8
results found in
7 ms
Page 1
of 1
Cyber Attacks: Securing Agencies’ICT Systems
agencies compliance with the four mandatory ICT security strategies and related controls in the Australian Government Information Security Manual (ISM). The audit also considered the overall ICT security ... Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... . In the government sector, the Australian Signals Directorate (ASD)3 has estimated that between January and December 2012, there were over 1790 security incidents against Australian Government agencies. Of these, 685 ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
agencies compliance with the four mandatory ICT security strategies and related controls in the Australian Government Information Security Manual (ISM). The audit also considered the overall ICT security ... Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... . In the government sector, the Australian Signals Directorate (ASD)3 has estimated that between January and December 2012, there were over 1790 security incidents against Australian Government agencies. Of these, 685 ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
The Australian National Audit Office
, issued in 2014
Risk cases: 3
Lessons learned from government ICT-projects
to request this audit. The audit has been performed in only 5 months time and consisted of the re-use of earlier performed audits. We have 'recycled' earlier findings about ICT-projects. ... This audit has been performed on request of the Dutch parliament. Some newspapers mentioned government losses of four to five billion euro's on a yearly bases. These news items caused the parliament ... 'Expensive' does not always mean 'High Quality', so... do not feed the spiral ... Excellent analysis of systemic errors commited when designing Government IT projects. The report aims at the essence of problems which are encountered far from information technologies - in: politics ... , business, psychology... Do not be mislead by date of report, it is evergreen for all who really want to know why IT projects fail.
Full description
to request this audit. The audit has been performed in only 5 months time and consisted of the re-use of earlier performed audits. We have 'recycled' earlier findings about ICT-projects. ... This audit has been performed on request of the Dutch parliament. Some newspapers mentioned government losses of four to five billion euro's on a yearly bases. These news items caused the parliament ... 'Expensive' does not always mean 'High Quality', so... do not feed the spiral ... Excellent analysis of systemic errors commited when designing Government IT projects. The report aims at the essence of problems which are encountered far from information technologies - in: politics ... , business, psychology... Do not be mislead by date of report, it is evergreen for all who really want to know why IT projects fail.
Full description
Netherlands Court of Audits
, issued in 2007
Risk cases: 3
Managing the risk of legacy ICT to public service delivery
to illustrate the range of approaches that small and large government bodies are taking to address the issues arising from legacy ICT (defined as "systems and applications that have been operationally embedded ... The cross-government report describes the case studies from four public services (state pension, Value Added Tax collection, prescription payment and consumer credit licensing services) selected ... within a business function but superseded by newer and more effective technologies or changed business needs"). ... Possible approaches to the problem of 'legacy ICT' ... UK’s government experience in managing the risks connected to legacy ICT provides valuable insight for others facing the same problem and are considering transforming their services.
Full description
to illustrate the range of approaches that small and large government bodies are taking to address the issues arising from legacy ICT (defined as "systems and applications that have been operationally embedded ... The cross-government report describes the case studies from four public services (state pension, Value Added Tax collection, prescription payment and consumer credit licensing services) selected ... within a business function but superseded by newer and more effective technologies or changed business needs"). ... Possible approaches to the problem of 'legacy ICT' ... UK’s government experience in managing the risks connected to legacy ICT provides valuable insight for others facing the same problem and are considering transforming their services.
Full description
National Audit Office
, issued in 2013
Risk cases: 3
Management and implementation of 1BestariNet
1BestariNet Service Project (1BestariNet) is an initiative undertaken by the Malaysian Ministry of Education (MOE) to replace and enhance ICT connectivity in schools. It is an enhancement ... to the SchoolNet service which terminated on 31 December 2010 with emphasis on end-to-end solutions (E2E) network services together with Virtual Learning Environment (VLE). Under this project, 10,000 primary ... and secondary public schools in Malaysia are equipped with high-speed 4G Internet access and a virtual learning platform, providing high-speed internet connectivity and access to a world-class Integrated Learning ... ... To answer big risks in IT systems development you need all levels of organisation ... Audit of 1BestariNet is presented by the Malaysian National Audit Department together with other IT projects reviewed. A result is this concise and instructive list of lessons learnt and failures ... to be avoided. To maximize performance and minimize vendor lock-in you need a lot of concerted effort by top and line management, as well as users ready to work with new tools.
Full description
1BestariNet Service Project (1BestariNet) is an initiative undertaken by the Malaysian Ministry of Education (MOE) to replace and enhance ICT connectivity in schools. It is an enhancement ... to the SchoolNet service which terminated on 31 December 2010 with emphasis on end-to-end solutions (E2E) network services together with Virtual Learning Environment (VLE). Under this project, 10,000 primary ... and secondary public schools in Malaysia are equipped with high-speed 4G Internet access and a virtual learning platform, providing high-speed internet connectivity and access to a world-class Integrated Learning ... ... To answer big risks in IT systems development you need all levels of organisation ... Audit of 1BestariNet is presented by the Malaysian National Audit Department together with other IT projects reviewed. A result is this concise and instructive list of lessons learnt and failures ... to be avoided. To maximize performance and minimize vendor lock-in you need a lot of concerted effort by top and line management, as well as users ready to work with new tools.
Full description
National Audit Department of Malaysia
, issued in 2013
Risk cases: 4
State funds spent on development, operation and using of data centres services
The aim of the audit was to scrutinise the management of funds spent on building and operating the national data centre (hereinafter “STC1 data centre”), including the expenditure of selected ... organisational units of the state on buying hosting, server-housing and other related services. The audited period was between 2010 and 2014; where relevant, the preceding period was also scrutinised. Audited ... entities: Ministry of the Interior (“MoI”); Ministry of Finance (“MoF”); STÁTNÍ TISKÁRNA CENIN, state firm (state banknote printing firm, hereinafter “STC” or “the state firm”). The audit was conducted ... ... Risks steming from uncoordinated strategy ... SAI of Czech Republic analysed consequences of failures in strategic IT management at the state level. Lack of coordination and implementation rules reduced practical role of the ministry whose task ... was to guard high quality standards for all crucial IT systems in the state administration. Next consecquences were (among others) risk of uneconomical results of large IT investment and risk of inefficient ... supply of services, as well as opposite results of workforce reduction.
Full description
The aim of the audit was to scrutinise the management of funds spent on building and operating the national data centre (hereinafter “STC1 data centre”), including the expenditure of selected ... organisational units of the state on buying hosting, server-housing and other related services. The audited period was between 2010 and 2014; where relevant, the preceding period was also scrutinised. Audited ... entities: Ministry of the Interior (“MoI”); Ministry of Finance (“MoF”); STÁTNÍ TISKÁRNA CENIN, state firm (state banknote printing firm, hereinafter “STC” or “the state firm”). The audit was conducted ... ... Risks steming from uncoordinated strategy ... SAI of Czech Republic analysed consequences of failures in strategic IT management at the state level. Lack of coordination and implementation rules reduced practical role of the ministry whose task ... was to guard high quality standards for all crucial IT systems in the state administration. Next consecquences were (among others) risk of uneconomical results of large IT investment and risk of inefficient ... supply of services, as well as opposite results of workforce reduction.
Full description
Supreme Audit Office of Czech Republic
, issued in 2015
Risk cases: 7
Digitisation of municipal services
The purpose of digitisation is to increase the quality and efficiency of public services. It is a goal to make online services the norm for public administration's communication with citizens ... and the private sector. The municipal sector is a significant provider of public services, and digitisation of municipal services is therefore essential for achieving this goal.<br/>The audit surveyed the status ... , assessed the significance of and possible obstacles to digitisation of municipal services. The audit examined how the Ministry of Local Government and Modernisation's use of policy instruments contributes ... ... Municipalities have not digitised their services to any extent ... Digitisation increases the quality and efficiency of public services and municipal sector is a significant provider of public services. Report of Riksrevisjonen of Norway shows however ... , that municipalities need a substantial support to execute this demanding task. To provide them with help, the central government has to coordinate own efforts first.
Full description
The purpose of digitisation is to increase the quality and efficiency of public services. It is a goal to make online services the norm for public administration's communication with citizens ... and the private sector. The municipal sector is a significant provider of public services, and digitisation of municipal services is therefore essential for achieving this goal.<br/>The audit surveyed the status ... , assessed the significance of and possible obstacles to digitisation of municipal services. The audit examined how the Ministry of Local Government and Modernisation's use of policy instruments contributes ... ... Municipalities have not digitised their services to any extent ... Digitisation increases the quality and efficiency of public services and municipal sector is a significant provider of public services. Report of Riksrevisjonen of Norway shows however ... , that municipalities need a substantial support to execute this demanding task. To provide them with help, the central government has to coordinate own efforts first.
Full description
Office of the Auditor General of Norway
, issued in 2016
Risk cases: 2
IT strategy of Swiss Federal Institute of Technology
The SFAO conducted an IT audit in 2009, in order to evaluate goal achievement and cost effectiveness of information and communication technology by Swiss Federal Institute of Technology (ETH Zurich ... ). [p. 11] ... Performance audit of IT strategy in research area ... Interesting problems of IT strategy implementation - including that of organizational authonomy skope.
Full description
The SFAO conducted an IT audit in 2009, in order to evaluate goal achievement and cost effectiveness of information and communication technology by Swiss Federal Institute of Technology (ETH Zurich ... ). [p. 11] ... Performance audit of IT strategy in research area ... Interesting problems of IT strategy implementation - including that of organizational authonomy skope.
Full description
Swiss Federal Audit Office
, issued in 2010
Risk cases: 1
Use of European Union funds in promoting information society
The National Audit Office audited the use of the aid allocated from the structural funds of the European Union (hereinafter EU aid) in the information technology (IT) area of the state. The National ... Audit Office checked whether the distribution of funds for the development of the information society has been balanced and transparent, and whether the distribution of aid is adequately supervised ... . Balanced distribution of aid means that development of the information society entails paying attention (and ideally providing proportional funding) to information systems aimed at the public sector, private ... Riigikontroll auditeeris Euroopa Liidu struktuurifondidest ehk tõukefondidest eraldatud toetuste (edaspidi ELi toetusraha) kasutamist riigi infotehnoloogia (IT) valdkonnas. Uuriti, kas raha jagamine ... infoühiskonna arendamise eesmärgil on olnud tasakaalustatud ja läbipaistev ning kas toetuste jagamise üle tehakse piisavat järelevalvet. Riigikontrolli hinnangul on riik infoühiskonna arengukava rakendamiseks ... toetuste jagamisel keskendunud liiga riigile suunatud IT-arenduste rahastamisele ning jätnud tagaplaanile ettevõtete konkurentsivõime parandamisele ja kolmandale sektorile suunatud IT arendusprojektide ... Balance needed for success of Information Society Development Plan ... 50% of aid has been granted primarily for the development of information systems of state agencies, i.e. as much as the other two target groups - business and citizens - put together. Information ... , true suppervision and measurement of progress are listed by the Estonian SAI as next key elements necessary to keep balanced development of strategy for Information Society.
Full description
The National Audit Office audited the use of the aid allocated from the structural funds of the European Union (hereinafter EU aid) in the information technology (IT) area of the state. The National ... Audit Office checked whether the distribution of funds for the development of the information society has been balanced and transparent, and whether the distribution of aid is adequately supervised ... . Balanced distribution of aid means that development of the information society entails paying attention (and ideally providing proportional funding) to information systems aimed at the public sector, private ... Riigikontroll auditeeris Euroopa Liidu struktuurifondidest ehk tõukefondidest eraldatud toetuste (edaspidi ELi toetusraha) kasutamist riigi infotehnoloogia (IT) valdkonnas. Uuriti, kas raha jagamine ... infoühiskonna arendamise eesmärgil on olnud tasakaalustatud ja läbipaistev ning kas toetuste jagamise üle tehakse piisavat järelevalvet. Riigikontrolli hinnangul on riik infoühiskonna arengukava rakendamiseks ... toetuste jagamisel keskendunud liiga riigile suunatud IT-arenduste rahastamisele ning jätnud tagaplaanile ettevõtete konkurentsivõime parandamisele ja kolmandale sektorile suunatud IT arendusprojektide ... Balance needed for success of Information Society Development Plan ... 50% of aid has been granted primarily for the development of information systems of state agencies, i.e. as much as the other two target groups - business and citizens - put together. Information ... , true suppervision and measurement of progress are listed by the Estonian SAI as next key elements necessary to keep balanced development of strategy for Information Society.
Full description
National Audit Office of Estonia
, issued in 2012
Risk cases: 2
8
results found.
Page 1
of 1