Better Information Security Management in Municipalities

Municipalities handle valuable information in very large quantities on a daily basis. Due to the value, and often confidential nature, of this information, the protection of the information and the related technologies are a key concern for municipalities, especially in South Africa. For this very reason, several official government documents require South African municipalities to implement effective information security management systems. However, according to the Auditor General of South Africa, municipalities are struggling in this regard. This study uses a literature review, document analysis, and argumentation to identify the crucial components of an information security management system. These components are then logically presented in a hierarchical structure to possibly assist municipalities to improve their individual information security management processes. Addressing these components can also be applied in municipalities across Africa to improve information security management.