33
results found in
11 ms
Page 1
of 4
Higher education institutions' provision of premises- room for improvement
How to pay for higher education institutions' premises Higher education institutions' rental costs constitute a significant part of central government rental expenses. Swedish NAO analysed results of reform, which aimed at more effective use of resources at central government agencies and more effective management of real property and assets for the State as a whole. Apart from the positive results as a whole, substantial room for improvement still exists: especially in identifying targets of costs, looking for incentives and in mitigating commercial approach to education institutions.
Full description
How to pay for higher education institutions' premises Higher education institutions' rental costs constitute a significant part of central government rental expenses. Swedish NAO analysed results of reform, which aimed at more effective use of resources at central government agencies and more effective management of real property and assets for the State as a whole. Apart from the positive results as a whole, substantial room for improvement still exists: especially in identifying targets of costs, looking for incentives and in mitigating commercial approach to education institutions.
Full description
Swedish National Audit Office
, issued in 2018
Risk cases: 2
Prevention Activities Against Traffic Accidents
Performance Audit Studies covering certain IT Issues related to Prevention Activities Against Traffic Accidents. It aims to contribute to the continuous improvement of prevention activities against ... is to conduct the traffic control activities efficiently with the help of systematic data. Objective of this audit was to contribute to the continuous improvement of prevention activities against traffic ... traffic accidents, which are dramatically leading to loss of life and property. Examination and evaluation of the Traffic Information Systems (TIS) under the traffic control headline. TIS' main purpose ... ... ... You need a way more than IT, to make an IT system successful ... SAI of Turkey examined the Traffic Information Systems and found out that not only IT infrastructure determined the audited IT project's outcomes. There were also non-IT issues that decided: low ... quality of driving education, poor technical infrastruture, as well as lack of monitoring and coordination at prioritization stage.
Full description
Performance Audit Studies covering certain IT Issues related to Prevention Activities Against Traffic Accidents. It aims to contribute to the continuous improvement of prevention activities against ... is to conduct the traffic control activities efficiently with the help of systematic data. Objective of this audit was to contribute to the continuous improvement of prevention activities against traffic ... traffic accidents, which are dramatically leading to loss of life and property. Examination and evaluation of the Traffic Information Systems (TIS) under the traffic control headline. TIS' main purpose ... ... ... You need a way more than IT, to make an IT system successful ... SAI of Turkey examined the Traffic Information Systems and found out that not only IT infrastructure determined the audited IT project's outcomes. There were also non-IT issues that decided: low ... quality of driving education, poor technical infrastruture, as well as lack of monitoring and coordination at prioritization stage.
Full description
Turkish Court of Accounts
, issued in 2008
Risk cases: 4
Protection of automatically processed personal data
Over the past few years, a number of legal, management, supervision, information, and methodological issues related to the protection of personal data have piled up. As they have not been fully ... resolved,the National Audit Office conducted an audit to assess the efficiency of the protection and supervision of automatically processed personal data and to check whether: - the regulation of personal data ... protection conforms to the data processing practices; - personal data is properly processed at public sector bodies; - the State Data Protection Inspectorate (SDPI) performs sufficient supervision ... ... Data protection needs a long term strategy ... Rapid development of information and communication technology continuously brings about issues of personal data protection. Due to lack of long-term vision in this area they are frequently ... not addressed by the existing legislation. Moreover, SAI of Lithuania revealed failures in organization and control of personal data protection by public sector.
Full description
Over the past few years, a number of legal, management, supervision, information, and methodological issues related to the protection of personal data have piled up. As they have not been fully ... resolved,the National Audit Office conducted an audit to assess the efficiency of the protection and supervision of automatically processed personal data and to check whether: - the regulation of personal data ... protection conforms to the data processing practices; - personal data is properly processed at public sector bodies; - the State Data Protection Inspectorate (SDPI) performs sufficient supervision ... ... Data protection needs a long term strategy ... Rapid development of information and communication technology continuously brings about issues of personal data protection. Due to lack of long-term vision in this area they are frequently ... not addressed by the existing legislation. Moreover, SAI of Lithuania revealed failures in organization and control of personal data protection by public sector.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2013
Risk cases: 2
Evaluation of the effectiveness of implementation and compliance with regulatory enactments and the legal framework of the project “E-government Portfolio”
programme of the European Regional Development Fund (hereinafter: ERDF) of the European Union (hereinafter: EU), “Development and improvement of the infrastructural foundation for electronic governance”. ... The objective of the audit is to evaluate the effectiveness of implementation and compliance with regulatory enactments and the legal framework of the project “Egovernment Portfolio” of the national ... ... Funds to absorb but no efficient project methodology? Be prepared for troubles ... Wide list of problems that can be met when more care is received by 'absorb funds' objective than by clear vision what and how can be improved. SAI Latvia's analysis shows how dangerous it can ... be for both effectiveness and financial management.
Full description
programme of the European Regional Development Fund (hereinafter: ERDF) of the European Union (hereinafter: EU), “Development and improvement of the infrastructural foundation for electronic governance”. ... The objective of the audit is to evaluate the effectiveness of implementation and compliance with regulatory enactments and the legal framework of the project “Egovernment Portfolio” of the national ... ... Funds to absorb but no efficient project methodology? Be prepared for troubles ... Wide list of problems that can be met when more care is received by 'absorb funds' objective than by clear vision what and how can be improved. SAI Latvia's analysis shows how dangerous it can ... be for both effectiveness and financial management.
Full description
State Audit Office of Latvia
, issued in 2010
Risk cases: 3
Management of IT security in systems outsourced to external suppliers
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
National Audit Office of Denmark
, issued in 2016
Risk cases: 3
THE CYBER SECURITY ENVIRONMENT IN LITHUANIA
The purpose of the audit was to assess whether cyber security is being ensured in Lithuania. In view of this goal, we assessed whether: (1) an effective cyber security system has been set up; (2 ... ) cyber security is ensured in public establishments. During the audit, the SAI Lithuania analysed current regulation, strategic planning and management practices in the field of cyber security ... and electronic information security as well as the funds allocated and used in this area. The SAI evaluated whether the cyber security and electronic information security objectives detailed in planning documents ... ... Cyber-security is much more than preventing incidents ... attention has been paid to development, legislation, improvement of organisational structure, etc. in this field. ... SAI Lithuania determined that the issue of ensuring and increasing cyber security and resilience has not been effectively addressed at the national level. The focus has primarily been on reacting ... to and preventing incidents in cyber space, which means that traditional issues related to electronic information security (confidentiality, integrity, accessibility) have been neglected, and from 2015, not enough
Full description
The purpose of the audit was to assess whether cyber security is being ensured in Lithuania. In view of this goal, we assessed whether: (1) an effective cyber security system has been set up; (2 ... ) cyber security is ensured in public establishments. During the audit, the SAI Lithuania analysed current regulation, strategic planning and management practices in the field of cyber security ... and electronic information security as well as the funds allocated and used in this area. The SAI evaluated whether the cyber security and electronic information security objectives detailed in planning documents ... ... Cyber-security is much more than preventing incidents ... attention has been paid to development, legislation, improvement of organisational structure, etc. in this field. ... SAI Lithuania determined that the issue of ensuring and increasing cyber security and resilience has not been effectively addressed at the national level. The focus has primarily been on reacting ... to and preventing incidents in cyber space, which means that traditional issues related to electronic information security (confidentiality, integrity, accessibility) have been neglected, and from 2015, not enough
Full description
National Audit Office of the Republic of Lithuania
, issued in 2015
Risk cases: 6
Effectiveness of the Tax Administration of the Republic of Slovenia in the execution of modernisation projects of the Slovenian duty information system and decreasing the number of duty sub-accounts
some improvements and had also enabled implementation of the second project - decreasing the number of government duty sub-accounts. Despite these successes, the combined projects of modernisation ... The Tax Administration of the Republic of Slovenia (hereinafter: the Tax Administration) is responsible for collecting taxes, fees and other compulsory levies (hereinafter: duties ... ). These are the revenue of the state budget, municipal budgets, the Health Insurance Institute of Slovenia, the Institute for Pension and Disability Insurance of Slovenia (hereinafter: duties recipients) and indirectly ... ... Shaky coordination of investments in important systems ... Slovenian SAI traced a series of problems in management of crucial IT investments in tax administration. Apart from promising goals, unclear business case gave a start to many problems at next stages ... of the project, involving additional spendings, delays and errors in data processing.
Full description
some improvements and had also enabled implementation of the second project - decreasing the number of government duty sub-accounts. Despite these successes, the combined projects of modernisation ... The Tax Administration of the Republic of Slovenia (hereinafter: the Tax Administration) is responsible for collecting taxes, fees and other compulsory levies (hereinafter: duties ... ). These are the revenue of the state budget, municipal budgets, the Health Insurance Institute of Slovenia, the Institute for Pension and Disability Insurance of Slovenia (hereinafter: duties recipients) and indirectly ... ... Shaky coordination of investments in important systems ... Slovenian SAI traced a series of problems in management of crucial IT investments in tax administration. Apart from promising goals, unclear business case gave a start to many problems at next stages ... of the project, involving additional spendings, delays and errors in data processing.
Full description
Court of Audit of the Republic of Slovenia
, issued in 2014
Risk cases: 7
Report to on the user-friendliness and user involvement in the development of e-government services in Denmark
stipulate that improvements of the solutions can be implemented post launch? - Are the e-government services user-friendly, and is the take-up satisfactory? 2) The study included the following five ... The e-government user-friendliness requirements are divided into five overall categories: language, design and flow, data and functionality, and accessibility. 1) The objective of the study ... is to provide an assessment of the authorities’ efforts to ensure that e-government services are user-friendly. The report answers the following questions: - Have the authorities involved the users ... ... User-friendliness of public services should be consistenty required and tested ... The Danish Rigsrevisionen is of the opinion that the user-friendliness of the services can be improved if the authorities meet all the requirements of the Danish Agency for Digitisation concerning ... the matter. The audit covered user-friendliness related problems in case of five systems, before and after the launch. The systems take-up was also considered, as well as communicating with citizens who ... are unable to use digital services.
Full description
stipulate that improvements of the solutions can be implemented post launch? - Are the e-government services user-friendly, and is the take-up satisfactory? 2) The study included the following five ... The e-government user-friendliness requirements are divided into five overall categories: language, design and flow, data and functionality, and accessibility. 1) The objective of the study ... is to provide an assessment of the authorities’ efforts to ensure that e-government services are user-friendly. The report answers the following questions: - Have the authorities involved the users ... ... User-friendliness of public services should be consistenty required and tested ... The Danish Rigsrevisionen is of the opinion that the user-friendliness of the services can be improved if the authorities meet all the requirements of the Danish Agency for Digitisation concerning ... the matter. The audit covered user-friendliness related problems in case of five systems, before and after the launch. The systems take-up was also considered, as well as communicating with citizens who ... are unable to use digital services.
Full description
National Audit Office of Denmark
, issued in 2013
Risk cases: 2
Coordinated Audit on Information Technology Governance
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
Risk cases: 5
The Shared Services Centre
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The Australian National Audit Office
, issued in 2016
Risk cases: 2