28
results found in
6 ms
Page 1
of 3
Incorrect payments in social insurance - Control activities of the Swedish Social Insurance Agency
In 2014 the social insurance system accounted for six per cent of GDP. The long-term sustainability of a system of that magnitude requires that the public perceives its purpose to be important ... , that it is well administered and that it is as free of abuse as possible. It must also be financially stable over time, since major fluctuations impact other areas of the central government budget. When ... these things function as they should, the system is perceived to be legitimate and enjoys public confidence.<br/> According to available estimations, almost SEK 20 billion had been paid out incorrectly from ... Balance of priorities needed to reduce incorrect payments ... Role of social insurance in public finance is so substantial that reduction of incorrect payments' volume is matter of huge savings. The Swedish NAO noted positive initiatives by the Social Insurance ... Agency in this regard. However they found also, that serious problems can stem from giving higher priority to the speed of payment and customers satisfaction. They both are undoubtedly important features ... of each system, still, the prevention of incorrect payments needs strategic support to be really effective.
Full description
In 2014 the social insurance system accounted for six per cent of GDP. The long-term sustainability of a system of that magnitude requires that the public perceives its purpose to be important ... , that it is well administered and that it is as free of abuse as possible. It must also be financially stable over time, since major fluctuations impact other areas of the central government budget. When ... these things function as they should, the system is perceived to be legitimate and enjoys public confidence.<br/> According to available estimations, almost SEK 20 billion had been paid out incorrectly from ... Balance of priorities needed to reduce incorrect payments ... Role of social insurance in public finance is so substantial that reduction of incorrect payments' volume is matter of huge savings. The Swedish NAO noted positive initiatives by the Social Insurance ... Agency in this regard. However they found also, that serious problems can stem from giving higher priority to the speed of payment and customers satisfaction. They both are undoubtedly important features ... of each system, still, the prevention of incorrect payments needs strategic support to be really effective.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 3
Effectiveness of internal controls in the protection of personal data in national databases
of internal controls which must ensure the accuracy and preservation of data and avoid information leaks. ... The NAO analysed seven national databases in order to find out how the legitimate use of personal data is ensured. In accordance with the Personal Data Protection Act, the agencies who run databases ... must ensure that personal data is protected from abuse. The information system of the database must function appropriately, incl. be reliable and safe. Log files must be retained of all instances ... ... Basic controls analysis can fail in data protection ... Estonian SAI analyzed personal data safety. Main finding were: poor log analysis and unprotected data.
Full description
of internal controls which must ensure the accuracy and preservation of data and avoid information leaks. ... The NAO analysed seven national databases in order to find out how the legitimate use of personal data is ensured. In accordance with the Personal Data Protection Act, the agencies who run databases ... must ensure that personal data is protected from abuse. The information system of the database must function appropriately, incl. be reliable and safe. Log files must be retained of all instances ... ... Basic controls analysis can fail in data protection ... Estonian SAI analyzed personal data safety. Main finding were: poor log analysis and unprotected data.
Full description
National Audit Office of Estonia
, issued in 2008
Risk cases: 2
Audit of the Government, Government-guaranteed and Municipal Debt Management Information Systems in the Ministry of Finance of the Republic of Bulgaria
? The audit covered the period from 01.01.2013 to 31.12.2013 and investigated four major areas: IT system strategy and general management; IT security and controls against disasters; Operational controls ... and Documentation; Application Controls. ... The main audit question studied during the audit was: Are the government, government-guaranteed (SDMS) and municipal debt management information systems (CMDR) at the Ministry of Finance effective ... ... Even effective and modern IT systems require improvements and updates to ensure their security and accountability ... the established system is effective and provides updated, complete and correct information. Nevertheless the audit report points out areas of security, application controls as well as documentation as the subjects ... For the management of the government, government-guaranteed and municipal debt the Ministry of Finance has established an advanced integrated information infrastructure. According to Bulgarian SAI ... that need further improvement and optimization.
Full description
? The audit covered the period from 01.01.2013 to 31.12.2013 and investigated four major areas: IT system strategy and general management; IT security and controls against disasters; Operational controls ... and Documentation; Application Controls. ... The main audit question studied during the audit was: Are the government, government-guaranteed (SDMS) and municipal debt management information systems (CMDR) at the Ministry of Finance effective ... ... Even effective and modern IT systems require improvements and updates to ensure their security and accountability ... the established system is effective and provides updated, complete and correct information. Nevertheless the audit report points out areas of security, application controls as well as documentation as the subjects ... For the management of the government, government-guaranteed and municipal debt the Ministry of Finance has established an advanced integrated information infrastructure. According to Bulgarian SAI ... that need further improvement and optimization.
Full description
Bulgarian National Audit Office
, issued in 2014
Risk cases: 3
IT Support in the Judicial Chain
The Swedish National Audit Office has examined how well agencies in the judicial chain have handled known flaws in their IT support and whether the Government’s control mechanisms have provided ... the agencies with sufficient prerequisites to expand and improve IT support. ... ... Needed: good conditions by government, better steering and control by authorities ... . The authorities, in their turn, need to improve their steering and control, as well as interact to a much higher degree. ... Despite many years’ of work to modernize the IT support within the judiciary, there are still many deficiencies. The Government has not given the authorities good conditions enough to lead the work
Full description
The Swedish National Audit Office has examined how well agencies in the judicial chain have handled known flaws in their IT support and whether the Government’s control mechanisms have provided ... the agencies with sufficient prerequisites to expand and improve IT support. ... ... Needed: good conditions by government, better steering and control by authorities ... . The authorities, in their turn, need to improve their steering and control, as well as interact to a much higher degree. ... Despite many years’ of work to modernize the IT support within the judiciary, there are still many deficiencies. The Government has not given the authorities good conditions enough to lead the work
Full description
Swedish National Audit Office
, issued in 2011
Risk cases: 3
Report to the Public AccountsCommittee on mitigation of cyber attacks
security controls that can increase security and mitigate cyber attacks. International studies have concluded that three central security controls can prevent the majority of the currently known types ... have addressed the risk of cyber attacks and whether they have implemented these three security controls. ... This report concerns the action taken by Danish government bodies to prevent cyber attacks. Behaving sensibly in cyberspace to avoid attacks is important, but should be supplemented by technical ... Three basic security measures are often neglected ... Government agencies are open for cyber attacks because they often forget to respect three basic IT security measures. The three measures are: 1. technical restriction on programs downloading; 2 ... . limited use of local administrators rights; 3. systematic software updates.
Full description
security controls that can increase security and mitigate cyber attacks. International studies have concluded that three central security controls can prevent the majority of the currently known types ... have addressed the risk of cyber attacks and whether they have implemented these three security controls. ... This report concerns the action taken by Danish government bodies to prevent cyber attacks. Behaving sensibly in cyberspace to avoid attacks is important, but should be supplemented by technical ... Three basic security measures are often neglected ... Government agencies are open for cyber attacks because they often forget to respect three basic IT security measures. The three measures are: 1. technical restriction on programs downloading; 2 ... . limited use of local administrators rights; 3. systematic software updates.
Full description
National Audit Office of Denmark
, issued in 2013
Risk cases: 3
Extract from the report to the Public Accounts Committee on the access to IT systems that support the provision of essential services to the Danish society
The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... ... Inadequate management and control of domain administrator privileges ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges.
Full description
The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... ... Inadequate management and control of domain administrator privileges ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges.
Full description
National Audit Office of Denmark
, issued in 2015
Risk cases: 4
Prevention Activities Against Traffic Accidents
traffic accidents, which are dramatically leading to loss of life and property. Examination and evaluation of the Traffic Information Systems (TIS) under the traffic control headline. TIS' main purpose ... is to conduct the traffic control activities efficiently with the help of systematic data. Objective of this audit was to contribute to the continuous improvement of prevention activities against traffic ... Performance Audit Studies covering certain IT Issues related to Prevention Activities Against Traffic Accidents. It aims to contribute to the continuous improvement of prevention activities against ... ... ... You need a way more than IT, to make an IT system successful ... SAI of Turkey examined the Traffic Information Systems and found out that not only IT infrastructure determined the audited IT project's outcomes. There were also non-IT issues that decided: low ... quality of driving education, poor technical infrastruture, as well as lack of monitoring and coordination at prioritization stage.
Full description
traffic accidents, which are dramatically leading to loss of life and property. Examination and evaluation of the Traffic Information Systems (TIS) under the traffic control headline. TIS' main purpose ... is to conduct the traffic control activities efficiently with the help of systematic data. Objective of this audit was to contribute to the continuous improvement of prevention activities against traffic ... Performance Audit Studies covering certain IT Issues related to Prevention Activities Against Traffic Accidents. It aims to contribute to the continuous improvement of prevention activities against ... ... ... You need a way more than IT, to make an IT system successful ... SAI of Turkey examined the Traffic Information Systems and found out that not only IT infrastructure determined the audited IT project's outcomes. There were also non-IT issues that decided: low ... quality of driving education, poor technical infrastruture, as well as lack of monitoring and coordination at prioritization stage.
Full description
Turkish Court of Accounts
, issued in 2008
Risk cases: 4
Audit to the Social Security Systems of Collection of Contributions and Quotes and Relationship with Banking and other Entities Engaged in Collection Initiatives
The audit aims to evaluate the effectiveness and efficiency of the processes implemented in respect of the processing schemes of contributions/quotas, whose Wages Statements (WS) entered ... into the system in the first quarter of 2007, test the reliability, stability and confidence level of the application systems developed and the respective values processed in the entire collection circuit ... and respective accounting, and also check compliance with the contracts celebrated with banking entities. ... ... Application level of Social Security IS analyzed ... Processes maturity and automation of controls appeared to be main problems in the system which reliability, stability and confidence level were tested.
Full description
The audit aims to evaluate the effectiveness and efficiency of the processes implemented in respect of the processing schemes of contributions/quotas, whose Wages Statements (WS) entered ... into the system in the first quarter of 2007, test the reliability, stability and confidence level of the application systems developed and the respective values processed in the entire collection circuit ... and respective accounting, and also check compliance with the contracts celebrated with banking entities. ... ... Application level of Social Security IS analyzed ... Processes maturity and automation of controls appeared to be main problems in the system which reliability, stability and confidence level were tested.
Full description
TRIBUNAL DE CONTAS DE PORTUGAL
, issued in 2008
Risk cases: 2
Cyber Attacks: Securing Agencies’ICT Systems
agencies compliance with the four mandatory ICT security strategies and related controls in the Australian Government Information Security Manual (ISM). The audit also considered the overall ICT security ... posture of the selected agencies, based on their implementation of the four mandated mitigation strategies and IT general controls. In the government sector, the Australian Signals Directorate (ASD) has ... Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
agencies compliance with the four mandatory ICT security strategies and related controls in the Australian Government Information Security Manual (ISM). The audit also considered the overall ICT security ... posture of the selected agencies, based on their implementation of the four mandated mitigation strategies and IT general controls. In the government sector, the Australian Signals Directorate (ASD) has ... Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
The Australian National Audit Office
, issued in 2014
Risk cases: 3
The development and use of identification services in public administration
with legislation in procuring services. The audit also examined development, control and monitoring structures regarding identification services. The audit focused on electronic identification services that are used ... The audit examined the implementation and coordination of projects aimed at developing identification services in public administration, cooperation among authorities in this area and compliance ... in public administration's electronic transactions. ... ... Unhealthy competition linked with lack of coordinatnion and with procurement irregularities ... See what may go wrong with the IT public procurement. Check out what is the basis to avoid irregularities or omissions in complying with public procurement legislation. National Audit Office ... of Finland identified also risks resulting from lack of horizontal coordination.
Full description
with legislation in procuring services. The audit also examined development, control and monitoring structures regarding identification services. The audit focused on electronic identification services that are used ... The audit examined the implementation and coordination of projects aimed at developing identification services in public administration, cooperation among authorities in this area and compliance ... in public administration's electronic transactions. ... ... Unhealthy competition linked with lack of coordinatnion and with procurement irregularities ... See what may go wrong with the IT public procurement. Check out what is the basis to avoid irregularities or omissions in complying with public procurement legislation. National Audit Office ... of Finland identified also risks resulting from lack of horizontal coordination.
Full description
National Audit Office of Finland
, issued in 2008
Risk cases: 3