Abstract
The purpose of this article is to identify information systems security risks in local governments resulting from the cooperation with IT vendors. We focus on government-to-government projects where the confidentiality, integrity, and availability of information is a key concern. In our risk identification process, we take a systems thinking approach, taking into account actual and perceived risks. We identified 13 causes of risk in three risk areas and analyzed them using outsourcing literature.
ACKNOWLEDGMENT
The authors would like to thank all participating local governments, IT vendors, and experts for their help during the risk identification activities. Special thanks to the SmartCitiesScran (Peter Cruickshank), Gerd Van Den Eede and the MeTTeg'09 Community for their reviews and comments.