs in a particular public or private enterprise; and expertise gained through accepted and verifiable education, training and experience in fundamental IT products and system.
Resumo:
As a result of the managerial reforms adopted by government agencies since the 1980s, the stakeholder approach has become more widely accepted as a strategic management tool. However it remains a difficult and demanding task for agencies to determine who their stakeholders are and to optimise interactions with them. This paper examines how government agencies identify, classify and engage with stakeholders who have competing demands, differing access to resources and the ability to exert political pressure. To do this, the stakeholder approaches of nine agencies at three levels of government in Queensland were studied. This resulted in the development of a Stakeholder Classification Model for Public Agencies which could be used to create more focused and relevant stakeholder interventions.
Resumo:
Textual cultural heritage artefacts present two serious problems for the encoder: how to record different or revised versions of the same work, and how to encode conflicting perspectives of the text using markup. Both are forms of textual variation, and can be accurately recorded using a multi-version document, based on a minimally redundant directed graph that cleanly separates variation from content.
Resumo:
In a resource constrained business world, strategic choices must be made on process improvement and service delivery. There are calls for more agile forms of enterprises and much effort is being directed at moving organizations from a complex landscape of disparate application systems to that of an integrated and flexible enterprise accessing complex systems landscapes through service oriented architecture (SOA). This paper describes the analysis of strategies to detect supporting business services. These services can then be delivered in a variety of ways: web-services, new application services or outsourced services. The focus of this paper is on strategy analysis to identify those strategies that are common to lines of business and thus can be supported through shared services. A case study of a state government is used to show the analytical method and the detection of shared strategies.
Resumo:
This paper proposes a theoretical model for e-Government in Malaysia and addresses issues involved in its implementation. It presents three possible models including the Framework for Electronic Government (Grant & Chau, 2005), the Three Pillars Framework (Georgescu, 2007) and The Grid-Group Theory from cultural studies (Douglas, 1996) and integrates and adapts them to the specific needs of the Malaysian environment.
Resumo:
The purpose of this conceptual paper is to address the lack of consistent means through which strategies are identified and discussed across theoretical perspectives in the field of business strategy. A standardised referencing system is offered to codify the means by which strategies can be identified, from which new business services and information systems may be derived. This taxonomy was developed using qualitative content analysis study of government agencies’ strategic plans. This taxonomy is useful for identifying strategy formation and determining gaps and opportunities. Managers will benefit from a more transparent strategic design process that reduces ambiguity, aids in identifying and correcting gaps in strategy formulation, and fosters enhanced strategic analysis. Key benefits to academics are the improved dialogue in strategic management field and suggest that progress in the field requires that fundamentals of strategy formulation and classification be considered more carefully. Finally, the formalization of strategy can lead to the clear identification of new business services, which inform ICT investment decisions and shared service prioritisation.
Resumo:
Many existing schemes for malware detection are signature-based. Although they can effectively detect known malwares, they cannot detect variants of known malwares or new ones. Most network servers do not expect executable code in their in-bound network traffic, such as on-line shopping malls, Picasa, Youtube, Blogger, etc. Therefore, such network applications can be protected from malware infection by monitoring their ports to see if incoming packets contain any executable contents. This paper proposes a content-classification scheme that identifies executable content in incoming packets. The proposed scheme analyzes the packet payload in two steps. It first analyzes the packet payload to see if it contains multimedia-type data (such as . If not, then it classifies the payload either as text-type (such as or executable. Although in our experiments the proposed scheme shows a low rate of false negatives and positives (4.69% and 2.53%, respectively), the presence of inaccuracies still requires further inspection to efficiently detect the occurrence of malware. In this paper, we also propose simple statistical and combinatorial analysis to deal with false positives and negatives.
Resumo:
Most Australian states have introduced legislation to provide for enduring documents for financial, personal and health care decision making in the event of incapacity. Since the introduction of Enduring Powers of Attorney (EPAs) and Advance Health Directives (AHDs) in Queensland in 1998, concerns have continued to be raised by service providers, professionals and individuals about the uptake, understanding and appropriate use of these documents. In response to these concerns, the Department of Justice and Attorney-General (DJAG) convened a Practical Guardianship Initiatives Working Party. This group identified the limited evidence base available to address these concerns. In 2009, a multidisciplinary research team from the University of Queensland and the Queensland University of Technology was awarded $90,000 from the Legal Practitioners Interest on Trust Account Fund to undertake a review of the current EPA and AHD forms. The goal of the research was to gather data on the content and useability of the forms from the perspectives of a range of stakeholders, particularly those completing the EPA and AHD, witnesses of these documents, attorneys appointed under an EPA, and health professionals involved in the completion of an AHD or dealing with it in a clinical context. The researchers also sought to gather information from the perspective of Aboriginal and Torres Strait Islander (ATSI) individuals as well people from culturally and linguistically diverse (CALD) groups. Although the focus of the research was on the forms and the extent to which the current design, content and format represents a barrier to uptake, in the course of the research, some broader issues were identified which have an impact on the effectiveness of the EPA and AHD in achieving the goals of planning for financial and personal and health care in advance of losing capacity. The data gathered enabled the researchers to achieve the primary goal of the research: to make recommendations to improve the content and useability of the forms which hopefully will lead to an increased uptake and appropriate use of the forms. However, the researchers thought it was important not to ignore broader policy issues that were identified in the course of the research. These broader issues have been highlighted in this Report, and the researchers have responded to them in a variety of ways. For some issues, the researchers have suggested alterations that could be made to the forms to address the particular concerns. For other issues, the researchers have suggested that Government may need to take specific action such as educating the broader community with some attention to strategies that engage particular groups within communities. Other concerns raised can only be dealt with by legislative reform and, in some of these cases, the researchers have identified issues that Government may wish to consider further. We do note, however, that it is beyond the scope of this Report to recommend changes to the law. This three stage mixed methods project aimed to provide systematic evidence from a broad range of stakeholders in regard to: (i) which groups use and do not use these documents and why, (ii) the contribution of the length/complexity/format/language of the forms as barriers to their completion and/or effective use, and (iii) the issues raised by the current documents for witnesses and attorneys. Understanding and use of EPAs and AHDs were generally explored in separate but parallel processes. A purposive sampling strategy included users of the documents as principals and attorneys, and professionals, witnesses and service providers who assist others to execute or use the forms. The first component of this study built on existing knowledge using a Critical Reference Group and material provided by the DJAG Practical Guardianship Initiatives Working Party. This assisted in the development of the data collection tools for subsequent stages. The second component comprised semi-structured interviews and focus groups with a targeted sample of current users of the forms, potential users, witnesses and other professionals to provide in-depth information on critical issues. Outreach to Aboriginal and Torres Strait Islander Elders and individuals and workers with CALD groups ensured a broad sample of potential users of the two documents. Fifty individual interviews and three focus groups were completed. Most interviews and focus groups focused on perceptions of, and experiences with, either the EPA or the AHD form. In the interviews with Indigenous people and the CALD focus groups, however, respondents provided their perceptions and experiences of both documents. In general, these respondents had not used the forms and were responding to the documents made available in the interview or focus group. In total, seventy-seven individuals were involved in interviews or focus groups. The final component comprised on-line surveys for EPA principals, EPA attorneys, AHD principals, witnesses of EPAs and AHDs and medical practitioners with experience of AHDs as nominated and/or treating doctors. The surveys were developed from the initial component and the qualitative analysis of the interview and focus group data. A total of 116 surveys were returned from major cities and regional Queensland. The survey data was analysed descriptively for patterns and trends. It is important to note that the aim of the survey was to gain insight into issues and concerns relating to the documents and not to make generalisations to the broader population.
