13
results found in
9 ms
Page 1
of 2
THE CYBER SECURITY ENVIRONMENT IN LITHUANIA
) cyber security is ensured in public establishments. During the audit, the SAI Lithuania analysed current regulation, strategic planning and management practices in the field of cyber security ... The purpose of the audit was to assess whether cyber security is being ensured in Lithuania. In view of this goal, we assessed whether: (1) an effective cyber security system has been set up; (2 ... and electronic information security as well as the funds allocated and used in this area. The SAI evaluated whether the cyber security and electronic information security objectives detailed in planning documents ... ... Cyber-security is much more than preventing incidents ... SAI Lithuania determined that the issue of ensuring and increasing cyber security and resilience has not been effectively addressed at the national level. The focus has primarily been on reacting ... to and preventing incidents in cyber space, which means that traditional issues related to electronic information security (confidentiality, integrity, accessibility) have been neglected, and from 2015, not enough ... attention has been paid to development, legislation, improvement of organisational structure, etc. in this field.
Full description
) cyber security is ensured in public establishments. During the audit, the SAI Lithuania analysed current regulation, strategic planning and management practices in the field of cyber security ... The purpose of the audit was to assess whether cyber security is being ensured in Lithuania. In view of this goal, we assessed whether: (1) an effective cyber security system has been set up; (2 ... and electronic information security as well as the funds allocated and used in this area. The SAI evaluated whether the cyber security and electronic information security objectives detailed in planning documents ... ... Cyber-security is much more than preventing incidents ... SAI Lithuania determined that the issue of ensuring and increasing cyber security and resilience has not been effectively addressed at the national level. The focus has primarily been on reacting ... to and preventing incidents in cyber space, which means that traditional issues related to electronic information security (confidentiality, integrity, accessibility) have been neglected, and from 2015, not enough ... attention has been paid to development, legislation, improvement of organisational structure, etc. in this field.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2015
Risk cases: 6
State funds spent on development, operation and using of data centres services
The aim of the audit was to scrutinise the management of funds spent on building and operating the national data centre (hereinafter “STC1 data centre”), including the expenditure of selected ... organisational units of the state on buying hosting, server-housing and other related services. The audited period was between 2010 and 2014; where relevant, the preceding period was also scrutinised. Audited ... entities: Ministry of the Interior (“MoI”); Ministry of Finance (“MoF”); STÁTNÍ TISKÁRNA CENIN, state firm (state banknote printing firm, hereinafter “STC” or “the state firm”). The audit was conducted ... ... Risks steming from uncoordinated strategy ... SAI of Czech Republic analysed consequences of failures in strategic IT management at the state level. Lack of coordination and implementation rules reduced practical role of the ministry whose task ... was to guard high quality standards for all crucial IT systems in the state administration. Next consecquences were (among others) risk of uneconomical results of large IT investment and risk of inefficient ... supply of services, as well as opposite results of workforce reduction.
Full description
The aim of the audit was to scrutinise the management of funds spent on building and operating the national data centre (hereinafter “STC1 data centre”), including the expenditure of selected ... organisational units of the state on buying hosting, server-housing and other related services. The audited period was between 2010 and 2014; where relevant, the preceding period was also scrutinised. Audited ... entities: Ministry of the Interior (“MoI”); Ministry of Finance (“MoF”); STÁTNÍ TISKÁRNA CENIN, state firm (state banknote printing firm, hereinafter “STC” or “the state firm”). The audit was conducted ... ... Risks steming from uncoordinated strategy ... SAI of Czech Republic analysed consequences of failures in strategic IT management at the state level. Lack of coordination and implementation rules reduced practical role of the ministry whose task ... was to guard high quality standards for all crucial IT systems in the state administration. Next consecquences were (among others) risk of uneconomical results of large IT investment and risk of inefficient ... supply of services, as well as opposite results of workforce reduction.
Full description
Supreme Audit Office of Czech Republic
, issued in 2015
Risk cases: 7
Management and protection of assets in the field of the information-communication technologies at the ME SR
internal and security directives, unidentified critical and strategic Information Systems (IS), absolutely unsatisfying principles, procedures, conditions and policy relating to the data backuping (and ... The Supreme Audit office of the Slovak Republic (SAO SR) has conducted the audit at the Ministry of Environment of the Slovak Republic (ME SR) for the audit period 2011 and 2012 to examine ... the compliance with the generally binding legal regulations and the general statues in the field of the information-communication technologies (ICT) and the information systems of the public administration (ISPA ... ... Started from contracting, ended in security ... The perceptive and filled with findings audit - conducted by the Slovak SAI - discovered the list of issues which started in careless contracting procedures, failure to update the development concept ... and ended in exposing the organization to high security risks.
Full description
internal and security directives, unidentified critical and strategic Information Systems (IS), absolutely unsatisfying principles, procedures, conditions and policy relating to the data backuping (and ... The Supreme Audit office of the Slovak Republic (SAO SR) has conducted the audit at the Ministry of Environment of the Slovak Republic (ME SR) for the audit period 2011 and 2012 to examine ... the compliance with the generally binding legal regulations and the general statues in the field of the information-communication technologies (ICT) and the information systems of the public administration (ISPA ... ... Started from contracting, ended in security ... The perceptive and filled with findings audit - conducted by the Slovak SAI - discovered the list of issues which started in careless contracting procedures, failure to update the development concept ... and ended in exposing the organization to high security risks.
Full description
Supreme Audit Office of the Slovak Republic
, issued in 2012
Risk cases: 4
Activities of the state in implementing the e-health system - Do the state, doctors and patients benefit from ehealth?
Estonia’s population is aging and the share of elderly people is increasing, as fewer children are being born and people are living longer. This creates a constantly growing need for health ... and social services and patients are also becoming more and more demanding about the volume and quality of the services provided. The more extensive and systematic implementation of e-health solutions helps ... make the health system more efficient, improves people’s health via more effective prevention, raises the awareness of patients and also contributes to the more reasonable use of health resources ... ... Why state, doctors and patients do not benefit from e-Health as much as they could? ... efficient organisation of health care. As SAI Estonia found out, wide range problems started from two basic points: lack of strategic manager and unrealisitc schedule. ... The report reviews whether the objectives set to the e-Health – ambitious multiyear program of Estonian Government - have been achieved. They are: higher quality of the health service and more
Full description
Estonia’s population is aging and the share of elderly people is increasing, as fewer children are being born and people are living longer. This creates a constantly growing need for health ... and social services and patients are also becoming more and more demanding about the volume and quality of the services provided. The more extensive and systematic implementation of e-health solutions helps ... make the health system more efficient, improves people’s health via more effective prevention, raises the awareness of patients and also contributes to the more reasonable use of health resources ... ... Why state, doctors and patients do not benefit from e-Health as much as they could? ... efficient organisation of health care. As SAI Estonia found out, wide range problems started from two basic points: lack of strategic manager and unrealisitc schedule. ... The report reviews whether the objectives set to the e-Health – ambitious multiyear program of Estonian Government - have been achieved. They are: higher quality of the health service and more
Full description
National Audit Office of Estonia
, issued in 2014
Risk cases: 3
Management of Information Resources of the Ministry of the Interior
Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... information systems. Whereas the Ministry has failed to implement some of the public audit recommendations of 2007 and 2010,6 we analysed, whether there have been any positive changes in the field of IT ... management. Their impact is important not only because the Ministry manages 16 information resources, which ensure data availability to the population, efficient activity of the services, and operation ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... information systems. Whereas the Ministry has failed to implement some of the public audit recommendations of 2007 and 2010,6 we analysed, whether there have been any positive changes in the field of IT ... management. Their impact is important not only because the Ministry manages 16 information resources, which ensure data availability to the population, efficient activity of the services, and operation ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2016
Risk cases: 4
Incorrect payments in social insurance - Control activities of the Swedish Social Insurance Agency
In 2014 the social insurance system accounted for six per cent of GDP. The long-term sustainability of a system of that magnitude requires that the public perceives its purpose to be important ... , that it is well administered and that it is as free of abuse as possible. It must also be financially stable over time, since major fluctuations impact other areas of the central government budget. When ... these things function as they should, the system is perceived to be legitimate and enjoys public confidence.<br/> According to available estimations, almost SEK 20 billion had been paid out incorrectly from ... Balance of priorities needed to reduce incorrect payments ... of each system, still, the prevention of incorrect payments needs strategic support to be really effective. ... Role of social insurance in public finance is so substantial that reduction of incorrect payments' volume is matter of huge savings. The Swedish NAO noted positive initiatives by the Social Insurance ... Agency in this regard. However they found also, that serious problems can stem from giving higher priority to the speed of payment and customers satisfaction. They both are undoubtedly important features
Full description
In 2014 the social insurance system accounted for six per cent of GDP. The long-term sustainability of a system of that magnitude requires that the public perceives its purpose to be important ... , that it is well administered and that it is as free of abuse as possible. It must also be financially stable over time, since major fluctuations impact other areas of the central government budget. When ... these things function as they should, the system is perceived to be legitimate and enjoys public confidence.<br/> According to available estimations, almost SEK 20 billion had been paid out incorrectly from ... Balance of priorities needed to reduce incorrect payments ... of each system, still, the prevention of incorrect payments needs strategic support to be really effective. ... Role of social insurance in public finance is so substantial that reduction of incorrect payments' volume is matter of huge savings. The Swedish NAO noted positive initiatives by the Social Insurance ... Agency in this regard. However they found also, that serious problems can stem from giving higher priority to the speed of payment and customers satisfaction. They both are undoubtedly important features
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 3
Performance Audit of Public Debt Management Information Systems
The usage and development of the information technologies in public financial management is an important priority of the country at the phase of intensive implementation of electronic governance ... (E-Governance). The fact that information systems play crucial role in the business processes of the Ministry of Finance affects the state and the public in general. <br/> Bearing in mind the role and importance ... of information systems in the public debt management process and having considered legal requirements to information security, State Audit Office of Georgia conducted Performance Audit of Public Debt Management ... ... More effective IT governance needed ... Importance of effective performance of public debt management e-systems may be explained by the world’s increased dependence on such systems. In parallel with the performance audit of debt management ... information systems of the Ministry Of Finance of Georgia, Supreme Audit Institutions of 11 countries also studied this topic, both in terms of systems’ performance and their practical application by local ... financial institutions. Audit conducted by the State Audit Office of Georgia has revealed security and governance shortcomings related to management and usage of these systems.
Full description
The usage and development of the information technologies in public financial management is an important priority of the country at the phase of intensive implementation of electronic governance ... (E-Governance). The fact that information systems play crucial role in the business processes of the Ministry of Finance affects the state and the public in general. <br/> Bearing in mind the role and importance ... of information systems in the public debt management process and having considered legal requirements to information security, State Audit Office of Georgia conducted Performance Audit of Public Debt Management ... ... More effective IT governance needed ... Importance of effective performance of public debt management e-systems may be explained by the world’s increased dependence on such systems. In parallel with the performance audit of debt management ... information systems of the Ministry Of Finance of Georgia, Supreme Audit Institutions of 11 countries also studied this topic, both in terms of systems’ performance and their practical application by local ... financial institutions. Audit conducted by the State Audit Office of Georgia has revealed security and governance shortcomings related to management and usage of these systems.
Full description
State Audit Office Of Georgia
, issued in 2014
Risk cases: 5
Preparations and realization of the State A-levels
The aim of the audit was to scrutinise the utilisation of the state budget and EU budget funds that had been spent on preparing and implementing the State A-levels examinations. The auditing ... operation was performed from May to November 2011. The audited period extended from January 1, 2005, to June 30, 2011; where relevant, the data from the previous period and the period until the end ... of the auditing operation were also scrutinized. Among the audited bodies were the Ministry of Education, the Education Result Survey Centre, and the National Institute for Further Education. The auditing operation ... ... Begin with good strategy ... Analyzing problems of state examinations system, Czech Republic SAI found that commonplace strategy effected in shortsighted planning, poor procurement and disadvantageous contracting.
Full description
The aim of the audit was to scrutinise the utilisation of the state budget and EU budget funds that had been spent on preparing and implementing the State A-levels examinations. The auditing ... operation was performed from May to November 2011. The audited period extended from January 1, 2005, to June 30, 2011; where relevant, the data from the previous period and the period until the end ... of the auditing operation were also scrutinized. Among the audited bodies were the Ministry of Education, the Education Result Survey Centre, and the National Institute for Further Education. The auditing operation ... ... Begin with good strategy ... Analyzing problems of state examinations system, Czech Republic SAI found that commonplace strategy effected in shortsighted planning, poor procurement and disadvantageous contracting.
Full description
Supreme Audit Office of Czech Republic
, issued in 2011
Risk cases: 4
Management and implementation of 1BestariNet
1BestariNet Service Project (1BestariNet) is an initiative undertaken by the Malaysian Ministry of Education (MOE) to replace and enhance ICT connectivity in schools. It is an enhancement ... to the SchoolNet service which terminated on 31 December 2010 with emphasis on end-to-end solutions (E2E) network services together with Virtual Learning Environment (VLE). Under this project, 10,000 primary ... and secondary public schools in Malaysia are equipped with high-speed 4G Internet access and a virtual learning platform, providing high-speed internet connectivity and access to a world-class Integrated Learning ... ... To answer big risks in IT systems development you need all levels of organisation ... Audit of 1BestariNet is presented by the Malaysian National Audit Department together with other IT projects reviewed. A result is this concise and instructive list of lessons learnt and failures ... to be avoided. To maximize performance and minimize vendor lock-in you need a lot of concerted effort by top and line management, as well as users ready to work with new tools.
Full description
1BestariNet Service Project (1BestariNet) is an initiative undertaken by the Malaysian Ministry of Education (MOE) to replace and enhance ICT connectivity in schools. It is an enhancement ... to the SchoolNet service which terminated on 31 December 2010 with emphasis on end-to-end solutions (E2E) network services together with Virtual Learning Environment (VLE). Under this project, 10,000 primary ... and secondary public schools in Malaysia are equipped with high-speed 4G Internet access and a virtual learning platform, providing high-speed internet connectivity and access to a world-class Integrated Learning ... ... To answer big risks in IT systems development you need all levels of organisation ... Audit of 1BestariNet is presented by the Malaysian National Audit Department together with other IT projects reviewed. A result is this concise and instructive list of lessons learnt and failures ... to be avoided. To maximize performance and minimize vendor lock-in you need a lot of concerted effort by top and line management, as well as users ready to work with new tools.
Full description
National Audit Department of Malaysia
, issued in 2013
Risk cases: 4
Managing the risk of legacy ICT to public service delivery
The cross-government report describes the case studies from four public services (state pension, Value Added Tax collection, prescription payment and consumer credit licensing services) selected ... to illustrate the range of approaches that small and large government bodies are taking to address the issues arising from legacy ICT (defined as "systems and applications that have been operationally embedded ... within a business function but superseded by newer and more effective technologies or changed business needs"). ... Possible approaches to the problem of 'legacy ICT' ... UK’s government experience in managing the risks connected to legacy ICT provides valuable insight for others facing the same problem and are considering transforming their services.
Full description
The cross-government report describes the case studies from four public services (state pension, Value Added Tax collection, prescription payment and consumer credit licensing services) selected ... to illustrate the range of approaches that small and large government bodies are taking to address the issues arising from legacy ICT (defined as "systems and applications that have been operationally embedded ... within a business function but superseded by newer and more effective technologies or changed business needs"). ... Possible approaches to the problem of 'legacy ICT' ... UK’s government experience in managing the risks connected to legacy ICT provides valuable insight for others facing the same problem and are considering transforming their services.
Full description
National Audit Office
, issued in 2013
Risk cases: 3