136
results found in
15 ms
Page 5
of 14
Federal Institute for Risk Assessment purchased unnecessary software
Risk of poor requirements management The Germamn SAI audited the Federal Institute for Risk Assessment that introduce a new software. Time of implementation was nearly three times as long as originally scheduled. The costs also nearly trebled. Moreover, the Institute purchased unnecessary licences for expanding the software
Full description
Risk of poor requirements management The Germamn SAI audited the Federal Institute for Risk Assessment that introduce a new software. Time of implementation was nearly three times as long as originally scheduled. The costs also nearly trebled. Moreover, the Institute purchased unnecessary licences for expanding the software
Full description
Bundesrechnungshof
, issued in 2017
Risk cases: 2
The Swedish Transport Administrations support to research and innovation
Robust internal control required to manage innovations The Swedish agency dealing with transport innovations did not use sufficient control over its research funds, shows the audit of the Swedish National Audit Office. The deficiencies include risk analysis, administrative procedures and management of taxpayers' money.
Full description
Robust internal control required to manage innovations The Swedish agency dealing with transport innovations did not use sufficient control over its research funds, shows the audit of the Swedish National Audit Office. The deficiencies include risk analysis, administrative procedures and management of taxpayers' money.
Full description
Swedish National Audit Office
, issued in 2018
Risk cases: 3
Audit of the procurement of ICT products with the potential to be standard products
ICT procurement system reviewed SFAO points out what is critical in ICT procurement. Requirements management is extremely important, as well as procurement strategies for relevant product groups. Legal rules should protect investments and support competition, but they can still be insufficient without appropriate reporting - if you want your system to adapt to changes.
Full description
ICT procurement system reviewed SFAO points out what is critical in ICT procurement. Requirements management is extremely important, as well as procurement strategies for relevant product groups. Legal rules should protect investments and support competition, but they can still be insufficient without appropriate reporting - if you want your system to adapt to changes.
Full description
Swiss Federal Audit Office
, issued in 2015
Risk cases: 4
Information security work at nine agencies
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 4
Parallel Audit on Biometric Passports - Overall Results (anonymised)
A biometric passport (or ePassport) contains biometric information which serves to authenticate the identity of travellers. Biometric passport management is the process of establishing ... and implementing the regulation on standards for security features and biometrics in passports and travel documents issued by the member states. The aim is to develop and maintain efficient and secure biometric ... passport production procedures (see page 5). ... EUROSAI ITWG: Parallel Audit on Biometric Passports ... deficiencies and weaknesses related to the IS/IT system and the IT management. Medium risks have been identified in the area of laws and regulations, cost-benefit realisation and transparency, as well ... Swiss SAI summed up results of audits concluded in seven countries (Belgium, Latvia, Lithuania, Norway, Portugal, Switzerland). The evaluation of the reported results showed that the overall passport ... process is generally under control while a couple of high-risk findings were identified in the non-process-specific assessments. In the non-process-specific assessments, most of the countries found
Full description
A biometric passport (or ePassport) contains biometric information which serves to authenticate the identity of travellers. Biometric passport management is the process of establishing ... and implementing the regulation on standards for security features and biometrics in passports and travel documents issued by the member states. The aim is to develop and maintain efficient and secure biometric ... passport production procedures (see page 5). ... EUROSAI ITWG: Parallel Audit on Biometric Passports ... deficiencies and weaknesses related to the IS/IT system and the IT management. Medium risks have been identified in the area of laws and regulations, cost-benefit realisation and transparency, as well ... Swiss SAI summed up results of audits concluded in seven countries (Belgium, Latvia, Lithuania, Norway, Portugal, Switzerland). The evaluation of the reported results showed that the overall passport ... process is generally under control while a couple of high-risk findings were identified in the non-process-specific assessments. In the non-process-specific assessments, most of the countries found
Full description
Swiss Federal Audit Office
, issued in 2015
Risk cases: 4
Insufficient monitoring of consultancy work in large-scale IT projects
Insufficient monitoring of consultancy work in large-scale IT projects The German Federal Ministry of the Interior did not sufficiently plan, monitor and control consultancy work in two large-scale IT projects, not being thus able to evaluate the amount of work done and pay accordingly. It was recommended by SAI the establishment of a quality management system and its application mandatory for large-scale IT projects
Full description
Insufficient monitoring of consultancy work in large-scale IT projects The German Federal Ministry of the Interior did not sufficiently plan, monitor and control consultancy work in two large-scale IT projects, not being thus able to evaluate the amount of work done and pay accordingly. It was recommended by SAI the establishment of a quality management system and its application mandatory for large-scale IT projects
Full description
Bundesrechnungshof
, issued in 2017
Risk cases: 1
Protection of automatically processed personal data
Over the past few years, a number of legal, management, supervision, information, and methodological issues related to the protection of personal data have piled up. As they have not been fully ... of the Interior, Information Society Development Committee under the Ministry of Transport and Communications, and public establishment Central Project Management Agency. ... resolved,the National Audit Office conducted an audit to assess the efficiency of the protection and supervision of automatically processed personal data and to check whether: - the regulation of personal data ... ... Data protection needs a long term strategy ... Rapid development of information and communication technology continuously brings about issues of personal data protection. Due to lack of long-term vision in this area they are frequently ... not addressed by the existing legislation. Moreover, SAI of Lithuania revealed failures in organization and control of personal data protection by public sector.
Full description
Over the past few years, a number of legal, management, supervision, information, and methodological issues related to the protection of personal data have piled up. As they have not been fully ... of the Interior, Information Society Development Committee under the Ministry of Transport and Communications, and public establishment Central Project Management Agency. ... resolved,the National Audit Office conducted an audit to assess the efficiency of the protection and supervision of automatically processed personal data and to check whether: - the regulation of personal data ... ... Data protection needs a long term strategy ... Rapid development of information and communication technology continuously brings about issues of personal data protection. Due to lack of long-term vision in this area they are frequently ... not addressed by the existing legislation. Moreover, SAI of Lithuania revealed failures in organization and control of personal data protection by public sector.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2013
Risk cases: 2
Audit on the operation of the “Ministry of Finance” Central Budget Chapter
The audit was carried out on the "Ministry of Finance" central budget chapter and covered the period of 2003-2008. One of the audited activities of the Ministry were the IT systems ... and their development and the role of the Hungarian State Treasury within the IT framework of public finances. ... ... Simple receipt: calculate costs, standardize data, divide duties... ... Hungarian Audit Office analyzed in detail fundamentals of proper IT investment taking into account problems of Budget Management System.
Full description
The audit was carried out on the "Ministry of Finance" central budget chapter and covered the period of 2003-2008. One of the audited activities of the Ministry were the IT systems ... and their development and the role of the Hungarian State Treasury within the IT framework of public finances. ... ... Simple receipt: calculate costs, standardize data, divide duties... ... Hungarian Audit Office analyzed in detail fundamentals of proper IT investment taking into account problems of Budget Management System.
Full description
State Audit Office of Hungary
, issued in 2008
Risk cases: 3
Traffic Ticketing information system
The audit included two areas of focus - the environment surrounding the Traffic Ticketing Information System - the System (designed to input, process, manage and collect payment for the traffic ... tickets) and also the internal environment of the System that guarantees the quality of its performance and safety. ... Security can hinder effectiveness ... SAI of Kuwait analysed system supporting collection of the traffic tickets - data input, processing and management. What was found was lack of basic safety measures, that hindered the effectiveness ... of the system.
Full description
The audit included two areas of focus - the environment surrounding the Traffic Ticketing Information System - the System (designed to input, process, manage and collect payment for the traffic ... tickets) and also the internal environment of the System that guarantees the quality of its performance and safety. ... Security can hinder effectiveness ... SAI of Kuwait analysed system supporting collection of the traffic tickets - data input, processing and management. What was found was lack of basic safety measures, that hindered the effectiveness ... of the system.
Full description
State Audit Bureau of Kuwait
, issued in 2014
Risk cases: 3
General and Creation Control of the Information Systems of the Ministry of Foreign Affairs
achieved considerable progress in the management of the information systems. The auditors reviewed and assessed all key elements of the process. ... The objective of the audit was to assess general and creation control of the information systems of the Ministry of Foreign Affairs. Since the beginning of 2009, the Ministry of Foreign Affairs has ... Overview of problems - area by area ... SAI Lithuania looked into all critical elements of a Ministry's information system, starting from IT architecture, through information security to automation of data processing.
Full description
achieved considerable progress in the management of the information systems. The auditors reviewed and assessed all key elements of the process. ... The objective of the audit was to assess general and creation control of the information systems of the Ministry of Foreign Affairs. Since the beginning of 2009, the Ministry of Foreign Affairs has ... Overview of problems - area by area ... SAI Lithuania looked into all critical elements of a Ministry's information system, starting from IT architecture, through information security to automation of data processing.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2013
Risk cases: 4