31
results found in
10 ms
Page 1
of 4
Good Practice in Annual Reports 2016-17
Reporting: a real skill The Building Public Trust Awards, sponsored by PwC, have been running for 15 years and the British NAO co-sponsors the public sector award. The Good Practices in annual reports 2016-2017 present eye-opening examples of how to make complex reports easily understandable and how to clearly outline goals and achievement of them.
Full description
Reporting: a real skill The Building Public Trust Awards, sponsored by PwC, have been running for 15 years and the British NAO co-sponsors the public sector award. The Good Practices in annual reports 2016-2017 present eye-opening examples of how to make complex reports easily understandable and how to clearly outline goals and achievement of them.
Full description
National Audit Office
, issued in 2018
Risk cases: 4
THE CYBER SECURITY ENVIRONMENT IN LITHUANIA
The purpose of the audit was to assess whether cyber security is being ensured in Lithuania. In view of this goal, we assessed whether: (1) an effective cyber security system has been set up; (2 ... and electronic information security as well as the funds allocated and used in this area. The SAI evaluated whether the cyber security and electronic information security objectives detailed in planning documents ... were achieved, how public establishments ensure cyber security, and whether technical and organisational measures for cyber security are being applied properly. ... ... Cyber-security is much more than preventing incidents ... SAI Lithuania determined that the issue of ensuring and increasing cyber security and resilience has not been effectively addressed at the national level. The focus has primarily been on reacting ... to and preventing incidents in cyber space, which means that traditional issues related to electronic information security (confidentiality, integrity, accessibility) have been neglected, and from 2015, not enough ... attention has been paid to development, legislation, improvement of organisational structure, etc. in this field.
Full description
The purpose of the audit was to assess whether cyber security is being ensured in Lithuania. In view of this goal, we assessed whether: (1) an effective cyber security system has been set up; (2 ... and electronic information security as well as the funds allocated and used in this area. The SAI evaluated whether the cyber security and electronic information security objectives detailed in planning documents ... were achieved, how public establishments ensure cyber security, and whether technical and organisational measures for cyber security are being applied properly. ... ... Cyber-security is much more than preventing incidents ... SAI Lithuania determined that the issue of ensuring and increasing cyber security and resilience has not been effectively addressed at the national level. The focus has primarily been on reacting ... to and preventing incidents in cyber space, which means that traditional issues related to electronic information security (confidentiality, integrity, accessibility) have been neglected, and from 2015, not enough ... attention has been paid to development, legislation, improvement of organisational structure, etc. in this field.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2015
Risk cases: 6
Housing in England: overview
Efforts to support housing Even if housebuilding in England has not kept pace with need and there has been a reduction in social rented homes, significant advantages can be enjoyed: an increase in home ownership and in the number of private rented homes. The quality of housing improved in recent years too. The National Audit Office has reviewed critical elements of the housing being one of the government's key priorities. Looking for risks, they found that a potential conflict of objectives can lead to tensions in delivery.
Full description
Efforts to support housing Even if housebuilding in England has not kept pace with need and there has been a reduction in social rented homes, significant advantages can be enjoyed: an increase in home ownership and in the number of private rented homes. The quality of housing improved in recent years too. The National Audit Office has reviewed critical elements of the housing being one of the government's key priorities. Looking for risks, they found that a potential conflict of objectives can lead to tensions in delivery.
Full description
National Audit Office
, issued in 2017
Risk cases: 2
WannaCry Cyber Attack and the NHS
Why the British NHS became a victim of WannaCry The NAO's investigation points at the problem of insufficient powers of the cybersecurity coordinator across the health organisation. As a result no remedial actions were taken, and the cyber attack succeeded thanks to neglected precautions.
Full description
Why the British NHS became a victim of WannaCry The NAO's investigation points at the problem of insufficient powers of the cybersecurity coordinator across the health organisation. As a result no remedial actions were taken, and the cyber attack succeeded thanks to neglected precautions.
Full description
National Audit Office
, issued in 2017
Risk cases: 3
Conflicts of interest
First, recognise the conflicts of interest are a real risk the British NAO gathered a significant amount of intelligence on conflicts, particularly in the health and education sectors. These are areas of government where services are increasingly commissioned and delivered by parties at arm’s-length to departments. Conflicts of interest can occur naturally as a product of the way a system is designed and most often arise from operational situations.
Full description
First, recognise the conflicts of interest are a real risk the British NAO gathered a significant amount of intelligence on conflicts, particularly in the health and education sectors. These are areas of government where services are increasingly commissioned and delivered by parties at arm’s-length to departments. Conflicts of interest can occur naturally as a product of the way a system is designed and most often arise from operational situations.
Full description
National Audit Office
, issued in 2015
Risk cases: 8
Performance measurement by regulators
Performance measurement for regulators Primary adressees of this good practice guide - by the British NAO - are regulators, the public institutions established for making sure that an industry or system works legally and fairly. But we are sure that many more can find this guidance useful - including auditors. NAO presents a comprehensible framework for performance measurement and hints how to focus on influence that regulators can use.
Full description
Performance measurement for regulators Primary adressees of this good practice guide - by the British NAO - are regulators, the public institutions established for making sure that an industry or system works legally and fairly. But we are sure that many more can find this guidance useful - including auditors. NAO presents a comprehensible framework for performance measurement and hints how to focus on influence that regulators can use.
Full description
National Audit Office
, issued in 2016
Risk cases: 2
Identifying and meeting central government's skills requirements
Start with well managed responsibilities UK Departments have invested heavily in skills development. Government estimates that expenditure on formal training, including salary costs of departmental learning and development staff, was £275 million in 2009-10. NAO identified weaknesses of the system which start with devolved responsibilities, lead to: weak data, mis-profiled trainings, doubtful personal decisions, lack of well-targeted evaluation - and finish at more expensive buying-in and retaining key skills...
Full description
Start with well managed responsibilities UK Departments have invested heavily in skills development. Government estimates that expenditure on formal training, including salary costs of departmental learning and development staff, was £275 million in 2009-10. NAO identified weaknesses of the system which start with devolved responsibilities, lead to: weak data, mis-profiled trainings, doubtful personal decisions, lack of well-targeted evaluation - and finish at more expensive buying-in and retaining key skills...
Full description
National Audit Office
, issued in 2011
Risk cases: 6
Extract from the report to the Public Accounts Committee on the access to IT systems that support the provision of essential services to the Danish society
The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... ... Inadequate management and control of domain administrator privileges ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges.
Full description
The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... ... Inadequate management and control of domain administrator privileges ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges.
Full description
National Audit Office of Denmark
, issued in 2015
Risk cases: 4
Federal Agencies Need to Address Aging Legacy Systems
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
General Accountability Office
, issued in 2016
Risk cases: 3
Protection of automatically processed personal data
of the processing of personal data. The audit was conducted at the SDPI, data and information was collected at the Ministry of Justice, Ministry of Transport and Communications, Ministry of Health, Ministry ... Over the past few years, a number of legal, management, supervision, information, and methodological issues related to the protection of personal data have piled up. As they have not been fully ... resolved,the National Audit Office conducted an audit to assess the efficiency of the protection and supervision of automatically processed personal data and to check whether: - the regulation of personal data ... ... Data protection needs a long term strategy ... Rapid development of information and communication technology continuously brings about issues of personal data protection. Due to lack of long-term vision in this area they are frequently ... not addressed by the existing legislation. Moreover, SAI of Lithuania revealed failures in organization and control of personal data protection by public sector.
Full description
of the processing of personal data. The audit was conducted at the SDPI, data and information was collected at the Ministry of Justice, Ministry of Transport and Communications, Ministry of Health, Ministry ... Over the past few years, a number of legal, management, supervision, information, and methodological issues related to the protection of personal data have piled up. As they have not been fully ... resolved,the National Audit Office conducted an audit to assess the efficiency of the protection and supervision of automatically processed personal data and to check whether: - the regulation of personal data ... ... Data protection needs a long term strategy ... Rapid development of information and communication technology continuously brings about issues of personal data protection. Due to lack of long-term vision in this area they are frequently ... not addressed by the existing legislation. Moreover, SAI of Lithuania revealed failures in organization and control of personal data protection by public sector.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2013
Risk cases: 2