19
results found in
10 ms
Page 1
of 2
Federal Human Resources Data
Internal control weaknesses may put mission at risk GAO audited the Enterprise Human Resources Integration payroll data warehose. The American auditors pointed at problems that may impede 'leverage of these data to meet its mission and allow others to make full use' of them. The critical internal contols areas to be improved in this cas are: completeness, accuracy, and validity of information, authorization, documentation, monitoring, results' evaluation.
Full description
Internal control weaknesses may put mission at risk GAO audited the Enterprise Human Resources Integration payroll data warehose. The American auditors pointed at problems that may impede 'leverage of these data to meet its mission and allow others to make full use' of them. The critical internal contols areas to be improved in this cas are: completeness, accuracy, and validity of information, authorization, documentation, monitoring, results' evaluation.
Full description
General Accountability Office
, issued in 2016
Risk cases: 2
Homeland Security. Oversight of Neglected Human Resources Information Technology Investment Is Needed
Human resources IT investments get stuck in management's lack of interest Although the Human Resources Information Technology (HRIT) investment was initiated about 12 years ago with the intent to consolidate, integrate, and modernize the department's human resources IT infrastructure, the Department of Homeland Security (DHS) has made very limited progress in achieving these goals. HRIT's minimally involved executive steering committee during a time when significant problems were occurring was a key factor in the lack of progress. This is particularly problematic given that the department's ability to efficiently and effectively carry out its mission is significantly hampered by its fragmented human resources. DHS's ineffective management of HRIT, such as the lack of an updated schedule and a life-cycle cost estimate, also contributed to the neglect this investment has experienced. DHS will be limited in efficiently tracking and reporting accurate, comprehensive performance and learning management data across the organization, and could risk further implementation delays.
Full description
Human resources IT investments get stuck in management's lack of interest Although the Human Resources Information Technology (HRIT) investment was initiated about 12 years ago with the intent to consolidate, integrate, and modernize the department's human resources IT infrastructure, the Department of Homeland Security (DHS) has made very limited progress in achieving these goals. HRIT's minimally involved executive steering committee during a time when significant problems were occurring was a key factor in the lack of progress. This is particularly problematic given that the department's ability to efficiently and effectively carry out its mission is significantly hampered by its fragmented human resources. DHS's ineffective management of HRIT, such as the lack of an updated schedule and a life-cycle cost estimate, also contributed to the neglect this investment has experienced. DHS will be limited in efficiently tracking and reporting accurate, comprehensive performance and learning management data across the organization, and could risk further implementation delays.
Full description
US Government Accountability Office
, issued in 2016
Risk cases: 1
Management of Information Resources of the Ministry of the Interior
Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... management. Their impact is important not only because the Ministry manages 16 information resources, which ensure data availability to the population, efficient activity of the services, and operation ... of the Schengen collaboration tools. The quality of IT management in the Ministry shall also affect the activities of other state institutions: from 05/01/206, the list of public information resources consolidation ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... management. Their impact is important not only because the Ministry manages 16 information resources, which ensure data availability to the population, efficient activity of the services, and operation ... of the Schengen collaboration tools. The quality of IT management in the Ministry shall also affect the activities of other state institutions: from 05/01/206, the list of public information resources consolidation ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2016
Risk cases: 4
Use of consultants and temporary staff
New skills needed in a longer term UK NAO: Used well, consultants and temporary staff can be an important source of specialist skills and capabilities that are uneconomic for departments to maintain in their permanent staff. Since 2009-10, the government has used spending controls to reduce its use of consultants and temporary staff, and by 2014-15 spending had fallen by £1.5 billion. However, spending has increased by between £400 million and £600 million since 2011-12, suggesting that this was more of a short-term reduction than a sustainable strategy. In the longer term, departments will need to develop workforce, skills and capacity plans to reduce their dependence on external skills. They will need to improve their strategic workforce planning to determine where they can deploy existing staff, where they need to recruit, and where they need to engage temporary resources. Without this, departments cannot demonstrate that they are achieving value for money from the use of consultants and temporary staff.
Full description
New skills needed in a longer term UK NAO: Used well, consultants and temporary staff can be an important source of specialist skills and capabilities that are uneconomic for departments to maintain in their permanent staff. Since 2009-10, the government has used spending controls to reduce its use of consultants and temporary staff, and by 2014-15 spending had fallen by £1.5 billion. However, spending has increased by between £400 million and £600 million since 2011-12, suggesting that this was more of a short-term reduction than a sustainable strategy. In the longer term, departments will need to develop workforce, skills and capacity plans to reduce their dependence on external skills. They will need to improve their strategic workforce planning to determine where they can deploy existing staff, where they need to recruit, and where they need to engage temporary resources. Without this, departments cannot demonstrate that they are achieving value for money from the use of consultants and temporary staff.
Full description
National Audit Office
, issued in 2016
Risk cases: 7
The Shared Services Centre
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The Australian National Audit Office
, issued in 2016
Risk cases: 2
Federal Agencies Need to Address Aging Legacy Systems
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
General Accountability Office
, issued in 2016
Risk cases: 3
OMB and Agencies Need to Focus Continued Attention on Implementing Reform Law
How to invest efficiently in IT IT investments are large and growing position in annual budgets. Historically, they have frequently failed, incurred cost overruns and schedule slippages, or contributed little to mission-related outcomes. GAO recommendations focus on the oversight and execution of the data center consolidation initiative, the accuracy and reliability of the IT Dashboard, and incremental development policies.
Full description
How to invest efficiently in IT IT investments are large and growing position in annual budgets. Historically, they have frequently failed, incurred cost overruns and schedule slippages, or contributed little to mission-related outcomes. GAO recommendations focus on the oversight and execution of the data center consolidation initiative, the accuracy and reliability of the IT Dashboard, and incremental development policies.
Full description
General Accountability Office
, issued in 2016
Risk cases: 3
FEMA Needs to Address Management Weaknesses to Improve Its Systems
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
General Accountability Office
, issued in 2016
Risk cases: 4
Opportunities Exist for SEC to Improve Its Controls over Financial Systems and Data
The SEC is responsible for enforcing securities laws, issuing rules and regulations that provide protection for investors, and helping to ensure that the securities markets are fair and honest ... . In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... IT security basics under scrutiny ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information.
Full description
The SEC is responsible for enforcing securities laws, issuing rules and regulations that provide protection for investors, and helping to ensure that the securities markets are fair and honest ... . In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... IT security basics under scrutiny ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information.
Full description
General Accountability Office
, issued in 2016
Risk cases: 5
Information security work at nine agencies
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 4