Reports Search Reports Spatial Search Risk-cases Search Risk-cases Graph Traversal
15 results found in 7 ms Page 1 of 2
Report to the Public AccountsCommittee on mitigation of cyber attacks
This report concerns the action taken by Danish government bodies to prevent cyber attacks. Behaving sensibly in cyberspace to avoid attacks is important, but should be supplemented by technical ... security controls that can increase security and mitigate cyber attacks. International studies have concluded that three central security controls can prevent the majority of the currently known types ... of attacks: - technical restriction of download of programmes; - limited use of local administrators; - systematic software updates. Rigsrevisionen has assessed whether the government bodies in the study ... Three basic security measures are often neglected ... Government agencies are open for cyber attacks because they often forget to respect three basic IT security measures. The three measures are: 1. technical restriction on programs downloading; 2 ... . limited use of local administrators rights; 3. systematic software updates.
Full description
National Audit Office of Denmark , issued in 2013
Risk cases: 3
Business Continuity Management
Business Continuity Management is a process whereby all necessary measures are taken to ensure that a company can accomplish its core tasks on time even in extraordinary situations. The Swiss Federal ... Audit Office (SFAO) previously carried out a cross-section audit in 2009 on the BCM measures at nine administrative units of the central Federal Administration. This year’s audit focused ... on the decentralised Federal Administration as well as the Swiss Federal Railways (rail transport and ticket sales) and Swiss Post (PostFinance, Swiss Post Solutions, PostBus). ... ... A cross-section audit on business continuity management (BCM) ... The audit points, among others, at a necessary but difficult process chain: Policy - Analysis - Strategy - Planning - Training.
Full description
Swiss Federal Audit Office , issued in 2010
Risk cases: 1
Traffic Ticketing information system
The audit included two areas of focus - the environment surrounding the Traffic Ticketing Information System - the System (designed to input, process, manage and collect payment for the traffic ... tickets) and also the internal environment of the System that guarantees the quality of its performance and safety. ... Security can hinder effectiveness ... SAI of Kuwait analysed system supporting collection of the traffic tickets - data input, processing and management. What was found was lack of basic safety measures, that hindered the effectiveness ... of the system.
Full description
State Audit Bureau of Kuwait , issued in 2014
Risk cases: 3
Submission of data to national databases in municipalities, towns and cities
must be clearly financed from the state budget. It was also assessed whether the measures taken by database managers have been sufficient to guarantee that local authorities submit all required data ... The National Audit Office analysed the activities of the database managers following a ruling made by the Supreme Court in 2010, which stated that the public functions assigned to local authorities ... and that these data are correct. ... ... Funds as basic factor of data processing ... The NAO of Estonia audited the activities of state agencies in the management of the database selected for the audit, to which local authorities are obliged to submit data. It was found that in most ... cases the state does not compensate the costs of data submission for local governments.
Full description
National Audit Office of Estonia , issued in 2013
Risk cases: 1
Results of the development of the state’s information systems
, several measures have been implemented in the state to organise the development better and to guarantee that the systems are compatible. This audit gives an opinion of the results of development project ... The National Audit Office has repeatedly audited the management and development of the state’s information technology (IT) area in the last ten years. The last audit was performed in 2005. After that ... management and the state’s coordination mechanism in this process. ... ... Success and failure depend on preparation ... Conclusions of performance IT audit based on a sample of government projects: business portal, land register, e-police, fire safety monitoring system, childcare information system and the document ... management system of the Defence Forces. Key problems and discussion with auditees are presented.
Full description
National Audit Office of Estonia , issued in 2010
Risk cases: 3
State aid for IT projects in social and health care
and Health. All in all approximately 250 million euros was tied to development projects carried out as national measures in 2000-2010, not including the self-funded portion of aid or loans granted ... In 2000-2009 about 180 million euros in national and European Union funds went to finance information technology projects in social and health care, not including the costs of developing national ... information system services (KanTa project) or the National Project for Social Services IT (Tikesos project). Financing has been provided by the Ministry of Social Affairs and H ealth, the Finnish Funding ... Difficult coordination of IT projects ... Finish Audit Office analyzed results of poor cooperation between authorities on national and local level in social and health care projects: difficult integration of information systems and poor ... coordination of the financing information technology projects, including double financing.
Full description
National Audit Office of Finland , issued in 2011
Risk cases: 3
Opportunities Exist for SEC to Improve Its Controls over Financial Systems and Data
The SEC is responsible for enforcing securities laws, issuing rules and regulations that provide protection for investors, and helping to ensure that the securities markets are fair and honest ... . In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... IT security basics under scrutiny ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information.
Full description
General Accountability Office , issued in 2016
Risk cases: 5
General and Creation Control of the Information Systems of the Ministry of Foreign Affairs
The objective of the audit was to assess general and creation control of the information systems of the Ministry of Foreign Affairs. Since the beginning of 2009, the Ministry of Foreign Affairs has ... achieved considerable progress in the management of the information systems. The auditors reviewed and assessed all key elements of the process. ... Overview of problems - area by area ... SAI Lithuania looked into all critical elements of a Ministry's information system, starting from IT architecture, through information security to automation of data processing.
Full description
National Audit Office of the Republic of Lithuania , issued in 2013
Risk cases: 4
Management of Police Information Resources
Police tasks of the necessary data are processed departmental registers, information systems, automated data processing systems and networks where information is stored, processed and transferred ... to the classified information. The police department has all of these information resources, so the audit focused on the activities and actions of the Department to ensure planning and organizing of the recourses ... , monitoring, evaluation and coordination and other aspects of registers and IS strategic management. The audited period was 2012-2014. For the analysis, there were used previous data and data of 2015 ... ... Fundamentals of IT organisation ... Review by SAI Lithuania makes readers aware that nowadays it is difficult to develop a larger IT system without whole conceptual infrastracture: planning composed into strategy of the organisation ... and well understood architecture of information. Well functioning IT management structures, which on the other hand may sound trivial, were proved here as the key to success.
Full description
National Audit Office of the Republic of Lithuania , issued in 2015
Risk cases: 4
Copyright Office Needs to Develop Plans that Address Technical and Organizational Challenges
The mission of the Copyright Office, a service unit within the Library of Congress, is to promote creativity by administering and sustaining a national copyright system. As part of this mission ... , the Copyright Office registers about 500,000 creative works a year for copyright and records documentation related to copyright transfer and sale. In recent years, the Register of Copyrights has discussed ... the need for a modernized Copyright Office, to include upgrades to the current IT environment. ... No justified investments without IT strategy ... GAO shows in its report on the US Copyright Office, what is a role of IT strategy in organisaion. Effects can be found at the bottom and at the top: the lack of strategic plan can make it more ... difficult to solve practical problems, but it can also put the overall mission of the Office at risk.
Full description
General Accountability Office , issued in 2015
Risk cases: 2
15 results found. Page 1 of 2 next