Reports Search Reports Spatial Search Risk-cases Search Risk-cases Graph Traversal
7 results found in 10 ms Page 1 of 1
The management of the State Property and Funds while Information Systems Building for the Ministry of Defence
of the Ministry of Defence or the Army of the Czech Republic. Operating of information systems is inseparably linked with the communication infrastructure, thus the technological shift to ICT was reviewed also ... The aim of the audit was to examine management during process of extension and modernization of the current information systems and at building of new information systems for the needs ... in this connection. The stationary ICT systems are determined to support management of the Ministry of Defence in period of peace. They are also supposed as a tool of crisis management. The auditing operation covered ... ... Information systems not balanced with infrastructure ... Both organizational changes and inflexibility produce unbalanced plans which cause deiscrepancies between IS and infrastructure.
Full description
Supreme Audit Office , issued in 2005
Risk cases: 2
Report to the Public AccountsCommittee on mitigation of cyber attacks
This report concerns the action taken by Danish government bodies to prevent cyber attacks. Behaving sensibly in cyberspace to avoid attacks is important, but should be supplemented by technical ... security controls that can increase security and mitigate cyber attacks. International studies have concluded that three central security controls can prevent the majority of the currently known types ... of attacks: - technical restriction of download of programmes; - limited use of local administrators; - systematic software updates. Rigsrevisionen has assessed whether the government bodies in the study ... Three basic security measures are often neglected ... Government agencies are open for cyber attacks because they often forget to respect three basic IT security measures. The three measures are: 1. technical restriction on programs downloading; 2 ... . limited use of local administrators rights; 3. systematic software updates.
Full description
National Audit Office of Denmark , issued in 2013
Risk cases: 3
Management and protection of assets in the field of the information-communication technologies at the ME SR
The Supreme Audit office of the Slovak Republic (SAO SR) has conducted the audit at the Ministry of Environment of the Slovak Republic (ME SR) for the audit period 2011 and 2012 to examine ... the compliance with the generally binding legal regulations and the general statues in the field of the information-communication technologies (ICT) and the information systems of the public administration (ISPA ... ) with emphasis on the use of the information technology (IT) services provided by the third parties. The vast amount of irregularities was found, especially many cases of failure to comply with the standards ... ... Started from contracting, ended in security ... The perceptive and filled with findings audit - conducted by the Slovak SAI - discovered the list of issues which started in careless contracting procedures, failure to update the development concept ... and ended in exposing the organization to high security risks.
Full description
Supreme Audit Office of the Slovak Republic , issued in 2012
Risk cases: 4
Management of Information Resources of the Ministry of the Interior
Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... information systems. Whereas the Ministry has failed to implement some of the public audit recommendations of 2007 and 2010,6 we analysed, whether there have been any positive changes in the field of IT ... management. Their impact is important not only because the Ministry manages 16 information resources, which ensure data availability to the population, efficient activity of the services, and operation ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
National Audit Office of the Republic of Lithuania , issued in 2016
Risk cases: 4
General and Creation Control of the Information Systems of the Ministry of Foreign Affairs
The objective of the audit was to assess general and creation control of the information systems of the Ministry of Foreign Affairs. Since the beginning of 2009, the Ministry of Foreign Affairs has ... achieved considerable progress in the management of the information systems. The auditors reviewed and assessed all key elements of the process. ... Overview of problems - area by area ... SAI Lithuania looked into all critical elements of a Ministry's information system, starting from IT architecture, through information security to automation of data processing.
Full description
National Audit Office of the Republic of Lithuania , issued in 2013
Risk cases: 4
IT security in the Federal Administration
The SFAO has audited the Admin PKI – the basic infrastructure and offering for the issuing of digital certificates – within the Federal Office of Information Technology, Systems and Telecommunication ... (FOITT). The examination concentrated on assessing the development and current operation as well as future prospects. Admin PKI refers to all processes and the hardware and software needed for issuing ... certificates of different grades. ... Technical and organizational deficiencies work together against data security ... Only minor deficiencies were revealed in the Windows environment but only in case of Microsoft products.Providers' lack of both assertiveness and synergy adds to 'the great unknown' of authonomous ... entities' networks.
Full description
Swiss Federal Audit Office , issued in 2011
Risk cases: 4
Opportunities Exist for SEC to Improve Its Controls over Financial Systems and Data
The SEC is responsible for enforcing securities laws, issuing rules and regulations that provide protection for investors, and helping to ensure that the securities markets are fair and honest ... . In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... IT security basics under scrutiny ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information.
Full description
General Accountability Office , issued in 2016
Risk cases: 5
7 results found. Page 1 of 1