135
results found in
16 ms
Page 13
of 14
VAT risk assessment - better use made of information generated by inspections on company premise
Tax inspections may add up to the VAT risk assessment, but... The audit by the German BRH shows that general tax inspections on company premises can also reveal facts that may be relevant for VAT risk assessment. 'However, this information cannot be adequately used for VAT risk assessment because it is not available in electronic format.'
Full description
Tax inspections may add up to the VAT risk assessment, but... The audit by the German BRH shows that general tax inspections on company premises can also reveal facts that may be relevant for VAT risk assessment. 'However, this information cannot be adequately used for VAT risk assessment because it is not available in electronic format.'
Full description
Bundesrechnungshof
, issued in 2016
Risk cases: 1
Management of IT security in systems outsourced to external suppliers
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
National Audit Office of Denmark
, issued in 2016
Risk cases: 3
Smart tax administration system
Smart tax vs. shadow economy Lithuanian taxpayers use the e-services and the Lithuanian state uses a data analytics centre to handle part of the identified data modelling. The smart tax administration project's objetives are to enhance the positive processes. As the SAI Lithuania discovered, due to the implementation weaknesses, however, the project's success may be partially reduced.
Full description
Smart tax vs. shadow economy Lithuanian taxpayers use the e-services and the Lithuanian state uses a data analytics centre to handle part of the identified data modelling. The smart tax administration project's objetives are to enhance the positive processes. As the SAI Lithuania discovered, due to the implementation weaknesses, however, the project's success may be partially reduced.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2019
Risk cases: 5
Management of Information Resources of the Ministry of the Interior
Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... information systems. Whereas the Ministry has failed to implement some of the public audit recommendations of 2007 and 2010,6 we analysed, whether there have been any positive changes in the field of IT ... management. Their impact is important not only because the Ministry manages 16 information resources, which ensure data availability to the population, efficient activity of the services, and operation ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... information systems. Whereas the Ministry has failed to implement some of the public audit recommendations of 2007 and 2010,6 we analysed, whether there have been any positive changes in the field of IT ... management. Their impact is important not only because the Ministry manages 16 information resources, which ensure data availability to the population, efficient activity of the services, and operation ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2016
Risk cases: 4
Insufficient monitoring of consultancy work in large-scale IT projects
Insufficient monitoring of consultancy work in large-scale IT projects The German Federal Ministry of the Interior did not sufficiently plan, monitor and control consultancy work in two large-scale IT projects, not being thus able to evaluate the amount of work done and pay accordingly. It was recommended by SAI the establishment of a quality management system and its application mandatory for large-scale IT projects
Full description
Insufficient monitoring of consultancy work in large-scale IT projects The German Federal Ministry of the Interior did not sufficiently plan, monitor and control consultancy work in two large-scale IT projects, not being thus able to evaluate the amount of work done and pay accordingly. It was recommended by SAI the establishment of a quality management system and its application mandatory for large-scale IT projects
Full description
Bundesrechnungshof
, issued in 2017
Risk cases: 1
Swedish Customs control – an accurate enterprise?
It is better to know your own errors Control activities play an important role in successful work of Customs Service. Lack of thoroughful analysis of own errors can lead to ineffective use of some tools, and as a result, to difficulty in focus identification.
Full description
It is better to know your own errors Control activities play an important role in successful work of Customs Service. Lack of thoroughful analysis of own errors can lead to ineffective use of some tools, and as a result, to difficulty in focus identification.
Full description
Swedish National Audit Office
, issued in 2019
Risk cases: 4
Oversight of law enforcement agencies - An audit of the Swedish Commission on Security and IntegrityProtection
The Swedish NAO audited Commission focusing on integrity across law enforcement agencies. Among findings were: lack of clarity on the administrative support it receives and a risk of tasks unbalanced with capacities. The Commission supervises the following law enforcement agencies; the Police Authority, the Swedish Security Service, the National Economic Crimes Bureau, the Swedish Prosecution Authority and the Swedish Customs Service. The activities of these agencies is to a great extent subject to secrecy and restricted transparency. Consequently, to maintain public confidence it is important that the activities are legally secure and that supervision is appropriate and effective.
Full description
The Swedish NAO audited Commission focusing on integrity across law enforcement agencies. Among findings were: lack of clarity on the administrative support it receives and a risk of tasks unbalanced with capacities. The Commission supervises the following law enforcement agencies; the Police Authority, the Swedish Security Service, the National Economic Crimes Bureau, the Swedish Prosecution Authority and the Swedish Customs Service. The activities of these agencies is to a great extent subject to secrecy and restricted transparency. Consequently, to maintain public confidence it is important that the activities are legally secure and that supervision is appropriate and effective.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: $risks.size()
Audit of the DTI key project Polycom Value Preservation 2030 with a focus on the border security subnetwork
The Swiss Federal Audit Office’s recent review of the Polycom Value Preservation 2030 project highlights effective management and coordination by the Federal Office for Customs and Border Security. Despite the rapid technological transition, the project remains on track for completion by the end of 2024, with dismantling expected by the end of 2025. This audit underscores the project’s robust planning and execution, ensuring Switzerland’s security radio system is up-to-date and reliable. Polycom is the security radio system of Switzerland's authorities and organisations for rescue and security. Due to the manufacturer's change of technology, the system in Switzerland needs to be brought up to date. Parallel operation is necessary as long as both technologies are in use. The Federal Office for Customs and Border Security (FOCBS) is con- tributing around CHF 65 million to this technological development. Together with the Fed- eral Office for Civil Protection (FOCP), the Confederation is investing a total of around CHF 160 million in this project.
Full description
The Swiss Federal Audit Office’s recent review of the Polycom Value Preservation 2030 project highlights effective management and coordination by the Federal Office for Customs and Border Security. Despite the rapid technological transition, the project remains on track for completion by the end of 2024, with dismantling expected by the end of 2025. This audit underscores the project’s robust planning and execution, ensuring Switzerland’s security radio system is up-to-date and reliable. Polycom is the security radio system of Switzerland's authorities and organisations for rescue and security. Due to the manufacturer's change of technology, the system in Switzerland needs to be brought up to date. Parallel operation is necessary as long as both technologies are in use. The Federal Office for Customs and Border Security (FOCBS) is con- tributing around CHF 65 million to this technological development. Together with the Fed- eral Office for Civil Protection (FOCP), the Confederation is investing a total of around CHF 160 million in this project.
Full description
Swiss Federal Audit Office
, issued in 2024
Risk cases: $risks.size()
Information Technology Cost Estimation Agencies Need to Address Significant Weakness in Policies and Practices
To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
General Accountability Office
, issued in 2012
Risk cases: 4
Audit of the key ICT project federal GEVER programme Federal Chancellery
During the first stage, two new GEVER (electronic records and process management) products were procured in an open WTO tender within the framework of the two-product strategy (federal GEVER WTO ... procurement project). CHF 1.6 million was spent on these. The departments and Federal Chancellery (departments/FCh) had to choose one of the two products within three months of the contract being awarded. ... ... Advanced process management system's cost-effectiveness and deadlines at risk ... Ever since 1990, sequential controls and file management have been part of the Federal Administration's IT landscape (GEVER business administration). Significant obstacles have to be overcome ... in order to ensure the successful creation and introduction of GEVER. Previous efforts did not have any widespread success and led to a diverse GEVER landscape. The federal GEVER project has now laid ... the foundations for simplification and centralisation.
Full description
During the first stage, two new GEVER (electronic records and process management) products were procured in an open WTO tender within the framework of the two-product strategy (federal GEVER WTO ... procurement project). CHF 1.6 million was spent on these. The departments and Federal Chancellery (departments/FCh) had to choose one of the two products within three months of the contract being awarded. ... ... Advanced process management system's cost-effectiveness and deadlines at risk ... Ever since 1990, sequential controls and file management have been part of the Federal Administration's IT landscape (GEVER business administration). Significant obstacles have to be overcome ... in order to ensure the successful creation and introduction of GEVER. Previous efforts did not have any widespread success and led to a diverse GEVER landscape. The federal GEVER project has now laid ... the foundations for simplification and centralisation.
Full description
Swiss Federal Audit Office
, issued in 2015
Risk cases: 2