10
results found in
9 ms
Page 1
of 1
The National Offender Management Information System (NOMIS)
for project’s cost reduction, the aims of the revised National Offender Management Service (NOMS) and the progress made, the impact of the delays and rescoping on the costs and benefits achieved, and NOMS ... This report examines the reasons for the delays and cost increases to the original integrated information system and, since the moratorium imposed by the Minister of State in order to seek options ... ’ fitness to deliver. The aim of one integrated information system (C-NOMIS i.e. National Offender Management Information System) was to improve information sharing about offenders; address the lack ... Rescoping necessary, but not fully successful ... by poor management leading to a three-year delay, a doubling in project costs and reductions in scope and benefits. ... An initiative to build a single offender management IT system for the prison and probation services has not delivered value for money. The NAO investigation found the project had been hampered
Full description
for project’s cost reduction, the aims of the revised National Offender Management Service (NOMS) and the progress made, the impact of the delays and rescoping on the costs and benefits achieved, and NOMS ... This report examines the reasons for the delays and cost increases to the original integrated information system and, since the moratorium imposed by the Minister of State in order to seek options ... ’ fitness to deliver. The aim of one integrated information system (C-NOMIS i.e. National Offender Management Information System) was to improve information sharing about offenders; address the lack ... Rescoping necessary, but not fully successful ... by poor management leading to a three-year delay, a doubling in project costs and reductions in scope and benefits. ... An initiative to build a single offender management IT system for the prison and probation services has not delivered value for money. The NAO investigation found the project had been hampered
Full description
National Audit Office
, issued in 2009
Risk cases: 4
Staff scheduling in government institutions
Scheduling irregular hours work Danish Rigsrevisionen shows in their study problems with staff scheduling in government institutions where employees are required to work irregular hours. Optimized staff scheduling contributed to reducing payroll costs. On the other hand, problems with rearrangement of work, recording working hours, optimisation of staffing levels and analysis of overtime triggers - add up to high costs of workforce. IT is not always used as ally either.
Full description
Scheduling irregular hours work Danish Rigsrevisionen shows in their study problems with staff scheduling in government institutions where employees are required to work irregular hours. Optimized staff scheduling contributed to reducing payroll costs. On the other hand, problems with rearrangement of work, recording working hours, optimisation of staffing levels and analysis of overtime triggers - add up to high costs of workforce. IT is not always used as ally either.
Full description
National Audit Office of Denmark
, issued in 2015
Risk cases: 5
Data security and positions with access to confidential information
) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... Information Security Decree, eight organizations show scope for improvement and nine organizations show an unsatisfactory level of compliance with the 2007 Civil Service Data Information Security Decree. When ... This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... ... Shortcomings in information security and in positions with access to confidential information ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information.
Full description
) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... Information Security Decree, eight organizations show scope for improvement and nine organizations show an unsatisfactory level of compliance with the 2007 Civil Service Data Information Security Decree. When ... This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... ... Shortcomings in information security and in positions with access to confidential information ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information.
Full description
Netherlands Court of Audits
, issued in 2012
Risk cases: 3
Information security work at nine agencies
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 4
Management of IT security in systems outsourced to external suppliers
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
National Audit Office of Denmark
, issued in 2016
Risk cases: 3
Traffic Ticketing information system
The audit included two areas of focus - the environment surrounding the Traffic Ticketing Information System - the System (designed to input, process, manage and collect payment for the traffic ... tickets) and also the internal environment of the System that guarantees the quality of its performance and safety. ... Security can hinder effectiveness ... SAI of Kuwait analysed system supporting collection of the traffic tickets - data input, processing and management. What was found was lack of basic safety measures, that hindered the effectiveness ... of the system.
Full description
The audit included two areas of focus - the environment surrounding the Traffic Ticketing Information System - the System (designed to input, process, manage and collect payment for the traffic ... tickets) and also the internal environment of the System that guarantees the quality of its performance and safety. ... Security can hinder effectiveness ... SAI of Kuwait analysed system supporting collection of the traffic tickets - data input, processing and management. What was found was lack of basic safety measures, that hindered the effectiveness ... of the system.
Full description
State Audit Bureau of Kuwait
, issued in 2014
Risk cases: 3
Federal Agencies Need to Address Aging Legacy Systems
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
General Accountability Office
, issued in 2016
Risk cases: 3
Supply of food and medicinal products
Supply of food and medicinal products Deficiencies in emergency preparedness and weaknesses in governance are still found by the Swedish NAO in the system of safeguarding supply of food and medicinal products. The system is complex and NAO appreciates efforts made by responsible agencies. However, they found also insufficient clarity in division of responsibilities and weaknesses in coordinantion.
Full description
Supply of food and medicinal products Deficiencies in emergency preparedness and weaknesses in governance are still found by the Swedish NAO in the system of safeguarding supply of food and medicinal products. The system is complex and NAO appreciates efforts made by responsible agencies. However, they found also insufficient clarity in division of responsibilities and weaknesses in coordinantion.
Full description
Swedish National Audit Office
, issued in 2018
Risk cases: 2
Extract from the report to the Public Accounts Committee on the access to IT systems that support the provision of essential services to the Danish society
The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... ... Inadequate management and control of domain administrator privileges ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges.
Full description
The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... ... Inadequate management and control of domain administrator privileges ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges.
Full description
National Audit Office of Denmark
, issued in 2015
Risk cases: 4
IT Police Systems
Implementation by the Polish Police of two IT projects (E-police station and Command Support System - CSS) was audited. Both systems were to relieve the Police officers and increase the quality ... and effectiveness of their work. Audit explained the reason of failure in the case of E-police station project and success in the case of CSS. Although some irregularities occurred in both cases, careful planning ... and organization of the project turned out to make the difference. Accordance with the public procurement law was not part of the audit as a separate investigation in that matter was carried by respective Polish ... ... A textbook example of how not to implement the IT projects ... Polish NIK compared the implementation of two flagship IT projects of the Police HQ: successful 'Command Support System' and problematic 'E-police station'. List of interesting problems appeared...
Full description
Implementation by the Polish Police of two IT projects (E-police station and Command Support System - CSS) was audited. Both systems were to relieve the Police officers and increase the quality ... and effectiveness of their work. Audit explained the reason of failure in the case of E-police station project and success in the case of CSS. Although some irregularities occurred in both cases, careful planning ... and organization of the project turned out to make the difference. Accordance with the public procurement law was not part of the audit as a separate investigation in that matter was carried by respective Polish ... ... A textbook example of how not to implement the IT projects ... Polish NIK compared the implementation of two flagship IT projects of the Police HQ: successful 'Command Support System' and problematic 'E-police station'. List of interesting problems appeared...
Full description
Supreme Audit Office of Poland
, issued in 2013
Risk cases: 5
10
results found.
Page 1
of 1