25
results found in
10 ms
Page 1
of 3
Data security and positions with access to confidential information
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... ) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... it comes to the audit on positions with access to confidential information almost all organizations show ommisions in compliance to the Security Screening Act. Only the ministry of Defence complies. ... ... Shortcomings in information security and in positions with access to confidential information ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information. ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data
Full description
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... ) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... it comes to the audit on positions with access to confidential information almost all organizations show ommisions in compliance to the Security Screening Act. Only the ministry of Defence complies. ... ... Shortcomings in information security and in positions with access to confidential information ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information. ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data
Full description
Netherlands Court of Audits
, issued in 2012
Risk cases: 3
Extract from the report to the Public Accounts Committee on the access to IT systems that support the provision of essential services to the Danish society
access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... ... Inadequate management and control of domain administrator privileges ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges. ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential
Full description
access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... ... Inadequate management and control of domain administrator privileges ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges. ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential
Full description
National Audit Office of Denmark
, issued in 2015
Risk cases: 4
Correct information at the right time in healthcare and nursing – collaboration without effect?
The Swedish National Audit Office has conducted an audit to determine whether Government initiatives have contributed to the objective that authorised healthcare staff shall have access to the right ... patient information at the right time by means of direct electronic access. ... ... Information share is crucial for competitive health care ... Health and social care staff has very limited access to patient information from other care-giving institutions, which may lead to health damage and wrong-treatment. The cooperation between ... the Government and the municipalities must improve if the investments in better access to common patient information shall get impact in practice.
Full description
The Swedish National Audit Office has conducted an audit to determine whether Government initiatives have contributed to the objective that authorised healthcare staff shall have access to the right ... patient information at the right time by means of direct electronic access. ... ... Information share is crucial for competitive health care ... Health and social care staff has very limited access to patient information from other care-giving institutions, which may lead to health damage and wrong-treatment. The cooperation between ... the Government and the municipalities must improve if the investments in better access to common patient information shall get impact in practice.
Full description
Riksrevisionen (Swedish National Audit Office)
, issued in 2011
Risk cases: 3
The protection of IT systems and health data in three Danish regions
Security to be improved in IT systems with health data It is Rigsrevisionen’s assessment that the three regions are not protecting the access to IT systems and health data in a satisfactory manner. As a consequence, unauthorised persons might gain access to sensitive and confidential personal data, which could affect there liability and availability of important health data used in the treatment of hospital patients. Based on the results of the study and the current threat scenario, Rigsrevisionen finds that basic security measures against cyber attacks and protection of access to IT systems and health data should be a top priority for Denmark’s five regions. Basic security measures in combination with management and control of user privileges can reduce the risk of compromising the regions’ IT systems and data considerably.
Full description
Security to be improved in IT systems with health data It is Rigsrevisionen’s assessment that the three regions are not protecting the access to IT systems and health data in a satisfactory manner. As a consequence, unauthorised persons might gain access to sensitive and confidential personal data, which could affect there liability and availability of important health data used in the treatment of hospital patients. Based on the results of the study and the current threat scenario, Rigsrevisionen finds that basic security measures against cyber attacks and protection of access to IT systems and health data should be a top priority for Denmark’s five regions. Basic security measures in combination with management and control of user privileges can reduce the risk of compromising the regions’ IT systems and data considerably.
Full description
National Audit Office of Denmark
, issued in 2018
Risk cases: 3
Report on the problems connected with the development and implementation of the digitally based Shared Medication Record
. and relevant health staff and the patients have direct digital access to updated medical data round the clock. The report answers the following questions: 1) Has the Ministry of Health and the NHA provided ... The purpose of the examination was to assess whether the department of the Danish Ministry of Health, the Danish National eHealth Authority (NHA) and the five regions that are responsible ... for the hospitals have made an adequate effort to develop and implement the Shared Medication Record (SMR). With the SMR, data on the citizens’ medication can be shared across hospitals, general practitioners, etc ... ... Involvement of key participants necessary from the very beginning ... Digitally based Shared Medication Record is basis of the complex healthcare system. Rigsrevisionen analysed unsolved issues related to unclear business case, insufficient analysis of work flows ... and processes leading to implementation problems, governance not involving key players, and IT security organisation.
Full description
. and relevant health staff and the patients have direct digital access to updated medical data round the clock. The report answers the following questions: 1) Has the Ministry of Health and the NHA provided ... The purpose of the examination was to assess whether the department of the Danish Ministry of Health, the Danish National eHealth Authority (NHA) and the five regions that are responsible ... for the hospitals have made an adequate effort to develop and implement the Shared Medication Record (SMR). With the SMR, data on the citizens’ medication can be shared across hospitals, general practitioners, etc ... ... Involvement of key participants necessary from the very beginning ... Digitally based Shared Medication Record is basis of the complex healthcare system. Rigsrevisionen analysed unsolved issues related to unclear business case, insufficient analysis of work flows ... and processes leading to implementation problems, governance not involving key players, and IT security organisation.
Full description
National Audit Office of Denmark
, issued in 2014
Risk cases: 2
Conflicts of interest
First, recognise the conflicts of interest are a real risk the British NAO gathered a significant amount of intelligence on conflicts, particularly in the health and education sectors. These are areas of government where services are increasingly commissioned and delivered by parties at arm’s-length to departments. Conflicts of interest can occur naturally as a product of the way a system is designed and most often arise from operational situations.
Full description
First, recognise the conflicts of interest are a real risk the British NAO gathered a significant amount of intelligence on conflicts, particularly in the health and education sectors. These are areas of government where services are increasingly commissioned and delivered by parties at arm’s-length to departments. Conflicts of interest can occur naturally as a product of the way a system is designed and most often arise from operational situations.
Full description
National Audit Office
, issued in 2015
Risk cases: 8
The effectiveness of Official Development Assistance expenditure
Need of more coordination and transparency The audit of the UK's Official Development Assistance revealed among others: fragmented responsibilities and difficulties in review and reporting. These led to difficulties in assessment of effectiveness of the assistance and of progress in implementing the UK Aid Strategy.
Full description
Need of more coordination and transparency The audit of the UK's Official Development Assistance revealed among others: fragmented responsibilities and difficulties in review and reporting. These led to difficulties in assessment of effectiveness of the assistance and of progress in implementing the UK Aid Strategy.
Full description
National Audit Office
, issued in 2019
Risk cases: 4
The Shared Services Centre
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The Australian National Audit Office
, issued in 2016
Risk cases: 2
Products sold on the European market: unravelling the system of CE marking
Problems with general picture The Netherlands National Court of Audit was interested in finding out whether anyone keeps track of all the actors involved in the process of system of European Union product markings. The interest was aroused by an observation that the vast majority of the questions raised about the system were prompted by incidents and that the questioners did not generally appear to be interested in the operation of the system as a whole...
Full description
Problems with general picture The Netherlands National Court of Audit was interested in finding out whether anyone keeps track of all the actors involved in the process of system of European Union product markings. The interest was aroused by an observation that the vast majority of the questions raised about the system were prompted by incidents and that the questioners did not generally appear to be interested in the operation of the system as a whole...
Full description
The Netherlands Court of Audit
, issued in 2017
Risk cases: 5
Open Data Trend Report 2015
How to activate the open data policy The Dutch SAI looks for ways to improve open data practice in the Netherlands. They point at experience of two leading countries: UK and US, and advise to: prepare a concrete action plan, to increase number of mandatory published data, to develop government-wide data inventory and to put open data to work.
Full description
How to activate the open data policy The Dutch SAI looks for ways to improve open data practice in the Netherlands. They point at experience of two leading countries: UK and US, and advise to: prepare a concrete action plan, to increase number of mandatory published data, to develop government-wide data inventory and to put open data to work.
Full description
Netherlands Court of Audits
, issued in 2015
Risk cases: 4