20
results found in
11 ms
Page 1
of 2
Federal Human Resources Data
Internal control weaknesses may put mission at risk GAO audited the Enterprise Human Resources Integration payroll data warehose. The American auditors pointed at problems that may impede 'leverage of these data to meet its mission and allow others to make full use' of them. The critical internal contols areas to be improved in this cas are: completeness, accuracy, and validity of information, authorization, documentation, monitoring, results' evaluation.
Full description
Internal control weaknesses may put mission at risk GAO audited the Enterprise Human Resources Integration payroll data warehose. The American auditors pointed at problems that may impede 'leverage of these data to meet its mission and allow others to make full use' of them. The critical internal contols areas to be improved in this cas are: completeness, accuracy, and validity of information, authorization, documentation, monitoring, results' evaluation.
Full description
General Accountability Office
, issued in 2016
Risk cases: 2
Federal Agencies Need to Address Aging Legacy Systems
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
General Accountability Office
, issued in 2016
Risk cases: 3
The National Government Service Centre – Has administration become more effective?
The purpose of this audit has been to investigate whether the Service Centre has made administrative operational support functions taken over from client agencies more effective, and to find ... explanations for the results so far achieved by the Service Centre. The audit has also aspired to illustrate how agencies that do not subscribe to the services regard their potential for doing so ... . These viewpoints have been analysed with a special focus on the conditions that applied to the Service Centre when it was formed and the measures taken by the Government and the Service Centre in the first years. ... ... Has Swedish public administration become more effective? ... The Service Centre – payroll and financial administration IT system for Swedish public agencies under the government – has achieved the target of a subscription rate of 25 per cent of the total ... number of state employees. However, subscription to the Service Centre was initially slower than the Government had predicted and meant lower revenues than expected in autumn 2013. The Service Centre ... then introduced a rigorous review of its expenditure, for example for some planned development initiatives for internal procedures and support systems.<br/>The Swedish NAO noted that the Government’s steering
Full description
The purpose of this audit has been to investigate whether the Service Centre has made administrative operational support functions taken over from client agencies more effective, and to find ... explanations for the results so far achieved by the Service Centre. The audit has also aspired to illustrate how agencies that do not subscribe to the services regard their potential for doing so ... . These viewpoints have been analysed with a special focus on the conditions that applied to the Service Centre when it was formed and the measures taken by the Government and the Service Centre in the first years. ... ... Has Swedish public administration become more effective? ... The Service Centre – payroll and financial administration IT system for Swedish public agencies under the government – has achieved the target of a subscription rate of 25 per cent of the total ... number of state employees. However, subscription to the Service Centre was initially slower than the Government had predicted and meant lower revenues than expected in autumn 2013. The Service Centre ... then introduced a rigorous review of its expenditure, for example for some planned development initiatives for internal procedures and support systems.<br/>The Swedish NAO noted that the Government’s steering
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 2
Lack of information about heavy-duty transports on federal long-distance roads - number of closed bridges increases
Information on heavy-duty Transports The Bundesrechnungshof of Germany revealed that the Federal Ministry of Transport and Digital Infrastructure does not know which routes are particularly affected by heavy-duty transports, since it has not obtained comprehensive information from the state authorities about the heavy-duty transports.
Full description
Information on heavy-duty Transports The Bundesrechnungshof of Germany revealed that the Federal Ministry of Transport and Digital Infrastructure does not know which routes are particularly affected by heavy-duty transports, since it has not obtained comprehensive information from the state authorities about the heavy-duty transports.
Full description
Bundesrechnungshof
, issued in 2016
Risk cases: 1
Cost-intensive data centres stood idle for years
Idle data centres As found by the German SAI, some of costly Federal data centres stood largely idle. The Ministry failed to adequately assess the project risks. The Ministry needs to avoid similar shortcomings in the proposed federal IT consolidation project.
Full description
Idle data centres As found by the German SAI, some of costly Federal data centres stood largely idle. The Ministry failed to adequately assess the project risks. The Ministry needs to avoid similar shortcomings in the proposed federal IT consolidation project.
Full description
Bundesrechnungshof
, issued in 2016
Risk cases: 1
Management of IT security in systems outsourced to external suppliers
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
National Audit Office of Denmark
, issued in 2016
Risk cases: 3
FEMA Needs to Address Management Weaknesses to Improve Its Systems
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
General Accountability Office
, issued in 2016
Risk cases: 4
The Shared Services Centre
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The Australian National Audit Office
, issued in 2016
Risk cases: 2
Maintenance efficiency in the rail network
The primary objective of railway politics is to contribute to ensure that users of the transport service have good railway options. The Norwegian National Rail Administration is organised under ... to evaluate whether the maintenance tasks that fall under the Norwegian National Rail Administration are carried out efficiently, and in such a way that safeguards practical and accessible transportation ... the Ministry of Transport and Communications, and its responsibilities include operation, maintenance and development of the State's railway infrastructure. The maintenance activities must safeguard safety ... ... Rail network maintenance - negative balance of costs and results ... SAI Norway evaluated efficiency of the railway maintenance and found that its costs increased nearly 110 per cent in years 2006–2014. Negative development in uptime and regularity dominated the first ... part of the examined period, from 2006 to 2011. It turned positive from 2011, but in 2014 results were still worse than in 2006. The results have lagged behind the Ministry's target figures for most ... of the period.
Full description
The primary objective of railway politics is to contribute to ensure that users of the transport service have good railway options. The Norwegian National Rail Administration is organised under ... to evaluate whether the maintenance tasks that fall under the Norwegian National Rail Administration are carried out efficiently, and in such a way that safeguards practical and accessible transportation ... the Ministry of Transport and Communications, and its responsibilities include operation, maintenance and development of the State's railway infrastructure. The maintenance activities must safeguard safety ... ... Rail network maintenance - negative balance of costs and results ... SAI Norway evaluated efficiency of the railway maintenance and found that its costs increased nearly 110 per cent in years 2006–2014. Negative development in uptime and regularity dominated the first ... part of the examined period, from 2006 to 2011. It turned positive from 2011, but in 2014 results were still worse than in 2006. The results have lagged behind the Ministry's target figures for most ... of the period.
Full description
Office of the Auditor General of Norway
, issued in 2016
Risk cases: 2
Information security work at nine agencies
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 4