14
results found in
7 ms
Page 1
of 2
Managing the risk of legacy ICT to public service delivery
The cross-government report describes the case studies from four public services (state pension, Value Added Tax collection, prescription payment and consumer credit licensing services) selected ... to illustrate the range of approaches that small and large government bodies are taking to address the issues arising from legacy ICT (defined as "systems and applications that have been operationally embedded ... within a business function but superseded by newer and more effective technologies or changed business needs"). ... Possible approaches to the problem of 'legacy ICT' ... UK’s government experience in managing the risks connected to legacy ICT provides valuable insight for others facing the same problem and are considering transforming their services.
Full description
The cross-government report describes the case studies from four public services (state pension, Value Added Tax collection, prescription payment and consumer credit licensing services) selected ... to illustrate the range of approaches that small and large government bodies are taking to address the issues arising from legacy ICT (defined as "systems and applications that have been operationally embedded ... within a business function but superseded by newer and more effective technologies or changed business needs"). ... Possible approaches to the problem of 'legacy ICT' ... UK’s government experience in managing the risks connected to legacy ICT provides valuable insight for others facing the same problem and are considering transforming their services.
Full description
National Audit Office
, issued in 2013
Risk cases: 3
State funds spent on development, operation and using of data centres services
The aim of the audit was to scrutinise the management of funds spent on building and operating the national data centre (hereinafter “STC1 data centre”), including the expenditure of selected ... organisational units of the state on buying hosting, server-housing and other related services. The audited period was between 2010 and 2014; where relevant, the preceding period was also scrutinised. Audited ... entities: Ministry of the Interior (“MoI”); Ministry of Finance (“MoF”); STÁTNÍ TISKÁRNA CENIN, state firm (state banknote printing firm, hereinafter “STC” or “the state firm”). The audit was conducted ... ... Risks steming from uncoordinated strategy ... was to guard high quality standards for all crucial IT systems in the state administration. Next consecquences were (among others) risk of uneconomical results of large IT investment and risk of inefficient ... SAI of Czech Republic analysed consequences of failures in strategic IT management at the state level. Lack of coordination and implementation rules reduced practical role of the ministry whose task ... supply of services, as well as opposite results of workforce reduction.
Full description
The aim of the audit was to scrutinise the management of funds spent on building and operating the national data centre (hereinafter “STC1 data centre”), including the expenditure of selected ... organisational units of the state on buying hosting, server-housing and other related services. The audited period was between 2010 and 2014; where relevant, the preceding period was also scrutinised. Audited ... entities: Ministry of the Interior (“MoI”); Ministry of Finance (“MoF”); STÁTNÍ TISKÁRNA CENIN, state firm (state banknote printing firm, hereinafter “STC” or “the state firm”). The audit was conducted ... ... Risks steming from uncoordinated strategy ... was to guard high quality standards for all crucial IT systems in the state administration. Next consecquences were (among others) risk of uneconomical results of large IT investment and risk of inefficient ... SAI of Czech Republic analysed consequences of failures in strategic IT management at the state level. Lack of coordination and implementation rules reduced practical role of the ministry whose task ... supply of services, as well as opposite results of workforce reduction.
Full description
Supreme Audit Office of Czech Republic
, issued in 2015
Risk cases: 7
Information Technology Cost Estimation Agencies Need to Address Significant Weakness in Policies and Practices
To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
General Accountability Office
, issued in 2012
Risk cases: 4
The development and use of identification services in public administration
The audit examined the implementation and coordination of projects aimed at developing identification services in public administration, cooperation among authorities in this area and compliance ... with legislation in procuring services. The audit also examined development, control and monitoring structures regarding identification services. The audit focused on electronic identification services that are used ... in public administration's electronic transactions. ... ... Unhealthy competition linked with lack of coordinatnion and with procurement irregularities ... of Finland identified also risks resulting from lack of horizontal coordination. ... See what may go wrong with the IT public procurement. Check out what is the basis to avoid irregularities or omissions in complying with public procurement legislation. National Audit Office
Full description
The audit examined the implementation and coordination of projects aimed at developing identification services in public administration, cooperation among authorities in this area and compliance ... with legislation in procuring services. The audit also examined development, control and monitoring structures regarding identification services. The audit focused on electronic identification services that are used ... in public administration's electronic transactions. ... ... Unhealthy competition linked with lack of coordinatnion and with procurement irregularities ... of Finland identified also risks resulting from lack of horizontal coordination. ... See what may go wrong with the IT public procurement. Check out what is the basis to avoid irregularities or omissions in complying with public procurement legislation. National Audit Office
Full description
National Audit Office of Finland
, issued in 2008
Risk cases: 3
Audit on the broadband internet infrastructure access
of assumed financing was contracted, namely PLN 3.9 billion. By the end of 2015, Poland should complete the investment and account for the expenses. According to NIK there is a risk that the infrastructure ... Poland has been granted over PLN 4 billion from the European Regional Development Fund to build the broadband internet access infrastructure. As part of three operational programmes 90 percent ... construction will not be completed by the deadline and the EU funds may not be used to the full. ... ... Simpler regulations and better supervision needed ... Polish SAI audited a project, which aim had been to develop broadband internet network across the country. They revealed that legal obstacles, idleness and lack of supervision were the main causes ... of delays. Some of the projects are in danger of not being completed on time and some of the EU funds may not be fully used.
Full description
of assumed financing was contracted, namely PLN 3.9 billion. By the end of 2015, Poland should complete the investment and account for the expenses. According to NIK there is a risk that the infrastructure ... Poland has been granted over PLN 4 billion from the European Regional Development Fund to build the broadband internet access infrastructure. As part of three operational programmes 90 percent ... construction will not be completed by the deadline and the EU funds may not be used to the full. ... ... Simpler regulations and better supervision needed ... Polish SAI audited a project, which aim had been to develop broadband internet network across the country. They revealed that legal obstacles, idleness and lack of supervision were the main causes ... of delays. Some of the projects are in danger of not being completed on time and some of the EU funds may not be fully used.
Full description
Supreme Audit Office of Poland
, issued in 2015
Risk cases: 2
Cyber Attacks: Securing Agencies’ICT Systems
responsibility of agencies, having regard to their business operations and specific risks. In the context of a national government, those risks can range from threats to national security through to the disclosure ... Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... . In the government sector, the Australian Signals Directorate (ASD)3 has estimated that between January and December 2012, there were over 1790 security incidents against Australian Government agencies. Of these, 685 ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
responsibility of agencies, having regard to their business operations and specific risks. In the context of a national government, those risks can range from threats to national security through to the disclosure ... Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... . In the government sector, the Australian Signals Directorate (ASD)3 has estimated that between January and December 2012, there were over 1790 security incidents against Australian Government agencies. Of these, 685 ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
The Australian National Audit Office
, issued in 2014
Risk cases: 3
Management and implementation of 1BestariNet
1BestariNet Service Project (1BestariNet) is an initiative undertaken by the Malaysian Ministry of Education (MOE) to replace and enhance ICT connectivity in schools. It is an enhancement ... to the SchoolNet service which terminated on 31 December 2010 with emphasis on end-to-end solutions (E2E) network services together with Virtual Learning Environment (VLE). Under this project, 10,000 primary ... and secondary public schools in Malaysia are equipped with high-speed 4G Internet access and a virtual learning platform, providing high-speed internet connectivity and access to a world-class Integrated Learning ... ... To answer big risks in IT systems development you need all levels of organisation ... Audit of 1BestariNet is presented by the Malaysian National Audit Department together with other IT projects reviewed. A result is this concise and instructive list of lessons learnt and failures ... to be avoided. To maximize performance and minimize vendor lock-in you need a lot of concerted effort by top and line management, as well as users ready to work with new tools.
Full description
1BestariNet Service Project (1BestariNet) is an initiative undertaken by the Malaysian Ministry of Education (MOE) to replace and enhance ICT connectivity in schools. It is an enhancement ... to the SchoolNet service which terminated on 31 December 2010 with emphasis on end-to-end solutions (E2E) network services together with Virtual Learning Environment (VLE). Under this project, 10,000 primary ... and secondary public schools in Malaysia are equipped with high-speed 4G Internet access and a virtual learning platform, providing high-speed internet connectivity and access to a world-class Integrated Learning ... ... To answer big risks in IT systems development you need all levels of organisation ... Audit of 1BestariNet is presented by the Malaysian National Audit Department together with other IT projects reviewed. A result is this concise and instructive list of lessons learnt and failures ... to be avoided. To maximize performance and minimize vendor lock-in you need a lot of concerted effort by top and line management, as well as users ready to work with new tools.
Full description
National Audit Department of Malaysia
, issued in 2013
Risk cases: 4
Is the project 'E-health in Latvia' a step towards the right direction?
Objective of the audit was to verify efficiency and productivity of the actions by the institutions in charge for implementation of the e-health, as well as to audit economy and productivity of use ... of funds invested in the project for achievement of set objectives and gaining the planned benefits. Audit covered such main questions: 1) Will the e-health policy be able to solve problems and achieve ... the objective? 2) Are the actual activities performed by the National Health Service justified for achievement of the set objectives? 3) Will necessary information security and personal data protection be ensured ... E-health is a step forward in right direction, but not all objectives will be reached! ... Project “E-health in Latvia” supports healthy lifestyle, it will provide valuable and accessible information and will promote more efficient provision of services to patients. It is undoubtedly ... a step towards the right direction then. However, as found the Latvian SAI, the e-health policy will not be implemented within the initially planned scope and deadline and within set data security levels ... , thus the objective of this policy – to promote more effective provision of healthcare services will be attained only partially.
Full description
Objective of the audit was to verify efficiency and productivity of the actions by the institutions in charge for implementation of the e-health, as well as to audit economy and productivity of use ... of funds invested in the project for achievement of set objectives and gaining the planned benefits. Audit covered such main questions: 1) Will the e-health policy be able to solve problems and achieve ... the objective? 2) Are the actual activities performed by the National Health Service justified for achievement of the set objectives? 3) Will necessary information security and personal data protection be ensured ... E-health is a step forward in right direction, but not all objectives will be reached! ... Project “E-health in Latvia” supports healthy lifestyle, it will provide valuable and accessible information and will promote more efficient provision of services to patients. It is undoubtedly ... a step towards the right direction then. However, as found the Latvian SAI, the e-health policy will not be implemented within the initially planned scope and deadline and within set data security levels ... , thus the objective of this policy – to promote more effective provision of healthcare services will be attained only partially.
Full description
State Audit Office of the Republic of Latvia
, issued in 2015
Risk cases: 3
Management of Information Resources of the Ministry of Agriculture
The Ministry of Agriculture of the Republic of Lithuania has managed 32 information systems and registers. Of these, 24 ones are managed, developed and upgraded by a state enterprise subordinate ... to the Ministry of Agriculture, the Agricultural Information and Rural Business Centre. The annual amount allocated by the Ministry for the maintenance of the Centre totals LTL 17.5 million on average ... . The objective of the audit was to assess the general and development controls of the information resources of the Ministry of Agriculture. The audit was conducted at the Ministry of Agriculture and the state ... ... Without appropiate IT management it is hard to achieve reliable, consistent and secure systems for agriculture ... Since 1996 the Ministry has been using information systems of varying complexity for collecting and processing data, including personal data. The Ministry of Agriculture of the Republic of Lithuania ... has managed 32 information systems and registers. SAI of Lithuania revealed that systems were not well mantained what affected use of funds devoted to the systemsand also their legality and security.
Full description
The Ministry of Agriculture of the Republic of Lithuania has managed 32 information systems and registers. Of these, 24 ones are managed, developed and upgraded by a state enterprise subordinate ... to the Ministry of Agriculture, the Agricultural Information and Rural Business Centre. The annual amount allocated by the Ministry for the maintenance of the Centre totals LTL 17.5 million on average ... . The objective of the audit was to assess the general and development controls of the information resources of the Ministry of Agriculture. The audit was conducted at the Ministry of Agriculture and the state ... ... Without appropiate IT management it is hard to achieve reliable, consistent and secure systems for agriculture ... Since 1996 the Ministry has been using information systems of varying complexity for collecting and processing data, including personal data. The Ministry of Agriculture of the Republic of Lithuania ... has managed 32 information systems and registers. SAI of Lithuania revealed that systems were not well mantained what affected use of funds devoted to the systemsand also their legality and security.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2013
Risk cases: 2
Data security and positions with access to confidential information
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... . The 2007 Civil Service Data Information Security Decree (in Dutch: VIR 2007) is the legal foundation of the first part of this audit (data security). The Security Screening Act (in Dutch: WVO ... ) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... ... Shortcomings in information security and in positions with access to confidential information ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information.
Full description
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... . The 2007 Civil Service Data Information Security Decree (in Dutch: VIR 2007) is the legal foundation of the first part of this audit (data security). The Security Screening Act (in Dutch: WVO ... ) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... ... Shortcomings in information security and in positions with access to confidential information ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information.
Full description
Netherlands Court of Audits
, issued in 2012
Risk cases: 3