45
results found in
9 ms
Page 1
of 5
Opportunities Exist for SEC to Improve Its Controls over Financial Systems and Data
of the commission’s fiscal years 2015 and 2014 financial statements. GAO’s objective was to determine the effectiveness of information security controls for protecting the confidentiality, integrity, and availability ... . In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... IT security basics under scrutiny ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information. ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could
Full description
of the commission’s fiscal years 2015 and 2014 financial statements. GAO’s objective was to determine the effectiveness of information security controls for protecting the confidentiality, integrity, and availability ... . In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... IT security basics under scrutiny ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information. ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could
Full description
General Accountability Office
, issued in 2016
Risk cases: 5
Coordinated Audit on Information Technology Governance
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
Risk cases: 5
Information security work at nine agencies
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 4
Digital transformation in government
Support exemplars, provide consistent guidance... and do not lose focus As the NAO states: Government faces significant challenges in providing public services. While many government services are now available online, public administration is struggling to manage more complicated programmes and to improve the complex systems and processes that support public services.
Full description
Support exemplars, provide consistent guidance... and do not lose focus As the NAO states: Government faces significant challenges in providing public services. While many government services are now available online, public administration is struggling to manage more complicated programmes and to improve the complex systems and processes that support public services.
Full description
National Audit Office
, issued in 2017
Risk cases: 4
Homeland Security. Oversight of Neglected Human Resources Information Technology Investment Is Needed
Human resources IT investments get stuck in management's lack of interest Although the Human Resources Information Technology (HRIT) investment was initiated about 12 years ago with the intent to consolidate, integrate, and modernize the department's human resources IT infrastructure, the Department of Homeland Security (DHS) has made very limited progress in achieving these goals. HRIT's minimally involved executive steering committee during a time when significant problems were occurring was a key factor in the lack of progress. This is particularly problematic given that the department's ability to efficiently and effectively carry out its mission is significantly hampered by its fragmented human resources. DHS's ineffective management of HRIT, such as the lack of an updated schedule and a life-cycle cost estimate, also contributed to the neglect this investment has experienced. DHS will be limited in efficiently tracking and reporting accurate, comprehensive performance and learning management data across the organization, and could risk further implementation delays.
Full description
Human resources IT investments get stuck in management's lack of interest Although the Human Resources Information Technology (HRIT) investment was initiated about 12 years ago with the intent to consolidate, integrate, and modernize the department's human resources IT infrastructure, the Department of Homeland Security (DHS) has made very limited progress in achieving these goals. HRIT's minimally involved executive steering committee during a time when significant problems were occurring was a key factor in the lack of progress. This is particularly problematic given that the department's ability to efficiently and effectively carry out its mission is significantly hampered by its fragmented human resources. DHS's ineffective management of HRIT, such as the lack of an updated schedule and a life-cycle cost estimate, also contributed to the neglect this investment has experienced. DHS will be limited in efficiently tracking and reporting accurate, comprehensive performance and learning management data across the organization, and could risk further implementation delays.
Full description
US Government Accountability Office
, issued in 2016
Risk cases: 1
The Ministry of the Environment lacks a compact information system and still uses 125 separate information systems and databases
of the MoE. The audit identified the following risks: (1) non-existence of the Integrated environmental information system (IEIS) as an independent information system; (2) purchase of ICT, within the budget ... chapter of the MoE, through a state co-funded organisation CENIA which comes under the management of the MoE; (3) utilisation of the information systems. The audited period was 2010 to 2013; where relevant ... The objective of the audit was to scrutinise the management of funds earmarked for the purchase and administration of ICT within the MoE and selected organisations which come under the management ... ... Ministry of the Environment manages 125 information systems and databases ... The Ministry of the Environment (MoE) has for more than 20 years a legal obligation to administer and manage an Integrated Environmental Information System (IEIS). In spite of this fact, the existing ... systems (more than 125 information systems and databases) are designed, implemented and managed as individual information systems without a direct integration into a joint point of reference.
Full description
of the MoE. The audit identified the following risks: (1) non-existence of the Integrated environmental information system (IEIS) as an independent information system; (2) purchase of ICT, within the budget ... chapter of the MoE, through a state co-funded organisation CENIA which comes under the management of the MoE; (3) utilisation of the information systems. The audited period was 2010 to 2013; where relevant ... The objective of the audit was to scrutinise the management of funds earmarked for the purchase and administration of ICT within the MoE and selected organisations which come under the management ... ... Ministry of the Environment manages 125 information systems and databases ... The Ministry of the Environment (MoE) has for more than 20 years a legal obligation to administer and manage an Integrated Environmental Information System (IEIS). In spite of this fact, the existing ... systems (more than 125 information systems and databases) are designed, implemented and managed as individual information systems without a direct integration into a joint point of reference.
Full description
Supreme Audit Office of Czech Republic
, issued in 2015
Risk cases: 7
FEMA Needs to Address Management Weaknesses to Improve Its Systems
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
General Accountability Office
, issued in 2016
Risk cases: 4
Lack of information about heavy-duty transports on federal long-distance roads - number of closed bridges increases
Information on heavy-duty Transports The Bundesrechnungshof of Germany revealed that the Federal Ministry of Transport and Digital Infrastructure does not know which routes are particularly affected by heavy-duty transports, since it has not obtained comprehensive information from the state authorities about the heavy-duty transports.
Full description
Information on heavy-duty Transports The Bundesrechnungshof of Germany revealed that the Federal Ministry of Transport and Digital Infrastructure does not know which routes are particularly affected by heavy-duty transports, since it has not obtained comprehensive information from the state authorities about the heavy-duty transports.
Full description
Bundesrechnungshof
, issued in 2016
Risk cases: 1
The management of the State Property and Funds while Information Systems Building for the Ministry of Defence
The aim of the audit was to examine management during process of extension and modernization of the current information systems and at building of new information systems for the needs ... of the Ministry of Defence or the Army of the Czech Republic. Operating of information systems is inseparably linked with the communication infrastructure, thus the technological shift to ICT was reviewed also ... in this connection. The stationary ICT systems are determined to support management of the Ministry of Defence in period of peace. They are also supposed as a tool of crisis management. The auditing operation covered ... ... Information systems not balanced with infrastructure ... Both organizational changes and inflexibility produce unbalanced plans which cause deiscrepancies between IS and infrastructure.
Full description
The aim of the audit was to examine management during process of extension and modernization of the current information systems and at building of new information systems for the needs ... of the Ministry of Defence or the Army of the Czech Republic. Operating of information systems is inseparably linked with the communication infrastructure, thus the technological shift to ICT was reviewed also ... in this connection. The stationary ICT systems are determined to support management of the Ministry of Defence in period of peace. They are also supposed as a tool of crisis management. The auditing operation covered ... ... Information systems not balanced with infrastructure ... Both organizational changes and inflexibility produce unbalanced plans which cause deiscrepancies between IS and infrastructure.
Full description
Supreme Audit Office
, issued in 2005
Risk cases: 2
Effectiveness of the execution of the eHealth project
The Court of Audit of the Republic of Slovenia has audited how effectively the Ministry of Health had managed the project eHealth - the national plan for developing information system support ... management, management of the human resources and financial oversight. The goal of the Ministry was to implement a modern information system, which would support secure eHealth operations and effective ... . Further information on the project can also be found in http://www.intosaijournal.org/highlights/audit_slovenia_ehealth_project_jul2014.html ... ... Clear concept, good planning and financial control are indispensable conditions for a successful IT project ... The Court of Audit of the Republic of Slovenia analysed a Government eHealth project. Its goal was to implement a modern information system, which would support the health services and health related ... data. The Court has pointed at a long list of project management fundamentals to be corrected.
Full description
The Court of Audit of the Republic of Slovenia has audited how effectively the Ministry of Health had managed the project eHealth - the national plan for developing information system support ... management, management of the human resources and financial oversight. The goal of the Ministry was to implement a modern information system, which would support secure eHealth operations and effective ... . Further information on the project can also be found in http://www.intosaijournal.org/highlights/audit_slovenia_ehealth_project_jul2014.html ... ... Clear concept, good planning and financial control are indispensable conditions for a successful IT project ... The Court of Audit of the Republic of Slovenia analysed a Government eHealth project. Its goal was to implement a modern information system, which would support the health services and health related ... data. The Court has pointed at a long list of project management fundamentals to be corrected.
Full description
Court of Audit of the Republic of Slovenia
, issued in 2013
Risk cases: 5