17
results found in
10 ms
Page 1
of 2
Managing the risk of legacy ICT to public service delivery
The cross-government report describes the case studies from four public services (state pension, Value Added Tax collection, prescription payment and consumer credit licensing services) selected ... to illustrate the range of approaches that small and large government bodies are taking to address the issues arising from legacy ICT (defined as "systems and applications that have been operationally embedded ... within a business function but superseded by newer and more effective technologies or changed business needs"). ... Possible approaches to the problem of 'legacy ICT' ... UK’s government experience in managing the risks connected to legacy ICT provides valuable insight for others facing the same problem and are considering transforming their services.
Full description
The cross-government report describes the case studies from four public services (state pension, Value Added Tax collection, prescription payment and consumer credit licensing services) selected ... to illustrate the range of approaches that small and large government bodies are taking to address the issues arising from legacy ICT (defined as "systems and applications that have been operationally embedded ... within a business function but superseded by newer and more effective technologies or changed business needs"). ... Possible approaches to the problem of 'legacy ICT' ... UK’s government experience in managing the risks connected to legacy ICT provides valuable insight for others facing the same problem and are considering transforming their services.
Full description
National Audit Office
, issued in 2013
Risk cases: 3
Risks of e-Governance Strategy Dominated by Outsourcing
Audit of IT service in Ministry of Public Assets gave an opportunity to analize risks related to outsourcing dominated e-Governance strategy. Important findings were identified in preparation ... and testing stages, stemming from poor Business Case. ... ... IT outsourcing risks ... Presentation based on audit of IT services in Polish Ministry of Public Assets. Outsourcing risks were classified and next identified at Business Case, preparation and teststing stages.
Full description
Audit of IT service in Ministry of Public Assets gave an opportunity to analize risks related to outsourcing dominated e-Governance strategy. Important findings were identified in preparation ... and testing stages, stemming from poor Business Case. ... ... IT outsourcing risks ... Presentation based on audit of IT services in Polish Ministry of Public Assets. Outsourcing risks were classified and next identified at Business Case, preparation and teststing stages.
Full description
Supreme Audit Office of Poland
, issued in 2010
Risk cases: 4
Management and protection of assets in the field of the information-communication technologies at the ME SR
internal and security directives, unidentified critical and strategic Information Systems (IS), absolutely unsatisfying principles, procedures, conditions and policy relating to the data backuping (and ... control of backup's functionality), restoring and security, possibility of unauthorised persons to access the IS and data, which increases the risk of information leakage and security risk, and inadequate ... The Supreme Audit office of the Slovak Republic (SAO SR) has conducted the audit at the Ministry of Environment of the Slovak Republic (ME SR) for the audit period 2011 and 2012 to examine ... ... Started from contracting, ended in security ... and ended in exposing the organization to high security risks. ... The perceptive and filled with findings audit - conducted by the Slovak SAI - discovered the list of issues which started in careless contracting procedures, failure to update the development concept
Full description
internal and security directives, unidentified critical and strategic Information Systems (IS), absolutely unsatisfying principles, procedures, conditions and policy relating to the data backuping (and ... control of backup's functionality), restoring and security, possibility of unauthorised persons to access the IS and data, which increases the risk of information leakage and security risk, and inadequate ... The Supreme Audit office of the Slovak Republic (SAO SR) has conducted the audit at the Ministry of Environment of the Slovak Republic (ME SR) for the audit period 2011 and 2012 to examine ... ... Started from contracting, ended in security ... and ended in exposing the organization to high security risks. ... The perceptive and filled with findings audit - conducted by the Slovak SAI - discovered the list of issues which started in careless contracting procedures, failure to update the development concept
Full description
Supreme Audit Office of the Slovak Republic
, issued in 2012
Risk cases: 4
Information Technology Cost Estimation Agencies Need to Address Significant Weakness in Policies and Practices
To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
General Accountability Office
, issued in 2012
Risk cases: 4
Report on the government’s processing of confidential data on persons and companies
Rigsrevisionen has examined how eight government institutions process confidential data on persons and companies in 11 selected IT systems. The report is based on IT audits carried out in connection ... with the annual audit in the spring 2014. The purpose of the audit was to assess whether confidential data on persons and companies are adequately protected by the government institutions. ... ... Inadequate protection of confidential data ... If a government institution does not protect confidential data to the extent necessary, the risk that third parties get unauthorized access to the data is very high. In opinion of the Danish SAI ... , inadequate protection of confidential data may also erode the citizens’ and companies’ confidence in government data security. That may eventually become a barrier for the continued efforts to implement ... e-government and make government administration more efficient.
Full description
Rigsrevisionen has examined how eight government institutions process confidential data on persons and companies in 11 selected IT systems. The report is based on IT audits carried out in connection ... with the annual audit in the spring 2014. The purpose of the audit was to assess whether confidential data on persons and companies are adequately protected by the government institutions. ... ... Inadequate protection of confidential data ... If a government institution does not protect confidential data to the extent necessary, the risk that third parties get unauthorized access to the data is very high. In opinion of the Danish SAI ... , inadequate protection of confidential data may also erode the citizens’ and companies’ confidence in government data security. That may eventually become a barrier for the continued efforts to implement ... e-government and make government administration more efficient.
Full description
National Audit Office of Denmark
, issued in 2014
Risk cases: 2
Copyright Office Needs to Develop Plans that Address Technical and Organizational Challenges
The mission of the Copyright Office, a service unit within the Library of Congress, is to promote creativity by administering and sustaining a national copyright system. As part of this mission ... , the Copyright Office registers about 500,000 creative works a year for copyright and records documentation related to copyright transfer and sale. In recent years, the Register of Copyrights has discussed ... the need for a modernized Copyright Office, to include upgrades to the current IT environment. ... No justified investments without IT strategy ... difficult to solve practical problems, but it can also put the overall mission of the Office at risk. ... GAO shows in its report on the US Copyright Office, what is a role of IT strategy in organisaion. Effects can be found at the bottom and at the top: the lack of strategic plan can make it more
Full description
The mission of the Copyright Office, a service unit within the Library of Congress, is to promote creativity by administering and sustaining a national copyright system. As part of this mission ... , the Copyright Office registers about 500,000 creative works a year for copyright and records documentation related to copyright transfer and sale. In recent years, the Register of Copyrights has discussed ... the need for a modernized Copyright Office, to include upgrades to the current IT environment. ... No justified investments without IT strategy ... difficult to solve practical problems, but it can also put the overall mission of the Office at risk. ... GAO shows in its report on the US Copyright Office, what is a role of IT strategy in organisaion. Effects can be found at the bottom and at the top: the lack of strategic plan can make it more
Full description
General Accountability Office
, issued in 2015
Risk cases: 2
Report to the Public AccountsCommittee on mitigation of cyber attacks
have addressed the risk of cyber attacks and whether they have implemented these three security controls. ... This report concerns the action taken by Danish government bodies to prevent cyber attacks. Behaving sensibly in cyberspace to avoid attacks is important, but should be supplemented by technical ... security controls that can increase security and mitigate cyber attacks. International studies have concluded that three central security controls can prevent the majority of the currently known types ... Three basic security measures are often neglected ... Government agencies are open for cyber attacks because they often forget to respect three basic IT security measures. The three measures are: 1. technical restriction on programs downloading; 2 ... . limited use of local administrators rights; 3. systematic software updates.
Full description
have addressed the risk of cyber attacks and whether they have implemented these three security controls. ... This report concerns the action taken by Danish government bodies to prevent cyber attacks. Behaving sensibly in cyberspace to avoid attacks is important, but should be supplemented by technical ... security controls that can increase security and mitigate cyber attacks. International studies have concluded that three central security controls can prevent the majority of the currently known types ... Three basic security measures are often neglected ... Government agencies are open for cyber attacks because they often forget to respect three basic IT security measures. The three measures are: 1. technical restriction on programs downloading; 2 ... . limited use of local administrators rights; 3. systematic software updates.
Full description
National Audit Office of Denmark
, issued in 2013
Risk cases: 3
The Ministry of the Environment lacks a compact information system and still uses 125 separate information systems and databases
of the MoE. The audit identified the following risks: (1) non-existence of the Integrated environmental information system (IEIS) as an independent information system; (2) purchase of ICT, within the budget ... The objective of the audit was to scrutinise the management of funds earmarked for the purchase and administration of ICT within the MoE and selected organisations which come under the management ... chapter of the MoE, through a state co-funded organisation CENIA which comes under the management of the MoE; (3) utilisation of the information systems. The audited period was 2010 to 2013; where relevant ... ... Ministry of the Environment manages 125 information systems and databases ... The Ministry of the Environment (MoE) has for more than 20 years a legal obligation to administer and manage an Integrated Environmental Information System (IEIS). In spite of this fact, the existing ... systems (more than 125 information systems and databases) are designed, implemented and managed as individual information systems without a direct integration into a joint point of reference.
Full description
of the MoE. The audit identified the following risks: (1) non-existence of the Integrated environmental information system (IEIS) as an independent information system; (2) purchase of ICT, within the budget ... The objective of the audit was to scrutinise the management of funds earmarked for the purchase and administration of ICT within the MoE and selected organisations which come under the management ... chapter of the MoE, through a state co-funded organisation CENIA which comes under the management of the MoE; (3) utilisation of the information systems. The audited period was 2010 to 2013; where relevant ... ... Ministry of the Environment manages 125 information systems and databases ... The Ministry of the Environment (MoE) has for more than 20 years a legal obligation to administer and manage an Integrated Environmental Information System (IEIS). In spite of this fact, the existing ... systems (more than 125 information systems and databases) are designed, implemented and managed as individual information systems without a direct integration into a joint point of reference.
Full description
Supreme Audit Office of Czech Republic
, issued in 2015
Risk cases: 7
Opportunities Exist for SEC to Improve Its Controls over Financial Systems and Data
The SEC is responsible for enforcing securities laws, issuing rules and regulations that provide protection for investors, and helping to ensure that the securities markets are fair and honest ... . In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... IT security basics under scrutiny ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information. ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could
Full description
The SEC is responsible for enforcing securities laws, issuing rules and regulations that provide protection for investors, and helping to ensure that the securities markets are fair and honest ... . In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... IT security basics under scrutiny ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information. ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could
Full description
General Accountability Office
, issued in 2016
Risk cases: 5
Performance Audit of the Georgian Government electronic Procurement system
of a high-quality service has a particular importance. <br /> It is noteworthy that establishment of open, transparent and competitive environment for the procurement parties mitigates the risks of corruption ... State procurement is one of the key components of public financial management. Its share in state budget is approximately 25 percent. Effective management of state procurements is an important sphere ... of interest for the State Audit Office. Considering the fact that since 2010 major part of public procurements is being conducted electronically and there is no alternative tool, uninterrupted provision ... ... Electronic procurement system - how effective are management and control mechanisms? ... SAI Georgia analyzed the electronic Government Procurement system. In their report they focus on compliance and security problems, which may harm the business goals and overall mission of the system.
Full description
of a high-quality service has a particular importance. <br /> It is noteworthy that establishment of open, transparent and competitive environment for the procurement parties mitigates the risks of corruption ... State procurement is one of the key components of public financial management. Its share in state budget is approximately 25 percent. Effective management of state procurements is an important sphere ... of interest for the State Audit Office. Considering the fact that since 2010 major part of public procurements is being conducted electronically and there is no alternative tool, uninterrupted provision ... ... Electronic procurement system - how effective are management and control mechanisms? ... SAI Georgia analyzed the electronic Government Procurement system. In their report they focus on compliance and security problems, which may harm the business goals and overall mission of the system.
Full description
State Audit Office Of Georgia
, issued in 2016
Risk cases: 5