34
results found in
11 ms
Page 1
of 4
Information security work at nine agencies
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 4
Working of Inland Container Depots and Container Freight Stations
NEW! Online report on audit of SAI India With this first digital audit report of the Comptroller and Auditor General of India, new chapter has been opened in our profession: the online form is primary versus printable pdf. Advantages: high level of readability, live responsive charts, easy browsing and search of what users find interesting. The reported performance audit concerned 'dry ports', or multimodal logistics centres, which play growing role in domestic and international trade. It shows how gaps in concept and lax attitude to internal control can result on capacities, speed of trade, and enviromental safety.
Full description
NEW! Online report on audit of SAI India With this first digital audit report of the Comptroller and Auditor General of India, new chapter has been opened in our profession: the online form is primary versus printable pdf. Advantages: high level of readability, live responsive charts, easy browsing and search of what users find interesting. The reported performance audit concerned 'dry ports', or multimodal logistics centres, which play growing role in domestic and international trade. It shows how gaps in concept and lax attitude to internal control can result on capacities, speed of trade, and enviromental safety.
Full description
Comptroller and Auditor General of India
, issued in 2017
Risk cases: 5
The protection of research data at the Danish universities
The protection of research data at the Danish universities It is Rigsrevisionen’s assessment that the five largest universities are not adequately protecting their research data against unknown IT equipment. As a result, foreign actors may relatively easy gain unauthorized access to the universities’ research data.This is not considered satisfactory by Rigsrevisionen. The study shows that the five largest universities have defined guidelines for researchers’ use of software and hardware centrally, but that they have failed to centralise efforts to maintain a satisfactory level of security for research data. This is due mainly to the fact that, at some universities, researchers are allowed to bring their own devices,and at all the universities, researchers are allowed to have local administrator privileges, which gives them access to install software. Additionally, all five universities know of incidents where unknown hardware has been connected to their network.
Full description
The protection of research data at the Danish universities It is Rigsrevisionen’s assessment that the five largest universities are not adequately protecting their research data against unknown IT equipment. As a result, foreign actors may relatively easy gain unauthorized access to the universities’ research data.This is not considered satisfactory by Rigsrevisionen. The study shows that the five largest universities have defined guidelines for researchers’ use of software and hardware centrally, but that they have failed to centralise efforts to maintain a satisfactory level of security for research data. This is due mainly to the fact that, at some universities, researchers are allowed to bring their own devices,and at all the universities, researchers are allowed to have local administrator privileges, which gives them access to install software. Additionally, all five universities know of incidents where unknown hardware has been connected to their network.
Full description
National Audit Office of Denmark
, issued in 2018
Risk cases: 3
The Shared Services Centre
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The Australian National Audit Office
, issued in 2016
Risk cases: 2
Immigrant students and the effectiveness of basic education
Data analysis in education SAI Finland performed independent analysis to find out real situation regarding immigrant students' education. They found that despite more positive attitude than in case of native students, the immigrants' performance and education outcomes need more support.
Full description
Data analysis in education SAI Finland performed independent analysis to find out real situation regarding immigrant students' education. They found that despite more positive attitude than in case of native students, the immigrants' performance and education outcomes need more support.
Full description
National Audit Office of Finland
, issued in 2015
Risk cases: 3
The protection of valuable forest
Protection of valuable forest Protection of valuable forest land is an important mean of achieving the environmental quality objectives. Governments can establish formal protection of forests through the formation of national parks, biotope conservation areas, nature reserves or by signing nature conservation agreements. Beyond the state's formal protection of forests, the forest owners themselves are also expected to contribute through voluntary set-asides of forest. From a state perspective, it is important to investigate whether or not the resources for formal protection are being used cost-effectively. However, in order to achieve cost-effective formal protection work, the state also needs to address forest owners' voluntary set asides.
Full description
Protection of valuable forest Protection of valuable forest land is an important mean of achieving the environmental quality objectives. Governments can establish formal protection of forests through the formation of national parks, biotope conservation areas, nature reserves or by signing nature conservation agreements. Beyond the state's formal protection of forests, the forest owners themselves are also expected to contribute through voluntary set-asides of forest. From a state perspective, it is important to investigate whether or not the resources for formal protection are being used cost-effectively. However, in order to achieve cost-effective formal protection work, the state also needs to address forest owners' voluntary set asides.
Full description
Swedish National Audit Office
, issued in 2018
Risk cases: 4
Housing in England: overview
Efforts to support housing Even if housebuilding in England has not kept pace with need and there has been a reduction in social rented homes, significant advantages can be enjoyed: an increase in home ownership and in the number of private rented homes. The quality of housing improved in recent years too. The National Audit Office has reviewed critical elements of the housing being one of the government's key priorities. Looking for risks, they found that a potential conflict of objectives can lead to tensions in delivery.
Full description
Efforts to support housing Even if housebuilding in England has not kept pace with need and there has been a reduction in social rented homes, significant advantages can be enjoyed: an increase in home ownership and in the number of private rented homes. The quality of housing improved in recent years too. The National Audit Office has reviewed critical elements of the housing being one of the government's key priorities. Looking for risks, they found that a potential conflict of objectives can lead to tensions in delivery.
Full description
National Audit Office
, issued in 2017
Risk cases: 2
Has Public Administration Used All Opportunities for Efficient Management of ICT Infrastructure?
Efficient Management of ICT Infrastructure Centralised management of ICT services and infrastructure would allow the institutions to optimise in long run their resources – financial, human, material and technical. However, we observed during the audit that the move towards ICT centralisation and single data centres has ceased. The different ministries and even the institutions subordinated to the same ministry do not cooperate sufficiently with each other regarding the ICT management, maintenance, and infrastructure placement. They rather choose to maintain their own, sometimes even several, data centres.
Full description
Efficient Management of ICT Infrastructure Centralised management of ICT services and infrastructure would allow the institutions to optimise in long run their resources – financial, human, material and technical. However, we observed during the audit that the move towards ICT centralisation and single data centres has ceased. The different ministries and even the institutions subordinated to the same ministry do not cooperate sufficiently with each other regarding the ICT management, maintenance, and infrastructure placement. They rather choose to maintain their own, sometimes even several, data centres.
Full description
State Audit Office of the Republic of Latvia
, issued in 2019
Risk cases: 3
Performance measurement by regulators
Performance measurement for regulators Primary adressees of this good practice guide - by the British NAO - are regulators, the public institutions established for making sure that an industry or system works legally and fairly. But we are sure that many more can find this guidance useful - including auditors. NAO presents a comprehensible framework for performance measurement and hints how to focus on influence that regulators can use.
Full description
Performance measurement for regulators Primary adressees of this good practice guide - by the British NAO - are regulators, the public institutions established for making sure that an industry or system works legally and fairly. But we are sure that many more can find this guidance useful - including auditors. NAO presents a comprehensible framework for performance measurement and hints how to focus on influence that regulators can use.
Full description
National Audit Office
, issued in 2016
Risk cases: 2
Open Data Trend Report 2015
How to activate the open data policy The Dutch SAI looks for ways to improve open data practice in the Netherlands. They point at experience of two leading countries: UK and US, and advise to: prepare a concrete action plan, to increase number of mandatory published data, to develop government-wide data inventory and to put open data to work.
Full description
How to activate the open data policy The Dutch SAI looks for ways to improve open data practice in the Netherlands. They point at experience of two leading countries: UK and US, and advise to: prepare a concrete action plan, to increase number of mandatory published data, to develop government-wide data inventory and to put open data to work.
Full description
Netherlands Court of Audits
, issued in 2015
Risk cases: 4