21
results found in
10 ms
Page 1
of 3
Homeland Security. Oversight of Neglected Human Resources Information Technology Investment Is Needed
Human resources IT investments get stuck in management's lack of interest Although the Human Resources Information Technology (HRIT) investment was initiated about 12 years ago with the intent to consolidate, integrate, and modernize the department's human resources IT infrastructure, the Department of Homeland Security (DHS) has made very limited progress in achieving these goals. HRIT's minimally involved executive steering committee during a time when significant problems were occurring was a key factor in the lack of progress. This is particularly problematic given that the department's ability to efficiently and effectively carry out its mission is significantly hampered by its fragmented human resources. DHS's ineffective management of HRIT, such as the lack of an updated schedule and a life-cycle cost estimate, also contributed to the neglect this investment has experienced. DHS will be limited in efficiently tracking and reporting accurate, comprehensive performance and learning management data across the organization, and could risk further implementation delays.
Full description
Human resources IT investments get stuck in management's lack of interest Although the Human Resources Information Technology (HRIT) investment was initiated about 12 years ago with the intent to consolidate, integrate, and modernize the department's human resources IT infrastructure, the Department of Homeland Security (DHS) has made very limited progress in achieving these goals. HRIT's minimally involved executive steering committee during a time when significant problems were occurring was a key factor in the lack of progress. This is particularly problematic given that the department's ability to efficiently and effectively carry out its mission is significantly hampered by its fragmented human resources. DHS's ineffective management of HRIT, such as the lack of an updated schedule and a life-cycle cost estimate, also contributed to the neglect this investment has experienced. DHS will be limited in efficiently tracking and reporting accurate, comprehensive performance and learning management data across the organization, and could risk further implementation delays.
Full description
US Government Accountability Office
, issued in 2016
Risk cases: 1
FEMA Needs to Address Management Weaknesses to Improve Its Systems
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
General Accountability Office
, issued in 2016
Risk cases: 4
Management of Information Resources of the Ministry of the Interior
works is being implemented7 and the Information Technology and Communications Department under the Ministry of the Interior was appointed one of the four public IT service providers. <br/> The purpose ... of 2016. For data analysis, data from other periods was used. The audit was conducted in the Ministry of the Interior. We also collected information at the Information Technology and Communications ... Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
works is being implemented7 and the Information Technology and Communications Department under the Ministry of the Interior was appointed one of the four public IT service providers. <br/> The purpose ... of 2016. For data analysis, data from other periods was used. The audit was conducted in the Ministry of the Interior. We also collected information at the Information Technology and Communications ... Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2016
Risk cases: 4
Information security work at nine agencies
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 4
VAT risk assessment - better use made of information generated by inspections on company premise
Tax inspections may add up to the VAT risk assessment, but... The audit by the German BRH shows that general tax inspections on company premises can also reveal facts that may be relevant for VAT risk assessment. 'However, this information cannot be adequately used for VAT risk assessment because it is not available in electronic format.'
Full description
Tax inspections may add up to the VAT risk assessment, but... The audit by the German BRH shows that general tax inspections on company premises can also reveal facts that may be relevant for VAT risk assessment. 'However, this information cannot be adequately used for VAT risk assessment because it is not available in electronic format.'
Full description
Bundesrechnungshof
, issued in 2016
Risk cases: 1
Federal Agencies Need to Address Aging Legacy Systems
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
General Accountability Office
, issued in 2016
Risk cases: 3
Lack of information about heavy-duty transports on federal long-distance roads - number of closed bridges increases
Information on heavy-duty Transports The Bundesrechnungshof of Germany revealed that the Federal Ministry of Transport and Digital Infrastructure does not know which routes are particularly affected by heavy-duty transports, since it has not obtained comprehensive information from the state authorities about the heavy-duty transports.
Full description
Information on heavy-duty Transports The Bundesrechnungshof of Germany revealed that the Federal Ministry of Transport and Digital Infrastructure does not know which routes are particularly affected by heavy-duty transports, since it has not obtained comprehensive information from the state authorities about the heavy-duty transports.
Full description
Bundesrechnungshof
, issued in 2016
Risk cases: 1
VETERANS’ HEALTH CARE - Preliminary Observations on VHA’s Claims Processing Delays and Efforts to Improve the Timeliness of Payments to Community Providers
hospital associations. Results from GAO’s analysis are not generalizable to all VHA claims processing locations or community providers. GAO shared the information provided in this statement with VHA ... Due to increases in expenditures and utilization of VA care in the community services in recent years, VHA has had difficulty processing claims in a timely manner. In planning to consolidate its ... existing VA care in the community programs, as required by law, the agency said it will examine strategies for improving the timeliness and accuracy of its payments to community providers.<br ... Data processing hold back by technology limitation, workload and administrative burden ... be failing not only because of technology, but also because of work-process design, staff and organisation. ... US GAO analyzed all factors of slower processing and user unfriendliness that occur sometimes to the veterans healthcare. The main focus is data processing - and it has been proved that it can
Full description
hospital associations. Results from GAO’s analysis are not generalizable to all VHA claims processing locations or community providers. GAO shared the information provided in this statement with VHA ... Due to increases in expenditures and utilization of VA care in the community services in recent years, VHA has had difficulty processing claims in a timely manner. In planning to consolidate its ... existing VA care in the community programs, as required by law, the agency said it will examine strategies for improving the timeliness and accuracy of its payments to community providers.<br ... Data processing hold back by technology limitation, workload and administrative burden ... be failing not only because of technology, but also because of work-process design, staff and organisation. ... US GAO analyzed all factors of slower processing and user unfriendliness that occur sometimes to the veterans healthcare. The main focus is data processing - and it has been proved that it can
Full description
General Accountability Office
, issued in 2016
Risk cases: 6
Opportunities Exist for SEC to Improve Its Controls over Financial Systems and Data
. In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... of the commission’s fiscal years 2015 and 2014 financial statements. GAO’s objective was to determine the effectiveness of information security controls for protecting the confidentiality, integrity, and availability ... IT security basics under scrutiny ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information.
Full description
. In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... of the commission’s fiscal years 2015 and 2014 financial statements. GAO’s objective was to determine the effectiveness of information security controls for protecting the confidentiality, integrity, and availability ... IT security basics under scrutiny ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information.
Full description
General Accountability Office
, issued in 2016
Risk cases: 5
The Shared Services Centre
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The Australian National Audit Office
, issued in 2016
Risk cases: 2