50
results found in
21 ms
Page 1
of 5
Online fraud
Uneven response to online fraud This type of fraud can affect everyone, but yet it is not a strategic priority for local police forces and the response from industry is uneven. UK NAO underlines: For too long, as a low-value but high-volume crime, online fraud has been overlooked by government, law enforcement and industry. It is a crime that can affect everyone. Fraud is now the most commonly experienced crime in England and Wales, is growing rapidly and demands an urgent response. Yet fraud is not a strategic priority for local police forces, and the response from industry is uneven.
Full description
Uneven response to online fraud This type of fraud can affect everyone, but yet it is not a strategic priority for local police forces and the response from industry is uneven. UK NAO underlines: For too long, as a low-value but high-volume crime, online fraud has been overlooked by government, law enforcement and industry. It is a crime that can affect everyone. Fraud is now the most commonly experienced crime in England and Wales, is growing rapidly and demands an urgent response. Yet fraud is not a strategic priority for local police forces, and the response from industry is uneven.
Full description
National Audit Office
, issued in 2017
Risk cases: 6
Cyber Attacks: Securing Agencies’ICT Systems
were considered serious enough to warrant a Cyber Security Operations Centre response. <br/> The protection of Australian Government systems and information from unauthorised access and use is a key ... Operations Centre response. The audit's focus was, among others, application of top four of the ASD's list of 35 mitigation strategies against cyber intrusions. Contact person: Alex Doyle ... Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
were considered serious enough to warrant a Cyber Security Operations Centre response. <br/> The protection of Australian Government systems and information from unauthorised access and use is a key ... Operations Centre response. The audit's focus was, among others, application of top four of the ASD's list of 35 mitigation strategies against cyber intrusions. Contact person: Alex Doyle ... Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
The Australian National Audit Office
, issued in 2014
Risk cases: 3
The development and use of identification services in public administration
with legislation in procuring services. The audit also examined development, control and monitoring structures regarding identification services. The audit focused on electronic identification services that are used ... The audit examined the implementation and coordination of projects aimed at developing identification services in public administration, cooperation among authorities in this area and compliance ... in public administration's electronic transactions. ... ... Unhealthy competition linked with lack of coordinatnion and with procurement irregularities ... See what may go wrong with the IT public procurement. Check out what is the basis to avoid irregularities or omissions in complying with public procurement legislation. National Audit Office ... of Finland identified also risks resulting from lack of horizontal coordination.
Full description
with legislation in procuring services. The audit also examined development, control and monitoring structures regarding identification services. The audit focused on electronic identification services that are used ... The audit examined the implementation and coordination of projects aimed at developing identification services in public administration, cooperation among authorities in this area and compliance ... in public administration's electronic transactions. ... ... Unhealthy competition linked with lack of coordinatnion and with procurement irregularities ... See what may go wrong with the IT public procurement. Check out what is the basis to avoid irregularities or omissions in complying with public procurement legislation. National Audit Office ... of Finland identified also risks resulting from lack of horizontal coordination.
Full description
National Audit Office of Finland
, issued in 2008
Risk cases: 3
Coordination of Infrastructure Works by Metropolitan Municipalities
Rapid population growth at metropoles as well as dense and planless structuring, especially in İstanbul and Ankara, have lead to an increase in demand for utilities services and consequently ... , in the resources used for the construction and maintenance of utilities. Moreover, in cities with dense population, damages to roads and sidewalks during the construction and maintenance of utilities cause problems ... in daily life, create financial burden and necessitate effective solutions. The purpose of this audit is to ensure that metropolitan municipalities eradicate defects in implementation, and Ministry ... ... ... Start geographic information system with cooperation rules and digital maps ... Organization of geographic and infrastructure information systems is an especially difficult task when bacause vast and intense coordination is necessary. The Turkisch Court of Accounts lists ... problems that reduce use and rise costs of this fundamental task.
Full description
Rapid population growth at metropoles as well as dense and planless structuring, especially in İstanbul and Ankara, have lead to an increase in demand for utilities services and consequently ... , in the resources used for the construction and maintenance of utilities. Moreover, in cities with dense population, damages to roads and sidewalks during the construction and maintenance of utilities cause problems ... in daily life, create financial burden and necessitate effective solutions. The purpose of this audit is to ensure that metropolitan municipalities eradicate defects in implementation, and Ministry ... ... ... Start geographic information system with cooperation rules and digital maps ... Organization of geographic and infrastructure information systems is an especially difficult task when bacause vast and intense coordination is necessary. The Turkisch Court of Accounts lists ... problems that reduce use and rise costs of this fundamental task.
Full description
Turkish Court of Accounts
, issued in 2008
Risk cases: 2
Management of Police Information Resources
Police tasks of the necessary data are processed departmental registers, information systems, automated data processing systems and networks where information is stored, processed and transferred ... to the classified information. The police department has all of these information resources, so the audit focused on the activities and actions of the Department to ensure planning and organizing of the recourses ... , monitoring, evaluation and coordination and other aspects of registers and IS strategic management. The audited period was 2012-2014. For the analysis, there were used previous data and data of 2015 ... ... Fundamentals of IT organisation ... and well understood architecture of information. Well functioning IT management structures, which on the other hand may sound trivial, were proved here as the key to success. ... Review by SAI Lithuania makes readers aware that nowadays it is difficult to develop a larger IT system without whole conceptual infrastracture: planning composed into strategy of the organisation
Full description
Police tasks of the necessary data are processed departmental registers, information systems, automated data processing systems and networks where information is stored, processed and transferred ... to the classified information. The police department has all of these information resources, so the audit focused on the activities and actions of the Department to ensure planning and organizing of the recourses ... , monitoring, evaluation and coordination and other aspects of registers and IS strategic management. The audited period was 2012-2014. For the analysis, there were used previous data and data of 2015 ... ... Fundamentals of IT organisation ... and well understood architecture of information. Well functioning IT management structures, which on the other hand may sound trivial, were proved here as the key to success. ... Review by SAI Lithuania makes readers aware that nowadays it is difficult to develop a larger IT system without whole conceptual infrastracture: planning composed into strategy of the organisation
Full description
National Audit Office of the Republic of Lithuania
, issued in 2015
Risk cases: 4
THE CYBER SECURITY ENVIRONMENT IN LITHUANIA
The purpose of the audit was to assess whether cyber security is being ensured in Lithuania. In view of this goal, we assessed whether: (1) an effective cyber security system has been set up; (2 ... ) cyber security is ensured in public establishments. During the audit, the SAI Lithuania analysed current regulation, strategic planning and management practices in the field of cyber security ... and electronic information security as well as the funds allocated and used in this area. The SAI evaluated whether the cyber security and electronic information security objectives detailed in planning documents ... ... Cyber-security is much more than preventing incidents ... attention has been paid to development, legislation, improvement of organisational structure, etc. in this field. ... SAI Lithuania determined that the issue of ensuring and increasing cyber security and resilience has not been effectively addressed at the national level. The focus has primarily been on reacting ... to and preventing incidents in cyber space, which means that traditional issues related to electronic information security (confidentiality, integrity, accessibility) have been neglected, and from 2015, not enough
Full description
The purpose of the audit was to assess whether cyber security is being ensured in Lithuania. In view of this goal, we assessed whether: (1) an effective cyber security system has been set up; (2 ... ) cyber security is ensured in public establishments. During the audit, the SAI Lithuania analysed current regulation, strategic planning and management practices in the field of cyber security ... and electronic information security as well as the funds allocated and used in this area. The SAI evaluated whether the cyber security and electronic information security objectives detailed in planning documents ... ... Cyber-security is much more than preventing incidents ... attention has been paid to development, legislation, improvement of organisational structure, etc. in this field. ... SAI Lithuania determined that the issue of ensuring and increasing cyber security and resilience has not been effectively addressed at the national level. The focus has primarily been on reacting ... to and preventing incidents in cyber space, which means that traditional issues related to electronic information security (confidentiality, integrity, accessibility) have been neglected, and from 2015, not enough
Full description
National Audit Office of the Republic of Lithuania
, issued in 2015
Risk cases: 6
Building and Implementing the Phoenix Pay System
Expensive IT project became a failure Phoenix project (development of states pay system) was an incomprehensible failure of project management and oversight. Phoenix executives prioritized certain aspects, such as schedule and budget, over other critical ones, such as functionality and security. Phoenix executives did not understand the importance of warnings that the Miramichi Pay Centre, departments and agencies, and the new system were not ready. They did not provide complete and accurate information to deputy ministers and associate deputy ministers of departments and agencies, including the Deputy Minister of Public Services and Procurement, when briefing them on Phoenix readiness for implementation.
Full description
Expensive IT project became a failure Phoenix project (development of states pay system) was an incomprehensible failure of project management and oversight. Phoenix executives prioritized certain aspects, such as schedule and budget, over other critical ones, such as functionality and security. Phoenix executives did not understand the importance of warnings that the Miramichi Pay Centre, departments and agencies, and the new system were not ready. They did not provide complete and accurate information to deputy ministers and associate deputy ministers of departments and agencies, including the Deputy Minister of Public Services and Procurement, when briefing them on Phoenix readiness for implementation.
Full description
Office of theAuditor Generalof Canada
, issued in 2018
Risk cases: 3
The Shared Services Centre
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The Australian National Audit Office
, issued in 2016
Risk cases: 2
FEMA Needs to Address Management Weaknesses to Improve Its Systems
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
General Accountability Office
, issued in 2016
Risk cases: 4
Australian Taxation Office: Administration of Australian Business Number Registrations
More elligibility and data integrity needed The Australian Business Number (ABN) and Australian Business Register initiatives were implemented as part of theGovernment's comprehensive reform of the taxation system in 2000. Their introduction involved challenging issues of technology and governance , including the imperative to process and register significant numbers of applications in a short time. Overall, the Australian SAI concluded that the ABN registration process is operating effectively. However, matters relating to the eligibility of some ABN applicants need to be reviewed. Further, some data integrity issues remain outstanding.
Full description
More elligibility and data integrity needed The Australian Business Number (ABN) and Australian Business Register initiatives were implemented as part of theGovernment's comprehensive reform of the taxation system in 2000. Their introduction involved challenging issues of technology and governance , including the imperative to process and register significant numbers of applications in a short time. Overall, the Australian SAI concluded that the ABN registration process is operating effectively. However, matters relating to the eligibility of some ABN applicants need to be reviewed. Further, some data integrity issues remain outstanding.
Full description
The Australian National Audit Office
, issued in 2003
Risk cases: 3