79
results found in
10 ms
Page 1
of 8
Cyber Attacks: Securing Agencies’ICT Systems
. In the government sector, the Australian Signals Directorate (ASD)3 has estimated that between January and December 2012, there were over 1790 security incidents against Australian Government agencies. Of these, 685 ... responsibility of agencies, having regard to their business operations and specific risks. In the context of a national government, those risks can range from threats to national security through to the disclosure ... agencies compliance with the four mandatory ICT security strategies and related controls in the Australian Government Information Security Manual (ISM). The audit also considered the overall ICT security ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
. In the government sector, the Australian Signals Directorate (ASD)3 has estimated that between January and December 2012, there were over 1790 security incidents against Australian Government agencies. Of these, 685 ... responsibility of agencies, having regard to their business operations and specific risks. In the context of a national government, those risks can range from threats to national security through to the disclosure ... agencies compliance with the four mandatory ICT security strategies and related controls in the Australian Government Information Security Manual (ISM). The audit also considered the overall ICT security ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
The Australian National Audit Office
, issued in 2014
Risk cases: 3
Federal Agencies Need to Address Aging Legacy Systems
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
General Accountability Office
, issued in 2016
Risk cases: 3
Information security work at nine agencies
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 4
OMB and Agencies Need to Focus Continued Attention on Implementing Reform Law
How to invest efficiently in IT IT investments are large and growing position in annual budgets. Historically, they have frequently failed, incurred cost overruns and schedule slippages, or contributed little to mission-related outcomes. GAO recommendations focus on the oversight and execution of the data center consolidation initiative, the accuracy and reliability of the IT Dashboard, and incremental development policies.
Full description
How to invest efficiently in IT IT investments are large and growing position in annual budgets. Historically, they have frequently failed, incurred cost overruns and schedule slippages, or contributed little to mission-related outcomes. GAO recommendations focus on the oversight and execution of the data center consolidation initiative, the accuracy and reliability of the IT Dashboard, and incremental development policies.
Full description
General Accountability Office
, issued in 2016
Risk cases: 3
Incorrect payments in social insurance - Control activities of the Swedish Social Insurance Agency
/> The Swedish NAO audited the work of the Government and the Swedish Social Insurance Agency to prevent incorrect payments in the period 2012–2015. The audit focused on the benefits for which the Swedish Social ... Insurance Agency is responsible. The audited benefits account for half of the insurance expenditure, half of the payments that are incorrect and for more than 70 per cent of the amount the Swedish Social ... Insurance Agency demands back every year. These benefits are assistance allowance, housing allowance, sickness compensation, parental benefit and temporary parental benefit. The selection is deemed to provide ... Balance of priorities needed to reduce incorrect payments ... Agency in this regard. However they found also, that serious problems can stem from giving higher priority to the speed of payment and customers satisfaction. They both are undoubtedly important features ... Role of social insurance in public finance is so substantial that reduction of incorrect payments' volume is matter of huge savings. The Swedish NAO noted positive initiatives by the Social Insurance ... of each system, still, the prevention of incorrect payments needs strategic support to be really effective.
Full description
/> The Swedish NAO audited the work of the Government and the Swedish Social Insurance Agency to prevent incorrect payments in the period 2012–2015. The audit focused on the benefits for which the Swedish Social ... Insurance Agency is responsible. The audited benefits account for half of the insurance expenditure, half of the payments that are incorrect and for more than 70 per cent of the amount the Swedish Social ... Insurance Agency demands back every year. These benefits are assistance allowance, housing allowance, sickness compensation, parental benefit and temporary parental benefit. The selection is deemed to provide ... Balance of priorities needed to reduce incorrect payments ... Agency in this regard. However they found also, that serious problems can stem from giving higher priority to the speed of payment and customers satisfaction. They both are undoubtedly important features ... Role of social insurance in public finance is so substantial that reduction of incorrect payments' volume is matter of huge savings. The Swedish NAO noted positive initiatives by the Social Insurance ... of each system, still, the prevention of incorrect payments needs strategic support to be really effective.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 3
Information Technology Cost Estimation Agencies Need to Address Significant Weakness in Policies and Practices
and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
General Accountability Office
, issued in 2012
Risk cases: 4
Oversight of law enforcement agencies - An audit of the Swedish Commission on Security and IntegrityProtection
The Swedish NAO audited Commission focusing on integrity across law enforcement agencies. Among findings were: lack of clarity on the administrative support it receives and a risk of tasks unbalanced with capacities. The Commission supervises the following law enforcement agencies; the Police Authority, the Swedish Security Service, the National Economic Crimes Bureau, the Swedish Prosecution Authority and the Swedish Customs Service. The activities of these agencies is to a great extent subject to secrecy and restricted transparency. Consequently, to maintain public confidence it is important that the activities are legally secure and that supervision is appropriate and effective.
Full description
The Swedish NAO audited Commission focusing on integrity across law enforcement agencies. Among findings were: lack of clarity on the administrative support it receives and a risk of tasks unbalanced with capacities. The Commission supervises the following law enforcement agencies; the Police Authority, the Swedish Security Service, the National Economic Crimes Bureau, the Swedish Prosecution Authority and the Swedish Customs Service. The activities of these agencies is to a great extent subject to secrecy and restricted transparency. Consequently, to maintain public confidence it is important that the activities are legally secure and that supervision is appropriate and effective.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: $risks.size()
Security of servers managed by the Danish Agency for Governmental IT Services
Servers are essential part of IT infrastructure. At the same time, they are vulnerable to cyberattacks, because they can be exploited by hackers to gain unauthorized access to the system and steal sensitive information, corrupt data, or cause systems to malfunction. Once the security of a server is compromised, attackers can gain access to other computers and servers across the network. Danish auditors paid attention to risky stages of servers lifecycle. The Danish Agency for Governmental IT Services managed 5,353 servers on behalf of 46 authorities in time of the audit. 537 of these servers were no longer supported by their developers because they have reached the end of their lifecycle.
Full description
Servers are essential part of IT infrastructure. At the same time, they are vulnerable to cyberattacks, because they can be exploited by hackers to gain unauthorized access to the system and steal sensitive information, corrupt data, or cause systems to malfunction. Once the security of a server is compromised, attackers can gain access to other computers and servers across the network. Danish auditors paid attention to risky stages of servers lifecycle. The Danish Agency for Governmental IT Services managed 5,353 servers on behalf of 46 authorities in time of the audit. 537 of these servers were no longer supported by their developers because they have reached the end of their lifecycle.
Full description
National Audit Office of Denmark
, issued in 2023
Risk cases: $risks.size()
FEMA Needs to Address Management Weaknesses to Improve Its Systems
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
Controls in emergency management GAO audited the agency of the Department of Homeland Security, responsible for federal efforts to mitigate, respond to, and recover from disasters. American auditors recommend that the agency fully define its investment board’s roles and responsibilities and procedures for selecting and overseeing investments, update its strategic plan and complete plans for IT modernization, and establish time frames for completing workforce planning efforts. The agency should also establish policies and guidance for implementing key IT management controls.
Full description
General Accountability Office
, issued in 2016
Risk cases: 4
The National Government Service Centre – Has administration become more effective?
The purpose of this audit has been to investigate whether the Service Centre has made administrative operational support functions taken over from client agencies more effective, and to find ... explanations for the results so far achieved by the Service Centre. The audit has also aspired to illustrate how agencies that do not subscribe to the services regard their potential for doing so ... . These viewpoints have been analysed with a special focus on the conditions that applied to the Service Centre when it was formed and the measures taken by the Government and the Service Centre in the first years. ... ... Has Swedish public administration become more effective? ... The Service Centre – payroll and financial administration IT system for Swedish public agencies under the government – has achieved the target of a subscription rate of 25 per cent of the total ... of agencies' subscription to the Service Centre’s services was limited to start with. For example, the Service Centre’s operational targets for subscription did not refer to agency size, which is important ... in achieving economies of scale. In addition, the Government has instructed agencies to review the question of subscription and report their reasons for delaying subscription.
Full description
The purpose of this audit has been to investigate whether the Service Centre has made administrative operational support functions taken over from client agencies more effective, and to find ... explanations for the results so far achieved by the Service Centre. The audit has also aspired to illustrate how agencies that do not subscribe to the services regard their potential for doing so ... . These viewpoints have been analysed with a special focus on the conditions that applied to the Service Centre when it was formed and the measures taken by the Government and the Service Centre in the first years. ... ... Has Swedish public administration become more effective? ... The Service Centre – payroll and financial administration IT system for Swedish public agencies under the government – has achieved the target of a subscription rate of 25 per cent of the total ... of agencies' subscription to the Service Centre’s services was limited to start with. For example, the Service Centre’s operational targets for subscription did not refer to agency size, which is important ... in achieving economies of scale. In addition, the Government has instructed agencies to review the question of subscription and report their reasons for delaying subscription.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 2