Reports Search Reports Spatial Search Risk-cases Search Risk-cases Graph Traversal
10 results found in 18 ms Page 1 of 1
Software management assessment in local governments and local government educational institutions
Objective of the audit was to verify compliance of software recording and management with regulatory enactments, as well as to assess the effectiveness of software management in local governments ... and local government educational institutions. ... ... Software management assessment in local governments and local government educational institutions ... Manage your software! Local governments and local government education institution neglect basic safety procedures, use outdated or illegal kinds of software, use two and more different software ... for the same function.
Full description
State Audit Office of the Republic of Latvia , issued in 2013
Risk cases: 4
Results of the development of the state’s information systems
The National Audit Office has repeatedly audited the management and development of the state’s information technology (IT) area in the last ten years. The last audit was performed in 2005. After that ... , several measures have been implemented in the state to organise the development better and to guarantee that the systems are compatible. This audit gives an opinion of the results of development project ... management and the state’s coordination mechanism in this process. ... ... Success and failure depend on preparation ... Conclusions of performance IT audit based on a sample of government projects: business portal, land register, e-police, fire safety monitoring system, childcare information system and the document ... management system of the Defence Forces. Key problems and discussion with auditees are presented.
Full description
National Audit Office of Estonia , issued in 2010
Risk cases: 3
The Ministry of the Environment lacks a compact information system and still uses 125 separate information systems and databases
The objective of the audit was to scrutinise the management of funds earmarked for the purchase and administration of ICT within the MoE and selected organisations which come under the management ... of the MoE. The audit identified the following risks: (1) non-existence of the Integrated environmental information system (IEIS) as an independent information system; (2) purchase of ICT, within the budget ... chapter of the MoE, through a state co-funded organisation CENIA which comes under the management of the MoE; (3) utilisation of the information systems. The audited period was 2010 to 2013; where relevant ... ... Ministry of the Environment manages 125 information systems and databases ... systems (more than 125 information systems and databases) are designed, implemented and managed as individual information systems without a direct integration into a joint point of reference. ... The Ministry of the Environment (MoE) has for more than 20 years a legal obligation to administer and manage an Integrated Environmental Information System (IEIS). In spite of this fact, the existing
Full description
Supreme Audit Office of Czech Republic , issued in 2015
Risk cases: 7
Operation of the Record Systems Applied in the Eligibility Scheme of Benefits and Services Provided from the Social Security Funds
Hungarian SAI evaluated the set-up and operation of the basic registries of managing bodies (National Health Insurance Fund, Central Administration of National Pension Insurance, National Tax ... and Customs Administration), as well as the dataflow amongst them. In addition, the control system of fulfilling the data provision obligation was evaluated, as well as the IT support activities and whether ... the records had proven reliable in supporting services in compliance with eligibilities and in filtering unjustified services. The audited period covered the years 2007-2010. ... ... Well considered regulations are essential for good quality data ... State Audit Office of Hungary.has proved that date safety may depend on quality of regulations. The report on record systems of social security services casted light on risk connected with huge data ... bases managed by different entities, in a changing legal environment.
Full description
State Audit Office of Hungary , issued in 2012
Risk cases: 2
THE CYBER SECURITY ENVIRONMENT IN LITHUANIA
The purpose of the audit was to assess whether cyber security is being ensured in Lithuania. In view of this goal, we assessed whether: (1) an effective cyber security system has been set up; (2 ... ) cyber security is ensured in public establishments. During the audit, the SAI Lithuania analysed current regulation, strategic planning and management practices in the field of cyber security ... and electronic information security as well as the funds allocated and used in this area. The SAI evaluated whether the cyber security and electronic information security objectives detailed in planning documents ... ... Cyber-security is much more than preventing incidents ... SAI Lithuania determined that the issue of ensuring and increasing cyber security and resilience has not been effectively addressed at the national level. The focus has primarily been on reacting ... to and preventing incidents in cyber space, which means that traditional issues related to electronic information security (confidentiality, integrity, accessibility) have been neglected, and from 2015, not enough ... attention has been paid to development, legislation, improvement of organisational structure, etc. in this field.
Full description
National Audit Office of the Republic of Lithuania , issued in 2015
Risk cases: 6
IT Support in the Judicial Chain
The Swedish National Audit Office has examined how well agencies in the judicial chain have handled known flaws in their IT support and whether the Government’s control mechanisms have provided ... the agencies with sufficient prerequisites to expand and improve IT support. ... ... Needed: good conditions by government, better steering and control by authorities ... Despite many years’ of work to modernize the IT support within the judiciary, there are still many deficiencies. The Government has not given the authorities good conditions enough to lead the work ... . The authorities, in their turn, need to improve their steering and control, as well as interact to a much higher degree.
Full description
Swedish National Audit Office , issued in 2011
Risk cases: 3
Report on the government’s processing of confidential data on persons and companies
Rigsrevisionen has examined how eight government institutions process confidential data on persons and companies in 11 selected IT systems. The report is based on IT audits carried out in connection ... with the annual audit in the spring 2014. The purpose of the audit was to assess whether confidential data on persons and companies are adequately protected by the government institutions. ... ... Inadequate protection of confidential data ... If a government institution does not protect confidential data to the extent necessary, the risk that third parties get unauthorized access to the data is very high. In opinion of the Danish SAI ... , inadequate protection of confidential data may also erode the citizens’ and companies’ confidence in government data security. That may eventually become a barrier for the continued efforts to implement ... e-government and make government administration more efficient.
Full description
National Audit Office of Denmark , issued in 2014
Risk cases: 2
Data security and positions with access to confidential information
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... . The 2007 Civil Service Data Information Security Decree (in Dutch: VIR 2007) is the legal foundation of the first part of this audit (data security). The Security Screening Act (in Dutch: WVO ... ) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... ... Shortcomings in information security and in positions with access to confidential information ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information.
Full description
Netherlands Court of Audits , issued in 2012
Risk cases: 3
Parallel Audit on Biometric Passports - Overall Results (anonymised)
A biometric passport (or ePassport) contains biometric information which serves to authenticate the identity of travellers. Biometric passport management is the process of establishing ... and implementing the regulation on standards for security features and biometrics in passports and travel documents issued by the member states. The aim is to develop and maintain efficient and secure biometric ... passport production procedures (see page 5). ... EUROSAI ITWG: Parallel Audit on Biometric Passports ... Swiss SAI summed up results of audits concluded in seven countries (Belgium, Latvia, Lithuania, Norway, Portugal, Switzerland). The evaluation of the reported results showed that the overall passport ... process is generally under control while a couple of high-risk findings were identified in the non-process-specific assessments. In the non-process-specific assessments, most of the countries found ... deficiencies and weaknesses related to the IS/IT system and the IT management. Medium risks have been identified in the area of laws and regulations, cost-benefit realisation and transparency, as well
Full description
Swiss Federal Audit Office , issued in 2015
Risk cases: 4
IT Police Systems
Implementation by the Polish Police of two IT projects (E-police station and Command Support System - CSS) was audited. Both systems were to relieve the Police officers and increase the quality ... and effectiveness of their work. Audit explained the reason of failure in the case of E-police station project and success in the case of CSS. Although some irregularities occurred in both cases, careful planning ... and organization of the project turned out to make the difference. Accordance with the public procurement law was not part of the audit as a separate investigation in that matter was carried by respective Polish ... ... A textbook example of how not to implement the IT projects ... Polish NIK compared the implementation of two flagship IT projects of the Police HQ: successful 'Command Support System' and problematic 'E-police station'. List of interesting problems appeared...
Full description
Supreme Audit Office of Poland , issued in 2013
Risk cases: 5
10 results found. Page 1 of 1