19
results found in
11 ms
Page 1
of 2
Management of IT security in systems outsourced to external suppliers
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
National Audit Office of Denmark
, issued in 2016
Risk cases: 3
Actions of national and municipal authorities to ensure the fulfillment of the obligations under the Loan Agreement “Safety Net and Social Sector Reform Program” between the Republic of Latvia and the World Bank
The audit was planned and conducted so as to provide reasonable assurance that the national and municipal authorities have implemented the measures specified in the Program Document and ensured ... the fulfilment of the prescribed performance targets. ... ... Well coordinated information structure is necessary for the unemployment benefits system ... SAI Latvia reviewed the unemployment benefits system and analyzed the cosequences of poor information flow among state and municipalities registers. Findings presented in the report are result ... of effective use of CAAT software.
Full description
The audit was planned and conducted so as to provide reasonable assurance that the national and municipal authorities have implemented the measures specified in the Program Document and ensured ... the fulfilment of the prescribed performance targets. ... ... Well coordinated information structure is necessary for the unemployment benefits system ... SAI Latvia reviewed the unemployment benefits system and analyzed the cosequences of poor information flow among state and municipalities registers. Findings presented in the report are result ... of effective use of CAAT software.
Full description
State Audit Office of Latvia
, issued in 2011
Risk cases: 1
Housing in England: overview
Efforts to support housing Even if housebuilding in England has not kept pace with need and there has been a reduction in social rented homes, significant advantages can be enjoyed: an increase in home ownership and in the number of private rented homes. The quality of housing improved in recent years too. The National Audit Office has reviewed critical elements of the housing being one of the government's key priorities. Looking for risks, they found that a potential conflict of objectives can lead to tensions in delivery.
Full description
Efforts to support housing Even if housebuilding in England has not kept pace with need and there has been a reduction in social rented homes, significant advantages can be enjoyed: an increase in home ownership and in the number of private rented homes. The quality of housing improved in recent years too. The National Audit Office has reviewed critical elements of the housing being one of the government's key priorities. Looking for risks, they found that a potential conflict of objectives can lead to tensions in delivery.
Full description
National Audit Office
, issued in 2017
Risk cases: 2
Audit of the Government, Government-guaranteed and Municipal Debt Management Information Systems in the Ministry of Finance of the Republic of Bulgaria
? The audit covered the period from 01.01.2013 to 31.12.2013 and investigated four major areas: IT system strategy and general management; IT security and controls against disasters; Operational controls ... The main audit question studied during the audit was: Are the government, government-guaranteed (SDMS) and municipal debt management information systems (CMDR) at the Ministry of Finance effective ... and Documentation; Application Controls. ... ... Even effective and modern IT systems require improvements and updates to ensure their security and accountability ... the established system is effective and provides updated, complete and correct information. Nevertheless the audit report points out areas of security, application controls as well as documentation as the subjects ... For the management of the government, government-guaranteed and municipal debt the Ministry of Finance has established an advanced integrated information infrastructure. According to Bulgarian SAI ... that need further improvement and optimization.
Full description
? The audit covered the period from 01.01.2013 to 31.12.2013 and investigated four major areas: IT system strategy and general management; IT security and controls against disasters; Operational controls ... The main audit question studied during the audit was: Are the government, government-guaranteed (SDMS) and municipal debt management information systems (CMDR) at the Ministry of Finance effective ... and Documentation; Application Controls. ... ... Even effective and modern IT systems require improvements and updates to ensure their security and accountability ... the established system is effective and provides updated, complete and correct information. Nevertheless the audit report points out areas of security, application controls as well as documentation as the subjects ... For the management of the government, government-guaranteed and municipal debt the Ministry of Finance has established an advanced integrated information infrastructure. According to Bulgarian SAI ... that need further improvement and optimization.
Full description
Bulgarian National Audit Office
, issued in 2014
Risk cases: 3
FEMA Needs to Address Management Weaknesses to Improve Its Systems
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
General Accountability Office
, issued in 2016
Risk cases: 4
Performance Audit of Public Debt Management Information Systems
of information systems in the public debt management process and having considered legal requirements to information security, State Audit Office of Georgia conducted Performance Audit of Public Debt Management ... implemented by the Public Debt and External Financing Department of the MOF. Hereby, the audit team also to assessed systems’ data integrity and security. In the course of the audit, the audit team also studied ... The usage and development of the information technologies in public financial management is an important priority of the country at the phase of intensive implementation of electronic governance ... ... More effective IT governance needed ... financial institutions. Audit conducted by the State Audit Office of Georgia has revealed security and governance shortcomings related to management and usage of these systems. ... Importance of effective performance of public debt management e-systems may be explained by the world’s increased dependence on such systems. In parallel with the performance audit of debt management ... information systems of the Ministry Of Finance of Georgia, Supreme Audit Institutions of 11 countries also studied this topic, both in terms of systems’ performance and their practical application by local
Full description
of information systems in the public debt management process and having considered legal requirements to information security, State Audit Office of Georgia conducted Performance Audit of Public Debt Management ... implemented by the Public Debt and External Financing Department of the MOF. Hereby, the audit team also to assessed systems’ data integrity and security. In the course of the audit, the audit team also studied ... The usage and development of the information technologies in public financial management is an important priority of the country at the phase of intensive implementation of electronic governance ... ... More effective IT governance needed ... financial institutions. Audit conducted by the State Audit Office of Georgia has revealed security and governance shortcomings related to management and usage of these systems. ... Importance of effective performance of public debt management e-systems may be explained by the world’s increased dependence on such systems. In parallel with the performance audit of debt management ... information systems of the Ministry Of Finance of Georgia, Supreme Audit Institutions of 11 countries also studied this topic, both in terms of systems’ performance and their practical application by local
Full description
State Audit Office Of Georgia
, issued in 2014
Risk cases: 5
Federal Agencies Need to Address Aging Legacy Systems
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
General Accountability Office
, issued in 2016
Risk cases: 3
Open Data Trend Report 2015
How to activate the open data policy The Dutch SAI looks for ways to improve open data practice in the Netherlands. They point at experience of two leading countries: UK and US, and advise to: prepare a concrete action plan, to increase number of mandatory published data, to develop government-wide data inventory and to put open data to work.
Full description
How to activate the open data policy The Dutch SAI looks for ways to improve open data practice in the Netherlands. They point at experience of two leading countries: UK and US, and advise to: prepare a concrete action plan, to increase number of mandatory published data, to develop government-wide data inventory and to put open data to work.
Full description
Netherlands Court of Audits
, issued in 2015
Risk cases: 4
The effectiveness of Official Development Assistance expenditure
Need of more coordination and transparency The audit of the UK's Official Development Assistance revealed among others: fragmented responsibilities and difficulties in review and reporting. These led to difficulties in assessment of effectiveness of the assistance and of progress in implementing the UK Aid Strategy.
Full description
Need of more coordination and transparency The audit of the UK's Official Development Assistance revealed among others: fragmented responsibilities and difficulties in review and reporting. These led to difficulties in assessment of effectiveness of the assistance and of progress in implementing the UK Aid Strategy.
Full description
National Audit Office
, issued in 2019
Risk cases: 4
Effectiveness of internal controls in the protection of personal data in national databases
The NAO analysed seven national databases in order to find out how the legitimate use of personal data is ensured. In accordance with the Personal Data Protection Act, the agencies who run databases ... must ensure that personal data is protected from abuse. The information system of the database must function appropriately, incl. be reliable and safe. Log files must be retained of all instances ... of viewing, amending, deleting, transmitting of data, etc. These files must allow ex-post determination of who did what, why, when and using which data. In its audit the NAO focused on the functioning ... ... Basic controls analysis can fail in data protection ... Estonian SAI analyzed personal data safety. Main finding were: poor log analysis and unprotected data.
Full description
The NAO analysed seven national databases in order to find out how the legitimate use of personal data is ensured. In accordance with the Personal Data Protection Act, the agencies who run databases ... must ensure that personal data is protected from abuse. The information system of the database must function appropriately, incl. be reliable and safe. Log files must be retained of all instances ... of viewing, amending, deleting, transmitting of data, etc. These files must allow ex-post determination of who did what, why, when and using which data. In its audit the NAO focused on the functioning ... ... Basic controls analysis can fail in data protection ... Estonian SAI analyzed personal data safety. Main finding were: poor log analysis and unprotected data.
Full description
National Audit Office of Estonia
, issued in 2008
Risk cases: 2