26
results found in
8 ms
Page 1
of 3
Data security and positions with access to confidential information
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... ) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... it comes to the audit on positions with access to confidential information almost all organizations show ommisions in compliance to the Security Screening Act. Only the ministry of Defence complies. ... ... Shortcomings in information security and in positions with access to confidential information ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information. ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data
Full description
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... ) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... it comes to the audit on positions with access to confidential information almost all organizations show ommisions in compliance to the Security Screening Act. Only the ministry of Defence complies. ... ... Shortcomings in information security and in positions with access to confidential information ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information. ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data
Full description
Netherlands Court of Audits
, issued in 2012
Risk cases: 3
Extract from the report to the Public Accounts Committee on the access to IT systems that support the provision of essential services to the Danish society
access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... ... Inadequate management and control of domain administrator privileges ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges. ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential
Full description
access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... ... Inadequate management and control of domain administrator privileges ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges. ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential
Full description
National Audit Office of Denmark
, issued in 2015
Risk cases: 4
Correct information at the right time in healthcare and nursing – collaboration without effect?
The Swedish National Audit Office has conducted an audit to determine whether Government initiatives have contributed to the objective that authorised healthcare staff shall have access to the right ... patient information at the right time by means of direct electronic access. ... ... Information share is crucial for competitive health care ... Health and social care staff has very limited access to patient information from other care-giving institutions, which may lead to health damage and wrong-treatment. The cooperation between ... the Government and the municipalities must improve if the investments in better access to common patient information shall get impact in practice.
Full description
The Swedish National Audit Office has conducted an audit to determine whether Government initiatives have contributed to the objective that authorised healthcare staff shall have access to the right ... patient information at the right time by means of direct electronic access. ... ... Information share is crucial for competitive health care ... Health and social care staff has very limited access to patient information from other care-giving institutions, which may lead to health damage and wrong-treatment. The cooperation between ... the Government and the municipalities must improve if the investments in better access to common patient information shall get impact in practice.
Full description
Riksrevisionen (Swedish National Audit Office)
, issued in 2011
Risk cases: 3
The protection of IT systems and health data in three Danish regions
Security to be improved in IT systems with health data It is Rigsrevisionen’s assessment that the three regions are not protecting the access to IT systems and health data in a satisfactory manner. As a consequence, unauthorised persons might gain access to sensitive and confidential personal data, which could affect there liability and availability of important health data used in the treatment of hospital patients. Based on the results of the study and the current threat scenario, Rigsrevisionen finds that basic security measures against cyber attacks and protection of access to IT systems and health data should be a top priority for Denmark’s five regions. Basic security measures in combination with management and control of user privileges can reduce the risk of compromising the regions’ IT systems and data considerably.
Full description
Security to be improved in IT systems with health data It is Rigsrevisionen’s assessment that the three regions are not protecting the access to IT systems and health data in a satisfactory manner. As a consequence, unauthorised persons might gain access to sensitive and confidential personal data, which could affect there liability and availability of important health data used in the treatment of hospital patients. Based on the results of the study and the current threat scenario, Rigsrevisionen finds that basic security measures against cyber attacks and protection of access to IT systems and health data should be a top priority for Denmark’s five regions. Basic security measures in combination with management and control of user privileges can reduce the risk of compromising the regions’ IT systems and data considerably.
Full description
National Audit Office of Denmark
, issued in 2018
Risk cases: 3
Report on the problems connected with the development and implementation of the digitally based Shared Medication Record
. and relevant health staff and the patients have direct digital access to updated medical data round the clock. The report answers the following questions: 1) Has the Ministry of Health and the NHA provided ... The purpose of the examination was to assess whether the department of the Danish Ministry of Health, the Danish National eHealth Authority (NHA) and the five regions that are responsible ... for the hospitals have made an adequate effort to develop and implement the Shared Medication Record (SMR). With the SMR, data on the citizens’ medication can be shared across hospitals, general practitioners, etc ... ... Involvement of key participants necessary from the very beginning ... Digitally based Shared Medication Record is basis of the complex healthcare system. Rigsrevisionen analysed unsolved issues related to unclear business case, insufficient analysis of work flows ... and processes leading to implementation problems, governance not involving key players, and IT security organisation.
Full description
. and relevant health staff and the patients have direct digital access to updated medical data round the clock. The report answers the following questions: 1) Has the Ministry of Health and the NHA provided ... The purpose of the examination was to assess whether the department of the Danish Ministry of Health, the Danish National eHealth Authority (NHA) and the five regions that are responsible ... for the hospitals have made an adequate effort to develop and implement the Shared Medication Record (SMR). With the SMR, data on the citizens’ medication can be shared across hospitals, general practitioners, etc ... ... Involvement of key participants necessary from the very beginning ... Digitally based Shared Medication Record is basis of the complex healthcare system. Rigsrevisionen analysed unsolved issues related to unclear business case, insufficient analysis of work flows ... and processes leading to implementation problems, governance not involving key players, and IT security organisation.
Full description
National Audit Office of Denmark
, issued in 2014
Risk cases: 2
Performance measurement by regulators
Performance measurement for regulators Primary adressees of this good practice guide - by the British NAO - are regulators, the public institutions established for making sure that an industry or system works legally and fairly. But we are sure that many more can find this guidance useful - including auditors. NAO presents a comprehensible framework for performance measurement and hints how to focus on influence that regulators can use.
Full description
Performance measurement for regulators Primary adressees of this good practice guide - by the British NAO - are regulators, the public institutions established for making sure that an industry or system works legally and fairly. But we are sure that many more can find this guidance useful - including auditors. NAO presents a comprehensible framework for performance measurement and hints how to focus on influence that regulators can use.
Full description
National Audit Office
, issued in 2016
Risk cases: 2
Open Data Trend Report 2015
How to activate the open data policy The Dutch SAI looks for ways to improve open data practice in the Netherlands. They point at experience of two leading countries: UK and US, and advise to: prepare a concrete action plan, to increase number of mandatory published data, to develop government-wide data inventory and to put open data to work.
Full description
How to activate the open data policy The Dutch SAI looks for ways to improve open data practice in the Netherlands. They point at experience of two leading countries: UK and US, and advise to: prepare a concrete action plan, to increase number of mandatory published data, to develop government-wide data inventory and to put open data to work.
Full description
Netherlands Court of Audits
, issued in 2015
Risk cases: 4
Good Practice in Annual Reports 2016-17
Reporting: a real skill The Building Public Trust Awards, sponsored by PwC, have been running for 15 years and the British NAO co-sponsors the public sector award. The Good Practices in annual reports 2016-2017 present eye-opening examples of how to make complex reports easily understandable and how to clearly outline goals and achievement of them.
Full description
Reporting: a real skill The Building Public Trust Awards, sponsored by PwC, have been running for 15 years and the British NAO co-sponsors the public sector award. The Good Practices in annual reports 2016-2017 present eye-opening examples of how to make complex reports easily understandable and how to clearly outline goals and achievement of them.
Full description
National Audit Office
, issued in 2018
Risk cases: 4
The effectiveness of Official Development Assistance expenditure
Need of more coordination and transparency The audit of the UK's Official Development Assistance revealed among others: fragmented responsibilities and difficulties in review and reporting. These led to difficulties in assessment of effectiveness of the assistance and of progress in implementing the UK Aid Strategy.
Full description
Need of more coordination and transparency The audit of the UK's Official Development Assistance revealed among others: fragmented responsibilities and difficulties in review and reporting. These led to difficulties in assessment of effectiveness of the assistance and of progress in implementing the UK Aid Strategy.
Full description
National Audit Office
, issued in 2019
Risk cases: 4
Federal Human Resources Data
Internal control weaknesses may put mission at risk GAO audited the Enterprise Human Resources Integration payroll data warehose. The American auditors pointed at problems that may impede 'leverage of these data to meet its mission and allow others to make full use' of them. The critical internal contols areas to be improved in this cas are: completeness, accuracy, and validity of information, authorization, documentation, monitoring, results' evaluation.
Full description
Internal control weaknesses may put mission at risk GAO audited the Enterprise Human Resources Integration payroll data warehose. The American auditors pointed at problems that may impede 'leverage of these data to meet its mission and allow others to make full use' of them. The critical internal contols areas to be improved in this cas are: completeness, accuracy, and validity of information, authorization, documentation, monitoring, results' evaluation.
Full description
General Accountability Office
, issued in 2016
Risk cases: 2