Security compliance has now become a major information systems management problem thanks to government regulations. Organizations are now developing methodologies and tools to assess compliance of Information Systems (IS) security. The research outlined in this paper is part of a longitudinal action research study which aims to help inform and improve security within Whole of Government (WoG). This paper examines the different effects of organisational size on IS security compliance within government organisations and how the adoption of security controls differed across small, medium and large government agencies. This paper identifies differences across government agencies rather than assuming that IS security compliance within e-government would be the same for different sized agencies. The approach utilised within this study may be extended to assess compliance with regulations in small, medium and large, multi-unit organizations in other sectors as well as government.