The increasing adoption of information systems (IS) within government organizations necessitates the seamless integration of these systems to improve efficiency and transparency in service delivery. While the operation of interconnected government information systems enhances efficiency, it also introduces unknown risks to information security and privacy. The purpose of this study is to identify and assess the potential risks that may arise from the nature of interconnected systems and to propose measures to mitigate these risks. The study employs the OCTAVE Allegro method to address information security risks based on data gathered from the day-to-day operations of the interconnected systems. A new framework is then developed by integrating two well-established frameworks— the NIST Privacy Framework and ISO/IEC 27010:2015— with the risk assessment findings. This new risk-based information security framework is subsequently used to evaluate the current operations of three IS within the Ministry of Public Works and Housing, based on organizational, technical, and personnel indicators. The results reveal that the average score of the current controls in place is 2.58, which is considered fairly good although the organizational indicator received the lowest score. To address this, specific recommendations are provided for each control in the new framework to close the gap between the ideal and current conditions. These insights are then utilized by the government organization to enhance overall infrastructure security and privacy practices, ultimately contributing to a more resilient and interconnected ecosystem for public services.