Information Technology Cost Estimation Agencies Need to Address Significant Weakness in Policies and Practices
and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description

Quality of public services in information society in 2010
. Information about the services is still difficult to find on websites and people who use public services must still submit unjustified documents, proof of facts or go to administrative agencies in person ... if this is acceptable to the person in question. Even though state and local government agencies have made efforts to implement the principles of good administration, the National Audit Office cannot affirm ... The National Audit Office found that irrespective of a few positive changes, the quality of provision of public services in information society has not improved significantly in comparison to 2007 ... ... The quality of public services has been improved but still isn’t good enough ... is still difficult to find on websites and people who use public services must still submit unjustified documents, proof of facts or go to administrative agencies in person. ... Irrespective of a few positive changes, the quality of provision of public services in information society has not improved significantly in comparison to 2007. Information about the services
Full description

Performance Audit of the Management of ICT in the Criminal Justice Sector
The Norwegian OAG has assesed how the Ministry of Justice and Public Security has discharged its responsibility for effiecient case processing through developing and applying Information ... and Communications Technology (ICT) in the criminal justice sector ... ... Unclear signals from a Ministry weaken development of ICT in the justice chain ... reporting from the subordinate agencies, ensuring that the new ICT Police System takes into account other sub-sectors need for electronic interaction. ... Points by SAI Norway: development of an overall rolling action plan based on the current ICT (Information and Communication Technology) strategy for the justice sector, performance-oriented
Full description

Submission of data to national databases in municipalities, towns and cities
The National Audit Office analysed the activities of the database managers following a ruling made by the Supreme Court in 2010, which stated that the public functions assigned to local authorities ... must be clearly financed from the state budget. It was also assessed whether the measures taken by database managers have been sufficient to guarantee that local authorities submit all required data ... and that these data are correct. ... ... Funds as basic factor of data processing ... The NAO of Estonia audited the activities of state agencies in the management of the database selected for the audit, to which local authorities are obliged to submit data. It was found that in most ... cases the state does not compensate the costs of data submission for local governments.
Full description

Report to the Public AccountsCommittee on mitigation of cyber attacks
This report concerns the action taken by Danish government bodies to prevent cyber attacks. Behaving sensibly in cyberspace to avoid attacks is important, but should be supplemented by technical ... security controls that can increase security and mitigate cyber attacks. International studies have concluded that three central security controls can prevent the majority of the currently known types ... of attacks: - technical restriction of download of programmes; - limited use of local administrators; - systematic software updates. Rigsrevisionen has assessed whether the government bodies in the study ... Three basic security measures are often neglected ... Government agencies are open for cyber attacks because they often forget to respect three basic IT security measures. The three measures are: 1. technical restriction on programs downloading; 2 ... . limited use of local administrators rights; 3. systematic software updates.
Full description

State aid for IT projects in social and health care
Agency for Technology and Innovation (Tekes), regional councils (previously state provincial offices), and indirectly by the Slot Machine Association under the direction of the Ministry of Social Affairs ... In 2000-2009 about 180 million euros in national and European Union funds went to finance information technology projects in social and health care, not including the costs of developing national ... information system services (KanTa project) or the National Project for Social Services IT (Tikesos project). Financing has been provided by the Ministry of Social Affairs and H ealth, the Finnish Funding ... Difficult coordination of IT projects ... Finish Audit Office analyzed results of poor cooperation between authorities on national and local level in social and health care projects: difficult integration of information systems and poor ... coordination of the financing information technology projects, including double financing.
Full description

Opportunities Exist for SEC to Improve Its Controls over Financial Systems and Data
of SEC’s key financial systems and information. To do this, GAO examined information security policies, plans, and procedures; tested controls over key financial applications; interviewed agency officials ... The SEC is responsible for enforcing securities laws, issuing rules and regulations that provide protection for investors, and helping to ensure that the securities markets are fair and honest ... . In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... IT security basics under scrutiny ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information.
Full description

Performance Audit of the Georgian Government electronic Procurement system
State procurement is one of the key components of public financial management. Its share in state budget is approximately 25 percent. Effective management of state procurements is an important sphere ... of interest for the State Audit Office. Considering the fact that since 2010 major part of public procurements is being conducted electronically and there is no alternative tool, uninterrupted provision ... of a high-quality service has a particular importance. <br /> It is noteworthy that establishment of open, transparent and competitive environment for the procurement parties mitigates the risks of corruption ... ... Electronic procurement system - how effective are management and control mechanisms? ... SAI Georgia analyzed the electronic Government Procurement system. In their report they focus on compliance and security problems, which may harm the business goals and overall mission of the system.
Full description

Report on the government’s processing of confidential data on persons and companies
Rigsrevisionen has examined how eight government institutions process confidential data on persons and companies in 11 selected IT systems. The report is based on IT audits carried out in connection ... with the annual audit in the spring 2014. The purpose of the audit was to assess whether confidential data on persons and companies are adequately protected by the government institutions. ... ... Inadequate protection of confidential data ... If a government institution does not protect confidential data to the extent necessary, the risk that third parties get unauthorized access to the data is very high. In opinion of the Danish SAI ... , inadequate protection of confidential data may also erode the citizens’ and companies’ confidence in government data security. That may eventually become a barrier for the continued efforts to implement ... e-government and make government administration more efficient.
Full description

Results of the development of the state’s information systems
The National Audit Office has repeatedly audited the management and development of the state’s information technology (IT) area in the last ten years. The last audit was performed in 2005. After that ... , several measures have been implemented in the state to organise the development better and to guarantee that the systems are compatible. This audit gives an opinion of the results of development project ... management and the state’s coordination mechanism in this process. ... ... Success and failure depend on preparation ... Conclusions of performance IT audit based on a sample of government projects: business portal, land register, e-police, fire safety monitoring system, childcare information system and the document ... management system of the Defence Forces. Key problems and discussion with auditees are presented.
Full description