30
results found in
7 ms
Page 1
of 3
The effectiveness of Official Development Assistance expenditure
Need of more coordination and transparency The audit of the UK's Official Development Assistance revealed among others: fragmented responsibilities and difficulties in review and reporting. These led to difficulties in assessment of effectiveness of the assistance and of progress in implementing the UK Aid Strategy.
Full description
Need of more coordination and transparency The audit of the UK's Official Development Assistance revealed among others: fragmented responsibilities and difficulties in review and reporting. These led to difficulties in assessment of effectiveness of the assistance and of progress in implementing the UK Aid Strategy.
Full description
National Audit Office
, issued in 2019
Risk cases: 4
The internal audit function in the State Owned Enterprises
Internal audit - sometimes too narrow and dependent Performance audit by the SAI Portugal in state-owned companies reveals some weaknesses of the internal audit function. Special attention should be paid to scope, independence and quality assessment.
Full description
Internal audit - sometimes too narrow and dependent Performance audit by the SAI Portugal in state-owned companies reveals some weaknesses of the internal audit function. Special attention should be paid to scope, independence and quality assessment.
Full description
TRIBUNAL DE CONTAS DE PORTUGAL
, issued in 2011
Risk cases: 3
Homelessness
Homelessness grows despite increased spendings to reduce it British NAO analyses the root-causes of unsuccessful effort to reduce homelessness in England. They point at a side effect of the Goverment reform of welfare reform and at lack of full impact assessment.
Full description
Homelessness grows despite increased spendings to reduce it British NAO analyses the root-causes of unsuccessful effort to reduce homelessness in England. They point at a side effect of the Goverment reform of welfare reform and at lack of full impact assessment.
Full description
National Audit Office
, issued in 2016
Risk cases: 3
Parallel Audit on Biometric Passports - Overall Results (anonymised)
A biometric passport (or ePassport) contains biometric information which serves to authenticate the identity of travellers. Biometric passport management is the process of establishing ... and implementing the regulation on standards for security features and biometrics in passports and travel documents issued by the member states. The aim is to develop and maintain efficient and secure biometric ... passport production procedures (see page 5). ... EUROSAI ITWG: Parallel Audit on Biometric Passports ... process is generally under control while a couple of high-risk findings were identified in the non-process-specific assessments. In the non-process-specific assessments, most of the countries found ... Swiss SAI summed up results of audits concluded in seven countries (Belgium, Latvia, Lithuania, Norway, Portugal, Switzerland). The evaluation of the reported results showed that the overall passport ... deficiencies and weaknesses related to the IS/IT system and the IT management. Medium risks have been identified in the area of laws and regulations, cost-benefit realisation and transparency, as well
Full description
A biometric passport (or ePassport) contains biometric information which serves to authenticate the identity of travellers. Biometric passport management is the process of establishing ... and implementing the regulation on standards for security features and biometrics in passports and travel documents issued by the member states. The aim is to develop and maintain efficient and secure biometric ... passport production procedures (see page 5). ... EUROSAI ITWG: Parallel Audit on Biometric Passports ... process is generally under control while a couple of high-risk findings were identified in the non-process-specific assessments. In the non-process-specific assessments, most of the countries found ... Swiss SAI summed up results of audits concluded in seven countries (Belgium, Latvia, Lithuania, Norway, Portugal, Switzerland). The evaluation of the reported results showed that the overall passport ... deficiencies and weaknesses related to the IS/IT system and the IT management. Medium risks have been identified in the area of laws and regulations, cost-benefit realisation and transparency, as well
Full description
Swiss Federal Audit Office
, issued in 2015
Risk cases: 4
Management of IT security in systems outsourced to external suppliers
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
National Audit Office of Denmark
, issued in 2016
Risk cases: 3
The protection of IT systems and health data in three Danish regions
Security to be improved in IT systems with health data It is Rigsrevisionen’s assessment that the three regions are not protecting the access to IT systems and health data in a satisfactory manner. As a consequence, unauthorised persons might gain access to sensitive and confidential personal data, which could affect there liability and availability of important health data used in the treatment of hospital patients. Based on the results of the study and the current threat scenario, Rigsrevisionen finds that basic security measures against cyber attacks and protection of access to IT systems and health data should be a top priority for Denmark’s five regions. Basic security measures in combination with management and control of user privileges can reduce the risk of compromising the regions’ IT systems and data considerably.
Full description
Security to be improved in IT systems with health data It is Rigsrevisionen’s assessment that the three regions are not protecting the access to IT systems and health data in a satisfactory manner. As a consequence, unauthorised persons might gain access to sensitive and confidential personal data, which could affect there liability and availability of important health data used in the treatment of hospital patients. Based on the results of the study and the current threat scenario, Rigsrevisionen finds that basic security measures against cyber attacks and protection of access to IT systems and health data should be a top priority for Denmark’s five regions. Basic security measures in combination with management and control of user privileges can reduce the risk of compromising the regions’ IT systems and data considerably.
Full description
National Audit Office of Denmark
, issued in 2018
Risk cases: 3
Management of Information Resources of the Ministry of the Interior
of the audit was to assess the management of information resources in the Ministry of the Interior. We assessed how the Ministry ensures planning and organisation, monitoring, assessment and coordination ... Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... information systems. Whereas the Ministry has failed to implement some of the public audit recommendations of 2007 and 2010,6 we analysed, whether there have been any positive changes in the field of IT ... ... Process maturity examination can help in IT audit ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes. ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found
Full description
of the audit was to assess the management of information resources in the Ministry of the Interior. We assessed how the Ministry ensures planning and organisation, monitoring, assessment and coordination ... Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... information systems. Whereas the Ministry has failed to implement some of the public audit recommendations of 2007 and 2010,6 we analysed, whether there have been any positive changes in the field of IT ... ... Process maturity examination can help in IT audit ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes. ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found
Full description
National Audit Office of the Republic of Lithuania
, issued in 2016
Risk cases: 4
Electronic Health Records - VA Needs to Identify and Report Existing System Costs
Difficulties after 30 years of decentralized development The US Department of Veterans Affairs provides health care services to approximately 9 million veterans and their families. However, the IT system they use is more than 30 years old, is costly to maintain, and does not fully support exchanging health data. The US GAO, analyzed the system's modenization plans and found serious problems with definition and cost estimation.
Full description
Difficulties after 30 years of decentralized development The US Department of Veterans Affairs provides health care services to approximately 9 million veterans and their families. However, the IT system they use is more than 30 years old, is costly to maintain, and does not fully support exchanging health data. The US GAO, analyzed the system's modenization plans and found serious problems with definition and cost estimation.
Full description
US Government Accountability Office
, issued in 2019
Risk cases: 3
Performance measurement by regulators
Performance measurement for regulators Primary adressees of this good practice guide - by the British NAO - are regulators, the public institutions established for making sure that an industry or system works legally and fairly. But we are sure that many more can find this guidance useful - including auditors. NAO presents a comprehensible framework for performance measurement and hints how to focus on influence that regulators can use.
Full description
Performance measurement for regulators Primary adressees of this good practice guide - by the British NAO - are regulators, the public institutions established for making sure that an industry or system works legally and fairly. But we are sure that many more can find this guidance useful - including auditors. NAO presents a comprehensible framework for performance measurement and hints how to focus on influence that regulators can use.
Full description
National Audit Office
, issued in 2016
Risk cases: 2
OMB and Agencies Need to Focus Continued Attention on Implementing Reform Law
How to invest efficiently in IT IT investments are large and growing position in annual budgets. Historically, they have frequently failed, incurred cost overruns and schedule slippages, or contributed little to mission-related outcomes. GAO recommendations focus on the oversight and execution of the data center consolidation initiative, the accuracy and reliability of the IT Dashboard, and incremental development policies.
Full description
How to invest efficiently in IT IT investments are large and growing position in annual budgets. Historically, they have frequently failed, incurred cost overruns and schedule slippages, or contributed little to mission-related outcomes. GAO recommendations focus on the oversight and execution of the data center consolidation initiative, the accuracy and reliability of the IT Dashboard, and incremental development policies.
Full description
General Accountability Office
, issued in 2016
Risk cases: 3