Software management assessment in local governments and local government educational institutions
Objective of the audit was to verify compliance of software recording and management with regulatory enactments, as well as to assess the effectiveness of software management in local governments ... and local government educational institutions. ... ... Software management assessment in local governments and local government educational institutions ... Manage your software! Local governments and local government education institution neglect basic safety procedures, use outdated or illegal kinds of software, use two and more different software ... for the same function.
Full description

Management of Information Resources of the Ministry of the Interior
of the audit was to assess the management of information resources in the Ministry of the Interior. We assessed how the Ministry ensures planning and organisation, monitoring, assessment and coordination ... of their management. In addition, we assessed the IT management maturity in the Ministry. We analysed information resources managed by the Ministry (five state registers, eight state IS and three departmental registers ... Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... ... Process maturity examination can help in IT audit ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes. ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found
Full description

Report to on the user-friendliness and user involvement in the development of e-government services in Denmark
is to provide an assessment of the authorities’ efforts to ensure that e-government services are user-friendly. The report answers the following questions: - Have the authorities involved the users ... in the development of the e-government services? - Have the authorities conducted post-launch assessments of the user-friendliness of the e-government services, and do the contracts with the suppliers of the solutions ... e-government services: - NemID (EasyID – the Danish public sector common digital signature solution), The Danish Agency for Digitisation (the Ministry of Finance); - TastSelv Borger (E-tax self ... ... User-friendliness of public services should be consistenty required and tested ... The Danish Rigsrevisionen is of the opinion that the user-friendliness of the services can be improved if the authorities meet all the requirements of the Danish Agency for Digitisation concerning ... the matter. The audit covered user-friendliness related problems in case of five systems, before and after the launch. The systems take-up was also considered, as well as communicating with citizens who ... are unable to use digital services.
Full description

Audit to the Social Security Systems of Collection of Contributions and Quotes and Relationship with Banking and other Entities Engaged in Collection Initiatives
The audit aims to evaluate the effectiveness and efficiency of the processes implemented in respect of the processing schemes of contributions/quotas, whose Wages Statements (WS) entered ... into the system in the first quarter of 2007, test the reliability, stability and confidence level of the application systems developed and the respective values processed in the entire collection circuit ... and respective accounting, and also check compliance with the contracts celebrated with banking entities. ... ... Application level of Social Security IS analyzed ... Processes maturity and automation of controls appeared to be main problems in the system which reliability, stability and confidence level were tested.
Full description

State aid for IT projects in social and health care
and Health. All in all approximately 250 million euros was tied to development projects carried out as national measures in 2000-2010, not including the self-funded portion of aid or loans granted ... In 2000-2009 about 180 million euros in national and European Union funds went to finance information technology projects in social and health care, not including the costs of developing national ... information system services (KanTa project) or the National Project for Social Services IT (Tikesos project). Financing has been provided by the Ministry of Social Affairs and H ealth, the Finnish Funding ... Difficult coordination of IT projects ... Finish Audit Office analyzed results of poor cooperation between authorities on national and local level in social and health care projects: difficult integration of information systems and poor ... coordination of the financing information technology projects, including double financing.
Full description

Parallel Audit on Biometric Passports - Overall Results (anonymised)
A biometric passport (or ePassport) contains biometric information which serves to authenticate the identity of travellers. Biometric passport management is the process of establishing ... and implementing the regulation on standards for security features and biometrics in passports and travel documents issued by the member states. The aim is to develop and maintain efficient and secure biometric ... passport production procedures (see page 5). ... EUROSAI ITWG: Parallel Audit on Biometric Passports ... process is generally under control while a couple of high-risk findings were identified in the non-process-specific assessments. In the non-process-specific assessments, most of the countries found ... Swiss SAI summed up results of audits concluded in seven countries (Belgium, Latvia, Lithuania, Norway, Portugal, Switzerland). The evaluation of the reported results showed that the overall passport ... deficiencies and weaknesses related to the IS/IT system and the IT management. Medium risks have been identified in the area of laws and regulations, cost-benefit realisation and transparency, as well
Full description

Auditing the National Rationing System
to the rules and regulations in order to make an assessment of soundness of the Ration system and its related operations. ... The audit was to investigate the data quality, validity and reliability of two sub-systems (Ration Card and Ration Distribution) of a National Rationing System (Ration System) with the comparison ... Unreliable databases trigger all kinds of possible problems ... Ministry responsible for functioning of the National Rationing System developed to automate and optimize the delivery of essential subsidized commodities to eligible beneficiaries and providing state ... with reliable information fails its job.
Full description

Informatisation of hospitals
The goals of the audit were: 1. Assesment to what degree service providers are prepared to implement the electronic health information system. 2. Assessment of government activities related ... to the construction of the health information system within the framework of the "Healthcare Informatisation Program" ... ... Sometimes it is really not about the money.. ... Informatisation of healthcare is one of the most money-consuming IT activities of the State. Polish NIK shows how a poor concept can delay modernization of hospitals. The new IT system was expected ... to take some burden off doctors, streamline medical care, prevent fraud and improve efficiency. But will it be created at all?
Full description

Cyber Attacks: Securing Agencies’ICT Systems
Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... . In the government sector, the Australian Signals Directorate (ASD)3 has estimated that between January and December 2012, there were over 1790 security incidents against Australian Government agencies. Of these, 685 ... were considered serious enough to warrant a Cyber Security Operations Centre response. <br/> The protection of Australian Government systems and information from unauthorised access and use is a key ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description

Management of Information Resources of the Ministry of Agriculture
The Ministry of Agriculture of the Republic of Lithuania has managed 32 information systems and registers. Of these, 24 ones are managed, developed and upgraded by a state enterprise subordinate ... to the Ministry of Agriculture, the Agricultural Information and Rural Business Centre. The annual amount allocated by the Ministry for the maintenance of the Centre totals LTL 17.5 million on average ... . The objective of the audit was to assess the general and development controls of the information resources of the Ministry of Agriculture. The audit was conducted at the Ministry of Agriculture and the state ... ... Without appropiate IT management  it is hard to achieve reliable, consistent and secure systems for agriculture ... Since 1996 the Ministry has been using information systems of varying complexity for collecting and processing data, including personal data. The Ministry of Agriculture of the Republic of Lithuania ... has managed 32 information systems and registers. SAI of Lithuania revealed that systems were not well mantained what affected use of funds devoted to the systemsand also their legality and security.
Full description