17
results found in
10 ms
Page 1
of 2
Data security and positions with access to confidential information
) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... Information Security Decree, eight organizations show scope for improvement and nine organizations show an unsatisfactory level of compliance with the 2007 Civil Service Data Information Security Decree. When ... it comes to the audit on positions with access to confidential information almost all organizations show ommisions in compliance to the Security Screening Act. Only the ministry of Defence complies. ... ... Shortcomings in information security and in positions with access to confidential information ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information.
Full description
) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... Information Security Decree, eight organizations show scope for improvement and nine organizations show an unsatisfactory level of compliance with the 2007 Civil Service Data Information Security Decree. When ... it comes to the audit on positions with access to confidential information almost all organizations show ommisions in compliance to the Security Screening Act. Only the ministry of Defence complies. ... ... Shortcomings in information security and in positions with access to confidential information ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information.
Full description
Netherlands Court of Audits
, issued in 2012
Risk cases: 3
Performance Audit of Public Debt Management Information Systems
and External Financing Department – Ministry’s organizational unit responsible for public debt management. Audit team evaluated the activities of the IT service provider - LEPL Financial-Analytical Service ... the compliance of electronic systems with legal requirements, associated with activities of the organization. ... The usage and development of the information technologies in public financial management is an important priority of the country at the phase of intensive implementation of electronic governance ... ... More effective IT governance needed ... Importance of effective performance of public debt management e-systems may be explained by the world’s increased dependence on such systems. In parallel with the performance audit of debt management ... information systems of the Ministry Of Finance of Georgia, Supreme Audit Institutions of 11 countries also studied this topic, both in terms of systems’ performance and their practical application by local ... financial institutions. Audit conducted by the State Audit Office of Georgia has revealed security and governance shortcomings related to management and usage of these systems.
Full description
and External Financing Department – Ministry’s organizational unit responsible for public debt management. Audit team evaluated the activities of the IT service provider - LEPL Financial-Analytical Service ... the compliance of electronic systems with legal requirements, associated with activities of the organization. ... The usage and development of the information technologies in public financial management is an important priority of the country at the phase of intensive implementation of electronic governance ... ... More effective IT governance needed ... Importance of effective performance of public debt management e-systems may be explained by the world’s increased dependence on such systems. In parallel with the performance audit of debt management ... information systems of the Ministry Of Finance of Georgia, Supreme Audit Institutions of 11 countries also studied this topic, both in terms of systems’ performance and their practical application by local ... financial institutions. Audit conducted by the State Audit Office of Georgia has revealed security and governance shortcomings related to management and usage of these systems.
Full description
State Audit Office Of Georgia
, issued in 2014
Risk cases: 5
Homeland Security. Oversight of Neglected Human Resources Information Technology Investment Is Needed
Human resources IT investments get stuck in management's lack of interest Although the Human Resources Information Technology (HRIT) investment was initiated about 12 years ago with the intent to consolidate, integrate, and modernize the department's human resources IT infrastructure, the Department of Homeland Security (DHS) has made very limited progress in achieving these goals. HRIT's minimally involved executive steering committee during a time when significant problems were occurring was a key factor in the lack of progress. This is particularly problematic given that the department's ability to efficiently and effectively carry out its mission is significantly hampered by its fragmented human resources. DHS's ineffective management of HRIT, such as the lack of an updated schedule and a life-cycle cost estimate, also contributed to the neglect this investment has experienced. DHS will be limited in efficiently tracking and reporting accurate, comprehensive performance and learning management data across the organization, and could risk further implementation delays.
Full description
Human resources IT investments get stuck in management's lack of interest Although the Human Resources Information Technology (HRIT) investment was initiated about 12 years ago with the intent to consolidate, integrate, and modernize the department's human resources IT infrastructure, the Department of Homeland Security (DHS) has made very limited progress in achieving these goals. HRIT's minimally involved executive steering committee during a time when significant problems were occurring was a key factor in the lack of progress. This is particularly problematic given that the department's ability to efficiently and effectively carry out its mission is significantly hampered by its fragmented human resources. DHS's ineffective management of HRIT, such as the lack of an updated schedule and a life-cycle cost estimate, also contributed to the neglect this investment has experienced. DHS will be limited in efficiently tracking and reporting accurate, comprehensive performance and learning management data across the organization, and could risk further implementation delays.
Full description
US Government Accountability Office
, issued in 2016
Risk cases: 1
Coordinated Audit on Information Technology Governance
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
Risk cases: 5
Improved Planning and Performance Measures Are Needed to Help Ensure Successful Technology Modernization
Massive modernization effort needs coordination Social security issues can touch lives of many. Information technology in this area are increasingly costly and difficult to maintain. GAO is recommending to develop comprehensive metrics to effectively gauge modernization progress; complete comprehensive strategic planning, including its enterprise architecture; and define the new roles and responsibilities to help ensure effective oversight.
Full description
Massive modernization effort needs coordination Social security issues can touch lives of many. Information technology in this area are increasingly costly and difficult to maintain. GAO is recommending to develop comprehensive metrics to effectively gauge modernization progress; complete comprehensive strategic planning, including its enterprise architecture; and define the new roles and responsibilities to help ensure effective oversight.
Full description
General Accountability Office
, issued in 2012
Risk cases: 3
Management of Information Resources of the Ministry of the Interior
Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... information systems. Whereas the Ministry has failed to implement some of the public audit recommendations of 2007 and 2010,6 we analysed, whether there have been any positive changes in the field of IT ... management. Their impact is important not only because the Ministry manages 16 information resources, which ensure data availability to the population, efficient activity of the services, and operation ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... information systems. Whereas the Ministry has failed to implement some of the public audit recommendations of 2007 and 2010,6 we analysed, whether there have been any positive changes in the field of IT ... management. Their impact is important not only because the Ministry manages 16 information resources, which ensure data availability to the population, efficient activity of the services, and operation ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2016
Risk cases: 4
Building and Implementing the Phoenix Pay System
Expensive IT project became a failure Phoenix project (development of states pay system) was an incomprehensible failure of project management and oversight. Phoenix executives prioritized certain aspects, such as schedule and budget, over other critical ones, such as functionality and security. Phoenix executives did not understand the importance of warnings that the Miramichi Pay Centre, departments and agencies, and the new system were not ready. They did not provide complete and accurate information to deputy ministers and associate deputy ministers of departments and agencies, including the Deputy Minister of Public Services and Procurement, when briefing them on Phoenix readiness for implementation.
Full description
Expensive IT project became a failure Phoenix project (development of states pay system) was an incomprehensible failure of project management and oversight. Phoenix executives prioritized certain aspects, such as schedule and budget, over other critical ones, such as functionality and security. Phoenix executives did not understand the importance of warnings that the Miramichi Pay Centre, departments and agencies, and the new system were not ready. They did not provide complete and accurate information to deputy ministers and associate deputy ministers of departments and agencies, including the Deputy Minister of Public Services and Procurement, when briefing them on Phoenix readiness for implementation.
Full description
Office of theAuditor Generalof Canada
, issued in 2018
Risk cases: 3
FEMA Needs to Address Management Weaknesses to Improve Its Systems
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
General Accountability Office
, issued in 2016
Risk cases: 4
Opportunities Exist for FAA to Improve Airport Terminal Area Safety Efforts
Inefficient use of data The US GAO examined various issues related to runway safety and to update its prior work on airport terminal areas. Their findings point at inefficient use of data, which may lead to more risk and to inefficient targeting their limited resources.
Full description
Inefficient use of data The US GAO examined various issues related to runway safety and to update its prior work on airport terminal areas. Their findings point at inefficient use of data, which may lead to more risk and to inefficient targeting their limited resources.
Full description
US Government Accountability Office
, issued in 2019
Risk cases: 3
Steps Needed to Identify Acquisition Training Needs for Non-Acquisition Personnel
Non-Acquisition staff can be crucial for acquisition Despite from hundreds of billions of dollars spent annually to acquire products and services, the US Department of Defense does not full information about staff to be trained. The information is needed about the non-acquisition staff, who can play crucial role in particular acquisitions. As GAO underlines, their identification is necessary to fully understand the training needs and... budget.
Full description
Non-Acquisition staff can be crucial for acquisition Despite from hundreds of billions of dollars spent annually to acquire products and services, the US Department of Defense does not full information about staff to be trained. The information is needed about the non-acquisition staff, who can play crucial role in particular acquisitions. As GAO underlines, their identification is necessary to fully understand the training needs and... budget.
Full description
US Government Accountability Office
, issued in 2019
Risk cases: 4