34
results found in
7 ms
Page 1
of 4
FEMA Needs to Address Management Weaknesses to Improve Its Systems
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
General Accountability Office
, issued in 2016
Risk cases: 4
Coordinated Audit on Information Technology Governance
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
Risk cases: 5
Protection against fraud in migration activities at missions abroad
Migration activities can be a subject to fraud The audit showed that reports on alleged fraud in migration activities at missions abroad increased continually between 2014 and 2017. Altogether about 60 alleged cases of fraud were reported during the period, including selling interview appointments, stolen visa stickers, issuing visas on false grounds and prohibited searches in case management systems. Missions abroad, the Ministry for Foreign Affairs and the Swedish Migration Board are all responsible for migration activities at missions abroad. The division of responsibility between them is sometimes unclear and difficult to assess. According to the Swedish NAO this leads to particular challenges in ensuring satisfactory and common protection against fraud at missions abroad. Ensuring protection is made even more difficult in that the missions abroad vary regarding in terms of size, case volume, case mix and risk exposure. In addition, for the missions abroad the internal control requirements are notsufficiently explicit.
Full description
Migration activities can be a subject to fraud The audit showed that reports on alleged fraud in migration activities at missions abroad increased continually between 2014 and 2017. Altogether about 60 alleged cases of fraud were reported during the period, including selling interview appointments, stolen visa stickers, issuing visas on false grounds and prohibited searches in case management systems. Missions abroad, the Ministry for Foreign Affairs and the Swedish Migration Board are all responsible for migration activities at missions abroad. The division of responsibility between them is sometimes unclear and difficult to assess. According to the Swedish NAO this leads to particular challenges in ensuring satisfactory and common protection against fraud at missions abroad. Ensuring protection is made even more difficult in that the missions abroad vary regarding in terms of size, case volume, case mix and risk exposure. In addition, for the missions abroad the internal control requirements are notsufficiently explicit.
Full description
Swedish National Audit Office
, issued in 2018
Risk cases: 2
Municipalities’ internal control system – Audit of the establishment and operation of the internal control system of municipalities – on the audit of Rudabánya
Incomplete internal control The SAI Hungary published the compliance audit of the establishment and operation of the internal control system, as well as certain investment decisions, their implementation and accounting at the Local Government of Rudabánya. Apart from positive findings, some accounting irregularities and insufficient controls established to ensure organisational integrity were pointed out.
Full description
Incomplete internal control The SAI Hungary published the compliance audit of the establishment and operation of the internal control system, as well as certain investment decisions, their implementation and accounting at the Local Government of Rudabánya. Apart from positive findings, some accounting irregularities and insufficient controls established to ensure organisational integrity were pointed out.
Full description
State Audit Office of Hungary
, issued in 2018
Risk cases: 2
WannaCry Cyber Attack and the NHS
Why the British NHS became a victim of WannaCry The NAO's investigation points at the problem of insufficient powers of the cybersecurity coordinator across the health organisation. As a result no remedial actions were taken, and the cyber attack succeeded thanks to neglected precautions.
Full description
Why the British NHS became a victim of WannaCry The NAO's investigation points at the problem of insufficient powers of the cybersecurity coordinator across the health organisation. As a result no remedial actions were taken, and the cyber attack succeeded thanks to neglected precautions.
Full description
National Audit Office
, issued in 2017
Risk cases: 3
Products sold on the European market: unravelling the system of CE marking
Problems with general picture The Netherlands National Court of Audit was interested in finding out whether anyone keeps track of all the actors involved in the process of system of European Union product markings. The interest was aroused by an observation that the vast majority of the questions raised about the system were prompted by incidents and that the questioners did not generally appear to be interested in the operation of the system as a whole...
Full description
Problems with general picture The Netherlands National Court of Audit was interested in finding out whether anyone keeps track of all the actors involved in the process of system of European Union product markings. The interest was aroused by an observation that the vast majority of the questions raised about the system were prompted by incidents and that the questioners did not generally appear to be interested in the operation of the system as a whole...
Full description
The Netherlands Court of Audit
, issued in 2017
Risk cases: 5
Has Public Administration Used All Opportunities for Efficient Management of ICT Infrastructure?
Efficient Management of ICT Infrastructure Centralised management of ICT services and infrastructure would allow the institutions to optimise in long run their resources – financial, human, material and technical. However, we observed during the audit that the move towards ICT centralisation and single data centres has ceased. The different ministries and even the institutions subordinated to the same ministry do not cooperate sufficiently with each other regarding the ICT management, maintenance, and infrastructure placement. They rather choose to maintain their own, sometimes even several, data centres.
Full description
Efficient Management of ICT Infrastructure Centralised management of ICT services and infrastructure would allow the institutions to optimise in long run their resources – financial, human, material and technical. However, we observed during the audit that the move towards ICT centralisation and single data centres has ceased. The different ministries and even the institutions subordinated to the same ministry do not cooperate sufficiently with each other regarding the ICT management, maintenance, and infrastructure placement. They rather choose to maintain their own, sometimes even several, data centres.
Full description
State Audit Office of the Republic of Latvia
, issued in 2019
Risk cases: 3
Conflicts of interest
First, recognise the conflicts of interest are a real risk the British NAO gathered a significant amount of intelligence on conflicts, particularly in the health and education sectors. These are areas of government where services are increasingly commissioned and delivered by parties at arm’s-length to departments. Conflicts of interest can occur naturally as a product of the way a system is designed and most often arise from operational situations.
Full description
First, recognise the conflicts of interest are a real risk the British NAO gathered a significant amount of intelligence on conflicts, particularly in the health and education sectors. These are areas of government where services are increasingly commissioned and delivered by parties at arm’s-length to departments. Conflicts of interest can occur naturally as a product of the way a system is designed and most often arise from operational situations.
Full description
National Audit Office
, issued in 2015
Risk cases: 8
Online fraud
Uneven response to online fraud This type of fraud can affect everyone, but yet it is not a strategic priority for local police forces and the response from industry is uneven. UK NAO underlines: For too long, as a low-value but high-volume crime, online fraud has been overlooked by government, law enforcement and industry. It is a crime that can affect everyone. Fraud is now the most commonly experienced crime in England and Wales, is growing rapidly and demands an urgent response. Yet fraud is not a strategic priority for local police forces, and the response from industry is uneven.
Full description
Uneven response to online fraud This type of fraud can affect everyone, but yet it is not a strategic priority for local police forces and the response from industry is uneven. UK NAO underlines: For too long, as a low-value but high-volume crime, online fraud has been overlooked by government, law enforcement and industry. It is a crime that can affect everyone. Fraud is now the most commonly experienced crime in England and Wales, is growing rapidly and demands an urgent response. Yet fraud is not a strategic priority for local police forces, and the response from industry is uneven.
Full description
National Audit Office
, issued in 2017
Risk cases: 6
Electronic Health Records - VA Needs to Identify and Report Existing System Costs
Difficulties after 30 years of decentralized development The US Department of Veterans Affairs provides health care services to approximately 9 million veterans and their families. However, the IT system they use is more than 30 years old, is costly to maintain, and does not fully support exchanging health data. The US GAO, analyzed the system's modenization plans and found serious problems with definition and cost estimation.
Full description
Difficulties after 30 years of decentralized development The US Department of Veterans Affairs provides health care services to approximately 9 million veterans and their families. However, the IT system they use is more than 30 years old, is costly to maintain, and does not fully support exchanging health data. The US GAO, analyzed the system's modenization plans and found serious problems with definition and cost estimation.
Full description
US Government Accountability Office
, issued in 2019
Risk cases: 3