10
results found in
9 ms
Page 1
of 1
Effectiveness of internal controls in the protection of personal data in national databases
The NAO analysed seven national databases in order to find out how the legitimate use of personal data is ensured. In accordance with the Personal Data Protection Act, the agencies who run databases ... must ensure that personal data is protected from abuse. The information system of the database must function appropriately, incl. be reliable and safe. Log files must be retained of all instances ... of viewing, amending, deleting, transmitting of data, etc. These files must allow ex-post determination of who did what, why, when and using which data. In its audit the NAO focused on the functioning ... ... Basic controls analysis can fail in data protection ... Estonian SAI analyzed personal data safety. Main finding were: poor log analysis and unprotected data.
Full description
The NAO analysed seven national databases in order to find out how the legitimate use of personal data is ensured. In accordance with the Personal Data Protection Act, the agencies who run databases ... must ensure that personal data is protected from abuse. The information system of the database must function appropriately, incl. be reliable and safe. Log files must be retained of all instances ... of viewing, amending, deleting, transmitting of data, etc. These files must allow ex-post determination of who did what, why, when and using which data. In its audit the NAO focused on the functioning ... ... Basic controls analysis can fail in data protection ... Estonian SAI analyzed personal data safety. Main finding were: poor log analysis and unprotected data.
Full description
National Audit Office of Estonia
, issued in 2008
Risk cases: 2
Australian Taxation Office: Administration of Australian Business Number Registrations
More elligibility and data integrity needed The Australian Business Number (ABN) and Australian Business Register initiatives were implemented as part of theGovernment's comprehensive reform of the taxation system in 2000. Their introduction involved challenging issues of technology and governance , including the imperative to process and register significant numbers of applications in a short time. Overall, the Australian SAI concluded that the ABN registration process is operating effectively. However, matters relating to the eligibility of some ABN applicants need to be reviewed. Further, some data integrity issues remain outstanding.
Full description
More elligibility and data integrity needed The Australian Business Number (ABN) and Australian Business Register initiatives were implemented as part of theGovernment's comprehensive reform of the taxation system in 2000. Their introduction involved challenging issues of technology and governance , including the imperative to process and register significant numbers of applications in a short time. Overall, the Australian SAI concluded that the ABN registration process is operating effectively. However, matters relating to the eligibility of some ABN applicants need to be reviewed. Further, some data integrity issues remain outstanding.
Full description
The Australian National Audit Office
, issued in 2003
Risk cases: 3
Extract from the report to the Public Accounts Committee on the access to IT systems that support the provision of essential services to the Danish society
access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... ... Inadequate management and control of domain administrator privileges ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges.
Full description
access to the IT systems and data of the institutions. Rigsrevisionen has not examined for what specific purposes unauthorized access to the institutions’ systems and data can be used. ... The report is focused on the significant risk that is associated with inadequate management and control of domain administrator privileges, which makes it possible for unauthorized persons to obtain ... ... Inadequate management and control of domain administrator privileges ... The Danish report concerns the measures - taken by six government institutions of various branches of State activities - to protect IT systems and data that support the provision of essential ... services to the Danish society from unauthorized access, obtained on the basis of domain administrator privileges.
Full description
National Audit Office of Denmark
, issued in 2015
Risk cases: 4
IT security in the Federal Administration
The SFAO has audited the Admin PKI – the basic infrastructure and offering for the issuing of digital certificates – within the Federal Office of Information Technology, Systems and Telecommunication ... (FOITT). The examination concentrated on assessing the development and current operation as well as future prospects. Admin PKI refers to all processes and the hardware and software needed for issuing ... certificates of different grades. ... Technical and organizational deficiencies work together against data security ... Only minor deficiencies were revealed in the Windows environment but only in case of Microsoft products.Providers' lack of both assertiveness and synergy adds to 'the great unknown' of authonomous ... entities' networks.
Full description
The SFAO has audited the Admin PKI – the basic infrastructure and offering for the issuing of digital certificates – within the Federal Office of Information Technology, Systems and Telecommunication ... (FOITT). The examination concentrated on assessing the development and current operation as well as future prospects. Admin PKI refers to all processes and the hardware and software needed for issuing ... certificates of different grades. ... Technical and organizational deficiencies work together against data security ... Only minor deficiencies were revealed in the Windows environment but only in case of Microsoft products.Providers' lack of both assertiveness and synergy adds to 'the great unknown' of authonomous ... entities' networks.
Full description
Swiss Federal Audit Office
, issued in 2011
Risk cases: 4
VETERANS’ HEALTH CARE - Preliminary Observations on VHA’s Claims Processing Delays and Efforts to Improve the Timeliness of Payments to Community Providers
, GAO obtained fiscal year 2015 data on the timeliness of VHA’s, Medicare’s, and TRICARE’s claims processing. GAO visited 4 of 95 VHA claims processing locations (selected on the basis of variation ... Due to increases in expenditures and utilization of VA care in the community services in recent years, VHA has had difficulty processing claims in a timely manner. In planning to consolidate its ... existing VA care in the community programs, as required by law, the agency said it will examine strategies for improving the timeliness and accuracy of its payments to community providers.<br ... Data processing hold back by technology limitation, workload and administrative burden ... US GAO analyzed all factors of slower processing and user unfriendliness that occur sometimes to the veterans healthcare. The main focus is data processing - and it has been proved that it can ... be failing not only because of technology, but also because of work-process design, staff and organisation.
Full description
, GAO obtained fiscal year 2015 data on the timeliness of VHA’s, Medicare’s, and TRICARE’s claims processing. GAO visited 4 of 95 VHA claims processing locations (selected on the basis of variation ... Due to increases in expenditures and utilization of VA care in the community services in recent years, VHA has had difficulty processing claims in a timely manner. In planning to consolidate its ... existing VA care in the community programs, as required by law, the agency said it will examine strategies for improving the timeliness and accuracy of its payments to community providers.<br ... Data processing hold back by technology limitation, workload and administrative burden ... US GAO analyzed all factors of slower processing and user unfriendliness that occur sometimes to the veterans healthcare. The main focus is data processing - and it has been proved that it can ... be failing not only because of technology, but also because of work-process design, staff and organisation.
Full description
General Accountability Office
, issued in 2016
Risk cases: 6
Traffic Ticketing information system
The audit included two areas of focus - the environment surrounding the Traffic Ticketing Information System - the System (designed to input, process, manage and collect payment for the traffic ... tickets) and also the internal environment of the System that guarantees the quality of its performance and safety. ... Security can hinder effectiveness ... SAI of Kuwait analysed system supporting collection of the traffic tickets - data input, processing and management. What was found was lack of basic safety measures, that hindered the effectiveness ... of the system.
Full description
The audit included two areas of focus - the environment surrounding the Traffic Ticketing Information System - the System (designed to input, process, manage and collect payment for the traffic ... tickets) and also the internal environment of the System that guarantees the quality of its performance and safety. ... Security can hinder effectiveness ... SAI of Kuwait analysed system supporting collection of the traffic tickets - data input, processing and management. What was found was lack of basic safety measures, that hindered the effectiveness ... of the system.
Full description
State Audit Bureau of Kuwait
, issued in 2014
Risk cases: 3
Auditing the National Rationing System
The audit was to investigate the data quality, validity and reliability of two sub-systems (Ration Card and Ration Distribution) of a National Rationing System (Ration System) with the comparison ... to the rules and regulations in order to make an assessment of soundness of the Ration system and its related operations. ... Unreliable databases trigger all kinds of possible problems ... Ministry responsible for functioning of the National Rationing System developed to automate and optimize the delivery of essential subsidized commodities to eligible beneficiaries and providing state ... with reliable information fails its job.
Full description
The audit was to investigate the data quality, validity and reliability of two sub-systems (Ration Card and Ration Distribution) of a National Rationing System (Ration System) with the comparison ... to the rules and regulations in order to make an assessment of soundness of the Ration system and its related operations. ... Unreliable databases trigger all kinds of possible problems ... Ministry responsible for functioning of the National Rationing System developed to automate and optimize the delivery of essential subsidized commodities to eligible beneficiaries and providing state ... with reliable information fails its job.
Full description
State Audit Bureau of Kuwait
, issued in 2014
Risk cases: 4
Performance Audit of the Georgian Government electronic Procurement system
of existing data through effective procurement policies and procedures. <br /> Having considered aforementioned factors, SAO conducted performance audit of the Georgian electronic Government Procurement system ... State procurement is one of the key components of public financial management. Its share in state budget is approximately 25 percent. Effective management of state procurements is an important sphere ... of interest for the State Audit Office. Considering the fact that since 2010 major part of public procurements is being conducted electronically and there is no alternative tool, uninterrupted provision ... ... Electronic procurement system - how effective are management and control mechanisms? ... SAI Georgia analyzed the electronic Government Procurement system. In their report they focus on compliance and security problems, which may harm the business goals and overall mission of the system.
Full description
of existing data through effective procurement policies and procedures. <br /> Having considered aforementioned factors, SAO conducted performance audit of the Georgian electronic Government Procurement system ... State procurement is one of the key components of public financial management. Its share in state budget is approximately 25 percent. Effective management of state procurements is an important sphere ... of interest for the State Audit Office. Considering the fact that since 2010 major part of public procurements is being conducted electronically and there is no alternative tool, uninterrupted provision ... ... Electronic procurement system - how effective are management and control mechanisms? ... SAI Georgia analyzed the electronic Government Procurement system. In their report they focus on compliance and security problems, which may harm the business goals and overall mission of the system.
Full description
State Audit Office Of Georgia
, issued in 2016
Risk cases: 5
Audit of the Government, Government-guaranteed and Municipal Debt Management Information Systems in the Ministry of Finance of the Republic of Bulgaria
The main audit question studied during the audit was: Are the government, government-guaranteed (SDMS) and municipal debt management information systems (CMDR) at the Ministry of Finance effective ... ? The audit covered the period from 01.01.2013 to 31.12.2013 and investigated four major areas: IT system strategy and general management; IT security and controls against disasters; Operational controls ... and Documentation; Application Controls. ... ... Even effective and modern IT systems require improvements and updates to ensure their security and accountability ... For the management of the government, government-guaranteed and municipal debt the Ministry of Finance has established an advanced integrated information infrastructure. According to Bulgarian SAI ... the established system is effective and provides updated, complete and correct information. Nevertheless the audit report points out areas of security, application controls as well as documentation as the subjects ... that need further improvement and optimization.
Full description
The main audit question studied during the audit was: Are the government, government-guaranteed (SDMS) and municipal debt management information systems (CMDR) at the Ministry of Finance effective ... ? The audit covered the period from 01.01.2013 to 31.12.2013 and investigated four major areas: IT system strategy and general management; IT security and controls against disasters; Operational controls ... and Documentation; Application Controls. ... ... Even effective and modern IT systems require improvements and updates to ensure their security and accountability ... For the management of the government, government-guaranteed and municipal debt the Ministry of Finance has established an advanced integrated information infrastructure. According to Bulgarian SAI ... the established system is effective and provides updated, complete and correct information. Nevertheless the audit report points out areas of security, application controls as well as documentation as the subjects ... that need further improvement and optimization.
Full description
Bulgarian National Audit Office
, issued in 2014
Risk cases: 3
Audit to the Social Security Systems of Collection of Contributions and Quotes and Relationship with Banking and other Entities Engaged in Collection Initiatives
The audit aims to evaluate the effectiveness and efficiency of the processes implemented in respect of the processing schemes of contributions/quotas, whose Wages Statements (WS) entered ... into the system in the first quarter of 2007, test the reliability, stability and confidence level of the application systems developed and the respective values processed in the entire collection circuit ... and respective accounting, and also check compliance with the contracts celebrated with banking entities. ... ... Application level of Social Security IS analyzed ... Processes maturity and automation of controls appeared to be main problems in the system which reliability, stability and confidence level were tested.
Full description
The audit aims to evaluate the effectiveness and efficiency of the processes implemented in respect of the processing schemes of contributions/quotas, whose Wages Statements (WS) entered ... into the system in the first quarter of 2007, test the reliability, stability and confidence level of the application systems developed and the respective values processed in the entire collection circuit ... and respective accounting, and also check compliance with the contracts celebrated with banking entities. ... ... Application level of Social Security IS analyzed ... Processes maturity and automation of controls appeared to be main problems in the system which reliability, stability and confidence level were tested.
Full description
TRIBUNAL DE CONTAS DE PORTUGAL
, issued in 2008
Risk cases: 2
10
results found.
Page 1
of 1