Reports Search Reports Spatial Search Risk-cases Search Risk-cases Graph Traversal
96 results found in 12 ms Page 2 of 10
Effectiveness of internal controls in the protection of personal data in national databases
The NAO analysed seven national databases in order to find out how the legitimate use of personal data is ensured. In accordance with the Personal Data Protection Act, the agencies who run databases ... must ensure that personal data is protected from abuse. The information system of the database must function appropriately, incl. be reliable and safe. Log files must be retained of all instances ... of viewing, amending, deleting, transmitting of data, etc. These files must allow ex-post determination of who did what, why, when and using which data. In its audit the NAO focused on the functioning ... ... Basic controls analysis can fail in data protection ... Estonian SAI analyzed personal data safety. Main finding were: poor log analysis and unprotected data.
Full description
National Audit Office of Estonia , issued in 2008
Risk cases: 2
Recovery of housing allowance - easy to make mistakes
Avoid mistakes in housing allowance recovery Housing allowance recovery rules are complex and outdated. What more, ad hoc changes can result in unpredicted deficiencies. The Swedish NAO found that monitoring and evaluation based analysis is of critical importance to avoid problems on the administration side - and what much more important: on the side of financialy vulnerable households.
Full description
Swedish National Audit Office , issued in 2018
Risk cases: 4
Cyber security of border controls operated by Dutch border guards at Amsterdam Schiphol Airport
Airport prepares for cyber attacks Who does not know the Amsterdam Airport? As put by the Netherlands Court of Audits: the IT systems used for border controls at the Schiphol Airport are in the midst of a process of rapid development. The auditors reviewed the process and pointed at necessity of formal certification and better mechanism of information analysis. The report picutres also the organisation of the controls - must read for all frequent fliers
Full description
Netherlands Court of Audits , issued in 2020
Risk cases: 8
Staff scheduling in government institutions
Scheduling irregular hours work Danish Rigsrevisionen shows in their study problems with staff scheduling in government institutions where employees are required to work irregular hours. Optimized staff scheduling contributed to reducing payroll costs. On the other hand, problems with rearrangement of work, recording working hours, optimisation of staffing levels and analysis of overtime triggers - add up to high costs of workforce. IT is not always used as ally either.
Full description
National Audit Office of Denmark , issued in 2015
Risk cases: 5
Audit on the current management and supervision of information protection and cyber security in the financial sector
- Evaluation of management and supervision of information protection and cyber security in the financial sector - Evaluation of current state of security management system in the financial sector ... - Based on a sample of 10 public institutions and 9 financial institutions. ... Information Protection and cyber security in the financial sector ... SAI Korea reviewed 10 public and nine financial institutions. Their analysis shows how the lack of evaluation at management level can result in decrease of stakeholders' confidence or even ... in economic damage.
Full description
Board of Audit and Inspection of Korea , issued in 2011
Risk cases: 2
Evaluation of the effectiveness of implementation and compliance with regulatory enactments and the legal framework of the project “E-government Portfolio”
The objective of the audit is to evaluate the effectiveness of implementation and compliance with regulatory enactments and the legal framework of the project “Egovernment Portfolio” of the national ... programme of the European Regional Development Fund (hereinafter: ERDF) of the European Union (hereinafter: EU), “Development and improvement of the infrastructural foundation for electronic governance”. ... ... Funds to absorb but no efficient project methodology? Be prepared for troubles ... Wide list of problems that can be met when more care is received by 'absorb funds' objective than by clear vision what and how can be improved. SAI Latvia's analysis shows how dangerous it can ... be for both effectiveness and financial management.
Full description
State Audit Office of Latvia , issued in 2010
Risk cases: 3
Business Continuity Management
Business Continuity Management is a process whereby all necessary measures are taken to ensure that a company can accomplish its core tasks on time even in extraordinary situations. The Swiss Federal ... Audit Office (SFAO) previously carried out a cross-section audit in 2009 on the BCM measures at nine administrative units of the central Federal Administration. This year’s audit focused ... on the decentralised Federal Administration as well as the Swiss Federal Railways (rail transport and ticket sales) and Swiss Post (PostFinance, Swiss Post Solutions, PostBus). ... ... A cross-section audit on business continuity management (BCM) ... The audit points, among others, at a necessary but difficult process chain: Policy - Analysis - Strategy - Planning - Training.
Full description
Swiss Federal Audit Office , issued in 2010
Risk cases: 1
Lessons learned from government ICT-projects
This audit has been performed on request of the Dutch parliament. Some newspapers mentioned government losses of four to five billion euro's on a yearly bases. These news items caused the parliament ... to request this audit. The audit has been performed in only 5 months time and consisted of the re-use of earlier performed audits. We have 'recycled' earlier findings about ICT-projects. ... 'Expensive' does not always mean 'High Quality', so... do not feed the spiral ... Excellent analysis of systemic errors commited when designing Government IT projects. The report aims at the essence of problems which are encountered far from information technologies - in: politics ... , business, psychology... Do not be mislead by date of report, it is evergreen for all who really want to know why IT projects fail.
Full description
Netherlands Court of Audits , issued in 2007
Risk cases: 3
Management of Police Information Resources
, monitoring, evaluation and coordination and other aspects of registers and IS strategic management. The audited period was 2012-2014. For the analysis, there were used previous data and data of 2015 ... Police tasks of the necessary data are processed departmental registers, information systems, automated data processing systems and networks where information is stored, processed and transferred ... to the classified information. The police department has all of these information resources, so the audit focused on the activities and actions of the Department to ensure planning and organizing of the recourses ... ... Fundamentals of IT organisation ... Review by SAI Lithuania makes readers aware that nowadays it is difficult to develop a larger IT system without whole conceptual infrastracture: planning composed into strategy of the organisation ... and well understood architecture of information. Well functioning IT management structures, which on the other hand may sound trivial, were proved here as the key to success.
Full description
National Audit Office of the Republic of Lithuania , issued in 2015
Risk cases: 4
Report on the problems connected with the development and implementation of the digitally based Shared Medication Record
The purpose of the examination was to assess whether the department of the Danish Ministry of Health, the Danish National eHealth Authority (NHA) and the five regions that are responsible ... for the hospitals have made an adequate effort to develop and implement the Shared Medication Record (SMR). With the SMR, data on the citizens’ medication can be shared across hospitals, general practitioners, etc ... . and relevant health staff and the patients have direct digital access to updated medical data round the clock. The report answers the following questions: 1) Has the Ministry of Health and the NHA provided ... ... Involvement of key participants necessary from the very beginning ... Digitally based Shared Medication Record is basis of the complex healthcare system. Rigsrevisionen analysed unsolved issues related to unclear business case, insufficient analysis of work flows ... and processes leading to implementation problems, governance not involving key players, and IT security organisation.
Full description
National Audit Office of Denmark , issued in 2014
Risk cases: 2
previous 96 results found. Page 2 of 10 next