18
results found in
9 ms
Page 1
of 2
Cyber Attacks: Securing Agencies’ICT Systems
were considered serious enough to warrant a Cyber Security Operations Centre response. <br/> The protection of Australian Government systems and information from unauthorised access and use is a key ... estimated that between January and December 2012Ć, there were over 1790 security incidents against Australian Government agencies. Of these, 685 were considered serious enough to warrant a Cyber Security ... Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
were considered serious enough to warrant a Cyber Security Operations Centre response. <br/> The protection of Australian Government systems and information from unauthorised access and use is a key ... estimated that between January and December 2012Ć, there were over 1790 security incidents against Australian Government agencies. Of these, 685 were considered serious enough to warrant a Cyber Security ... Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
The Australian National Audit Office
, issued in 2014
Risk cases: 3
Information Technology Cost Estimation Agencies Need to Address Significant Weakness in Policies and Practices
and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
General Accountability Office
, issued in 2012
Risk cases: 4
Data security and positions with access to confidential information
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... . The 2007 Civil Service Data Information Security Decree (in Dutch: VIR 2007) is the legal foundation of the first part of this audit (data security). The Security Screening Act (in Dutch: WVO ... Information Security Decree, eight organizations show scope for improvement and nine organizations show an unsatisfactory level of compliance with the 2007 Civil Service Data Information Security Decree. When ... ... Shortcomings in information security and in positions with access to confidential information ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information. ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data
Full description
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... . The 2007 Civil Service Data Information Security Decree (in Dutch: VIR 2007) is the legal foundation of the first part of this audit (data security). The Security Screening Act (in Dutch: WVO ... Information Security Decree, eight organizations show scope for improvement and nine organizations show an unsatisfactory level of compliance with the 2007 Civil Service Data Information Security Decree. When ... ... Shortcomings in information security and in positions with access to confidential information ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information. ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data
Full description
Netherlands Court of Audits
, issued in 2012
Risk cases: 3
Is the project 'E-health in Latvia' a step towards the right direction?
of funds invested in the project for achievement of set objectives and gaining the planned benefits. Audit covered such main questions: 1) Will the e-health policy be able to solve problems and achieve ... the objective? 2) Are the actual activities performed by the National Health Service justified for achievement of the set objectives? 3) Will necessary information security and personal data protection be ensured ... Objective of the audit was to verify efficiency and productivity of the actions by the institutions in charge for implementation of the e-health, as well as to audit economy and productivity of use ... E-health is a step forward in right direction, but not all objectives will be reached! ... a step towards the right direction then. However, as found the Latvian SAI, the e-health policy will not be implemented within the initially planned scope and deadline and within set data security levels ... , thus the objective of this policy – to promote more effective provision of healthcare services will be attained only partially. ... Project “E-health in Latvia” supports healthy lifestyle, it will provide valuable and accessible information and will promote more efficient provision of services to patients. It is undoubtedly
Full description
of funds invested in the project for achievement of set objectives and gaining the planned benefits. Audit covered such main questions: 1) Will the e-health policy be able to solve problems and achieve ... the objective? 2) Are the actual activities performed by the National Health Service justified for achievement of the set objectives? 3) Will necessary information security and personal data protection be ensured ... Objective of the audit was to verify efficiency and productivity of the actions by the institutions in charge for implementation of the e-health, as well as to audit economy and productivity of use ... E-health is a step forward in right direction, but not all objectives will be reached! ... a step towards the right direction then. However, as found the Latvian SAI, the e-health policy will not be implemented within the initially planned scope and deadline and within set data security levels ... , thus the objective of this policy – to promote more effective provision of healthcare services will be attained only partially. ... Project “E-health in Latvia” supports healthy lifestyle, it will provide valuable and accessible information and will promote more efficient provision of services to patients. It is undoubtedly
Full description
State Audit Office of the Republic of Latvia
, issued in 2015
Risk cases: 3
Audit to the Social Security Systems of Collection of Contributions and Quotes and Relationship with Banking and other Entities Engaged in Collection Initiatives
The audit aims to evaluate the effectiveness and efficiency of the processes implemented in respect of the processing schemes of contributions/quotas, whose Wages Statements (WS) entered ... into the system in the first quarter of 2007, test the reliability, stability and confidence level of the application systems developed and the respective values processed in the entire collection circuit ... and respective accounting, and also check compliance with the contracts celebrated with banking entities. ... ... Application level of Social Security IS analyzed ... Processes maturity and automation of controls appeared to be main problems in the system which reliability, stability and confidence level were tested.
Full description
The audit aims to evaluate the effectiveness and efficiency of the processes implemented in respect of the processing schemes of contributions/quotas, whose Wages Statements (WS) entered ... into the system in the first quarter of 2007, test the reliability, stability and confidence level of the application systems developed and the respective values processed in the entire collection circuit ... and respective accounting, and also check compliance with the contracts celebrated with banking entities. ... ... Application level of Social Security IS analyzed ... Processes maturity and automation of controls appeared to be main problems in the system which reliability, stability and confidence level were tested.
Full description
TRIBUNAL DE CONTAS DE PORTUGAL
, issued in 2008
Risk cases: 2
Management of State Information Resources
. Audit procedures were performed in all major institutions which form and implement the policy of information resources: Ministry of Transport and Communications, Ministry of the Interior, Ministry ... The objective of the audit was to assess effectiveness of the management of the state information resources and of the use of their possibilities: suitability of the chosen state resources management ... model; rationality of the use of the State Budget funds when managing information resources; use of the possibilities of the state information resources to improve the performance of the public sector ... Well targeted requirements, interconnected information resources and broad use - why so difficult to be gained? ... The leading idea of the 'Approach to Management of State Information Resources' programme was to entrench a comprehensive management of data resources. After five years preparations, the desired ... momentum was still not the case. SAI Lithuania analysed roots of the problems: concept, poor use of funds, lack of interconnections, unsatified users.
Full description
. Audit procedures were performed in all major institutions which form and implement the policy of information resources: Ministry of Transport and Communications, Ministry of the Interior, Ministry ... The objective of the audit was to assess effectiveness of the management of the state information resources and of the use of their possibilities: suitability of the chosen state resources management ... model; rationality of the use of the State Budget funds when managing information resources; use of the possibilities of the state information resources to improve the performance of the public sector ... Well targeted requirements, interconnected information resources and broad use - why so difficult to be gained? ... The leading idea of the 'Approach to Management of State Information Resources' programme was to entrench a comprehensive management of data resources. After five years preparations, the desired ... momentum was still not the case. SAI Lithuania analysed roots of the problems: concept, poor use of funds, lack of interconnections, unsatified users.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2013
Risk cases: 3
Audit of the Government, Government-guaranteed and Municipal Debt Management Information Systems in the Ministry of Finance of the Republic of Bulgaria
? The audit covered the period from 01.01.2013 to 31.12.2013 and investigated four major areas: IT system strategy and general management; IT security and controls against disasters; Operational controls ... The main audit question studied during the audit was: Are the government, government-guaranteed (SDMS) and municipal debt management information systems (CMDR) at the Ministry of Finance effective ... and Documentation; Application Controls. ... ... Even effective and modern IT systems require improvements and updates to ensure their security and accountability ... the established system is effective and provides updated, complete and correct information. Nevertheless the audit report points out areas of security, application controls as well as documentation as the subjects ... For the management of the government, government-guaranteed and municipal debt the Ministry of Finance has established an advanced integrated information infrastructure. According to Bulgarian SAI ... that need further improvement and optimization.
Full description
? The audit covered the period from 01.01.2013 to 31.12.2013 and investigated four major areas: IT system strategy and general management; IT security and controls against disasters; Operational controls ... The main audit question studied during the audit was: Are the government, government-guaranteed (SDMS) and municipal debt management information systems (CMDR) at the Ministry of Finance effective ... and Documentation; Application Controls. ... ... Even effective and modern IT systems require improvements and updates to ensure their security and accountability ... the established system is effective and provides updated, complete and correct information. Nevertheless the audit report points out areas of security, application controls as well as documentation as the subjects ... For the management of the government, government-guaranteed and municipal debt the Ministry of Finance has established an advanced integrated information infrastructure. According to Bulgarian SAI ... that need further improvement and optimization.
Full description
Bulgarian National Audit Office
, issued in 2014
Risk cases: 3
Digitisation of municipal services
, assessed the significance of and possible obstacles to digitisation of municipal services. The audit examined how the Ministry of Local Government and Modernisation's use of policy instruments contributes ... The purpose of digitisation is to increase the quality and efficiency of public services. It is a goal to make online services the norm for public administration's communication with citizens ... and the private sector. The municipal sector is a significant provider of public services, and digitisation of municipal services is therefore essential for achieving this goal.<br/>The audit surveyed the status ... ... Municipalities have not digitised their services to any extent ... Digitisation increases the quality and efficiency of public services and municipal sector is a significant provider of public services. Report of Riksrevisjonen of Norway shows however ... , that municipalities need a substantial support to execute this demanding task. To provide them with help, the central government has to coordinate own efforts first.
Full description
, assessed the significance of and possible obstacles to digitisation of municipal services. The audit examined how the Ministry of Local Government and Modernisation's use of policy instruments contributes ... The purpose of digitisation is to increase the quality and efficiency of public services. It is a goal to make online services the norm for public administration's communication with citizens ... and the private sector. The municipal sector is a significant provider of public services, and digitisation of municipal services is therefore essential for achieving this goal.<br/>The audit surveyed the status ... ... Municipalities have not digitised their services to any extent ... Digitisation increases the quality and efficiency of public services and municipal sector is a significant provider of public services. Report of Riksrevisjonen of Norway shows however ... , that municipalities need a substantial support to execute this demanding task. To provide them with help, the central government has to coordinate own efforts first.
Full description
Office of the Auditor General of Norway
, issued in 2016
Risk cases: 2
Coordination of Infrastructure Works by Metropolitan Municipalities
of Interior, as administrative trusteeship, improves policies and legal arrangements relating to coordination of infrastructure works to bring in necessary measures with a view to leveraging effectiveness ... Rapid population growth at metropoles as well as dense and planless structuring, especially in İstanbul and Ankara, have lead to an increase in demand for utilities services and consequently ... , in the resources used for the construction and maintenance of utilities. Moreover, in cities with dense population, damages to roads and sidewalks during the construction and maintenance of utilities cause problems ... ... ... Start geographic information system with cooperation rules and digital maps ... Organization of geographic and infrastructure information systems is an especially difficult task when bacause vast and intense coordination is necessary. The Turkisch Court of Accounts lists ... problems that reduce use and rise costs of this fundamental task.
Full description
of Interior, as administrative trusteeship, improves policies and legal arrangements relating to coordination of infrastructure works to bring in necessary measures with a view to leveraging effectiveness ... Rapid population growth at metropoles as well as dense and planless structuring, especially in İstanbul and Ankara, have lead to an increase in demand for utilities services and consequently ... , in the resources used for the construction and maintenance of utilities. Moreover, in cities with dense population, damages to roads and sidewalks during the construction and maintenance of utilities cause problems ... ... ... Start geographic information system with cooperation rules and digital maps ... Organization of geographic and infrastructure information systems is an especially difficult task when bacause vast and intense coordination is necessary. The Turkisch Court of Accounts lists ... problems that reduce use and rise costs of this fundamental task.
Full description
Turkish Court of Accounts
, issued in 2008
Risk cases: 2
Report on the problems connected with the development and implementation of the digitally based Shared Medication Record
ensured an adequate level of IT security? 4) Has the Ministry of Health informed the Finance Committee of the Danish Folketing (parliament) correctly on the development and implementation of the SMR system? ... The purpose of the examination was to assess whether the department of the Danish Ministry of Health, the Danish National eHealth Authority (NHA) and the five regions that are responsible ... for the hospitals have made an adequate effort to develop and implement the Shared Medication Record (SMR). With the SMR, data on the citizens’ medication can be shared across hospitals, general practitioners, etc ... ... Involvement of key participants necessary from the very beginning ... and processes leading to implementation problems, governance not involving key players, and IT security organisation. ... Digitally based Shared Medication Record is basis of the complex healthcare system. Rigsrevisionen analysed unsolved issues related to unclear business case, insufficient analysis of work flows
Full description
ensured an adequate level of IT security? 4) Has the Ministry of Health informed the Finance Committee of the Danish Folketing (parliament) correctly on the development and implementation of the SMR system? ... The purpose of the examination was to assess whether the department of the Danish Ministry of Health, the Danish National eHealth Authority (NHA) and the five regions that are responsible ... for the hospitals have made an adequate effort to develop and implement the Shared Medication Record (SMR). With the SMR, data on the citizens’ medication can be shared across hospitals, general practitioners, etc ... ... Involvement of key participants necessary from the very beginning ... and processes leading to implementation problems, governance not involving key players, and IT security organisation. ... Digitally based Shared Medication Record is basis of the complex healthcare system. Rigsrevisionen analysed unsolved issues related to unclear business case, insufficient analysis of work flows
Full description
National Audit Office of Denmark
, issued in 2014
Risk cases: 2