The regulatory challenges of Australian information security practice. / Burdon, Mark; Siganto, Jodie; Coles-Kemp, Lizzie.

In: Computer Law and Security Review, Vol. 32, No. 4, 08.2016, p. 623-633.

Research output: Contribution to journalArticlepeer-review




Information security is not directly regulated in Australia and is instead subject to a patchwork of different legal and regulatory frameworks. How Australian information security practitioners construct and action information security therefore becomes important to the overall operation of a fragmented regulatory framework. How then do Australian information security practitioners understand information security and make compliance-oriented decisions? Our exploratory interview research examined how nine Australian information security practitioners understood and constructed their role as delegated regulators of organisational information security processes. Participants expressed a number of concerns that reveal a very different world to that traditionally portrayed as the discipline and practice of information security. We examine these concerns and discuss what they mean in the context of the Australian environment.
Original languageEnglish
Pages (from-to)623-633
Number of pages11
JournalComputer Law and Security Review
Issue number4
Early online date6 Jun 2016
Publication statusPublished - Aug 2016
This open access research output is licenced under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.

ID: 28163820