170
results found in
15 ms
Page 10
of 17
Has Public Administration Used All Opportunities for Efficient Management of ICT Infrastructure?
Efficient Management of ICT Infrastructure Centralised management of ICT services and infrastructure would allow the institutions to optimise in long run their resources – financial, human, material and technical. However, we observed during the audit that the move towards ICT centralisation and single data centres has ceased. The different ministries and even the institutions subordinated to the same ministry do not cooperate sufficiently with each other regarding the ICT management, maintenance, and infrastructure placement. They rather choose to maintain their own, sometimes even several, data centres.
Full description
Efficient Management of ICT Infrastructure Centralised management of ICT services and infrastructure would allow the institutions to optimise in long run their resources – financial, human, material and technical. However, we observed during the audit that the move towards ICT centralisation and single data centres has ceased. The different ministries and even the institutions subordinated to the same ministry do not cooperate sufficiently with each other regarding the ICT management, maintenance, and infrastructure placement. They rather choose to maintain their own, sometimes even several, data centres.
Full description
State Audit Office of the Republic of Latvia
, issued in 2019
Risk cases: 3
Management of IT security in systems outsourced to external suppliers
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
National Audit Office of Denmark
, issued in 2016
Risk cases: 3
Software management assessment in local governments and local government educational institutions
Objective of the audit was to verify compliance of software recording and management with regulatory enactments, as well as to assess the effectiveness of software management in local governments ... and local government educational institutions. ... ... Software management assessment in local governments and local government educational institutions ... Manage your software! Local governments and local government education institution neglect basic safety procedures, use outdated or illegal kinds of software, use two and more different software ... for the same function.
Full description
Objective of the audit was to verify compliance of software recording and management with regulatory enactments, as well as to assess the effectiveness of software management in local governments ... and local government educational institutions. ... ... Software management assessment in local governments and local government educational institutions ... Manage your software! Local governments and local government education institution neglect basic safety procedures, use outdated or illegal kinds of software, use two and more different software ... for the same function.
Full description
State Audit Office of the Republic of Latvia
, issued in 2013
Risk cases: 4
THE CYBER SECURITY ENVIRONMENT IN LITHUANIA
The purpose of the audit was to assess whether cyber security is being ensured in Lithuania. In view of this goal, we assessed whether: (1) an effective cyber security system has been set up; (2 ... ) cyber security is ensured in public establishments. During the audit, the SAI Lithuania analysed current regulation, strategic planning and management practices in the field of cyber security ... and electronic information security as well as the funds allocated and used in this area. The SAI evaluated whether the cyber security and electronic information security objectives detailed in planning documents ... ... Cyber-security is much more than preventing incidents ... SAI Lithuania determined that the issue of ensuring and increasing cyber security and resilience has not been effectively addressed at the national level. The focus has primarily been on reacting ... to and preventing incidents in cyber space, which means that traditional issues related to electronic information security (confidentiality, integrity, accessibility) have been neglected, and from 2015, not enough ... attention has been paid to development, legislation, improvement of organisational structure, etc. in this field.
Full description
The purpose of the audit was to assess whether cyber security is being ensured in Lithuania. In view of this goal, we assessed whether: (1) an effective cyber security system has been set up; (2 ... ) cyber security is ensured in public establishments. During the audit, the SAI Lithuania analysed current regulation, strategic planning and management practices in the field of cyber security ... and electronic information security as well as the funds allocated and used in this area. The SAI evaluated whether the cyber security and electronic information security objectives detailed in planning documents ... ... Cyber-security is much more than preventing incidents ... SAI Lithuania determined that the issue of ensuring and increasing cyber security and resilience has not been effectively addressed at the national level. The focus has primarily been on reacting ... to and preventing incidents in cyber space, which means that traditional issues related to electronic information security (confidentiality, integrity, accessibility) have been neglected, and from 2015, not enough ... attention has been paid to development, legislation, improvement of organisational structure, etc. in this field.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2015
Risk cases: 6
Opportunities Exist for SEC to Improve Its Controls over Financial Systems and Data
in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... The SEC is responsible for enforcing securities laws, issuing rules and regulations that provide protection for investors, and helping to ensure that the securities markets are fair and honest ... . In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... IT security basics under scrutiny ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information.
Full description
in place is essential to protecting these systems and the information they contain. <br/> This report details weaknesses GAO identified in the information security program at SEC during its audit ... The SEC is responsible for enforcing securities laws, issuing rules and regulations that provide protection for investors, and helping to ensure that the securities markets are fair and honest ... . In carrying out its mission, the SEC relies on computerized information systems to collect, process, and store sensitive information, including financial data. Having effective information security controls ... IT security basics under scrutiny ... Financial audit by US GAO was accompanied by an IT examination focused on information security measures in the Securities and Exchange Commission (SEC). GAO found that SEC’s systems could ... be compromised, because of risks jeopardizing the confidentiality, integrity, and availability of sensitive financial information.
Full description
General Accountability Office
, issued in 2016
Risk cases: 5
Incorrect payments in social insurance - Control activities of the Swedish Social Insurance Agency
/> The Swedish NAO audited the work of the Government and the Swedish Social Insurance Agency to prevent incorrect payments in the period 2012–2015. The audit focused on the benefits for which the Swedish Social ... Insurance Agency is responsible. The audited benefits account for half of the insurance expenditure, half of the payments that are incorrect and for more than 70 per cent of the amount the Swedish Social ... In 2014 the social insurance system accounted for six per cent of GDP. The long-term sustainability of a system of that magnitude requires that the public perceives its purpose to be important ... Balance of priorities needed to reduce incorrect payments ... Role of social insurance in public finance is so substantial that reduction of incorrect payments' volume is matter of huge savings. The Swedish NAO noted positive initiatives by the Social Insurance ... Agency in this regard. However they found also, that serious problems can stem from giving higher priority to the speed of payment and customers satisfaction. They both are undoubtedly important features ... of each system, still, the prevention of incorrect payments needs strategic support to be really effective.
Full description
/> The Swedish NAO audited the work of the Government and the Swedish Social Insurance Agency to prevent incorrect payments in the period 2012–2015. The audit focused on the benefits for which the Swedish Social ... Insurance Agency is responsible. The audited benefits account for half of the insurance expenditure, half of the payments that are incorrect and for more than 70 per cent of the amount the Swedish Social ... In 2014 the social insurance system accounted for six per cent of GDP. The long-term sustainability of a system of that magnitude requires that the public perceives its purpose to be important ... Balance of priorities needed to reduce incorrect payments ... Role of social insurance in public finance is so substantial that reduction of incorrect payments' volume is matter of huge savings. The Swedish NAO noted positive initiatives by the Social Insurance ... Agency in this regard. However they found also, that serious problems can stem from giving higher priority to the speed of payment and customers satisfaction. They both are undoubtedly important features ... of each system, still, the prevention of incorrect payments needs strategic support to be really effective.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 3
Does the Admin PKI correspond to the original objectives and the needs of the Federal Administration and the Cantons?
The SFAO has audited the Admin PKI, the basic infrastructure and offering for the issuing of digital certificates within the Federal Office of Information Technology, Systems and Telecommunication ... (FOITT). The examination concentrated on assessing the development and current operation as well as future prospects. Admin PKI refers to all processes and the hardware and software needed for issuing ... certificates of different grades. ... Internal coordination can be more difficult than the external one ... A successful project of digital certificates distribution had difficult time when main Government players disagreed.
Full description
The SFAO has audited the Admin PKI, the basic infrastructure and offering for the issuing of digital certificates within the Federal Office of Information Technology, Systems and Telecommunication ... (FOITT). The examination concentrated on assessing the development and current operation as well as future prospects. Admin PKI refers to all processes and the hardware and software needed for issuing ... certificates of different grades. ... Internal coordination can be more difficult than the external one ... A successful project of digital certificates distribution had difficult time when main Government players disagreed.
Full description
Swiss Federal Audit Office
, issued in 2010
Risk cases: 1
Storage of Electronic Documents and Data at the National Archives of Latvia
in electronic form, many years later.<br/> The audit concerning the storage of electronic documents was carried out in order to assess the development of the area of electronic document circulation and storage ... in the country, realising, that NAL have extensive possibilities for improving the storage of electronic documents. Audit was performed in the Ministry of Culture, National Archives of Latvia, Centre for Culture ... Ever since electronic documents with legal force equivalent to that of paper documents have entered our daily lives and the majority of state administration processes have been transferred ... ... Do Archives ensure the storage of e-documents? ... National archives fulfil an important function for storing the documentary heritage and became one of the most important sources of information. But after electronic documents have entered our daily ... lives and majority of state administration processes have been transferred to electronic information systems, the archives still have a lot of work to do for improving the storage of electronic documents ... . SAI Latvia analysed causes of over 12 years with no progress in this domain.
Full description
in electronic form, many years later.<br/> The audit concerning the storage of electronic documents was carried out in order to assess the development of the area of electronic document circulation and storage ... in the country, realising, that NAL have extensive possibilities for improving the storage of electronic documents. Audit was performed in the Ministry of Culture, National Archives of Latvia, Centre for Culture ... Ever since electronic documents with legal force equivalent to that of paper documents have entered our daily lives and the majority of state administration processes have been transferred ... ... Do Archives ensure the storage of e-documents? ... National archives fulfil an important function for storing the documentary heritage and became one of the most important sources of information. But after electronic documents have entered our daily ... lives and majority of state administration processes have been transferred to electronic information systems, the archives still have a lot of work to do for improving the storage of electronic documents ... . SAI Latvia analysed causes of over 12 years with no progress in this domain.
Full description
State Audit Office of the Republic of Latvia
, issued in 2015
Risk cases: 3
Information Technology Cost Estimation Agencies Need to Address Significant Weakness in Policies and Practices
To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
To estimate reliable cost for the sucess of an IT program by providing the basis for the informed decision making and realistic budget information. To assess the extent to which selected departments ... and agencies have appropriately implement costestimating policies an procedures(four caracteristics of a reliable cost estimation: comprehensive, well-documented, accurate, credible). ... IT cost estimation ... Check out what may go wrong with the information technology cost estimation. Results of the US GAO audit can help to identify high risk areas: comprehensiveness of estimations, their documentation ... , lack of adequacy and inadequate implementation.
Full description
General Accountability Office
, issued in 2012
Risk cases: 4
Protection against fraud in migration activities at missions abroad
Migration activities can be a subject to fraud The audit showed that reports on alleged fraud in migration activities at missions abroad increased continually between 2014 and 2017. Altogether about 60 alleged cases of fraud were reported during the period, including selling interview appointments, stolen visa stickers, issuing visas on false grounds and prohibited searches in case management systems. Missions abroad, the Ministry for Foreign Affairs and the Swedish Migration Board are all responsible for migration activities at missions abroad. The division of responsibility between them is sometimes unclear and difficult to assess. According to the Swedish NAO this leads to particular challenges in ensuring satisfactory and common protection against fraud at missions abroad. Ensuring protection is made even more difficult in that the missions abroad vary regarding in terms of size, case volume, case mix and risk exposure. In addition, for the missions abroad the internal control requirements are notsufficiently explicit.
Full description
Migration activities can be a subject to fraud The audit showed that reports on alleged fraud in migration activities at missions abroad increased continually between 2014 and 2017. Altogether about 60 alleged cases of fraud were reported during the period, including selling interview appointments, stolen visa stickers, issuing visas on false grounds and prohibited searches in case management systems. Missions abroad, the Ministry for Foreign Affairs and the Swedish Migration Board are all responsible for migration activities at missions abroad. The division of responsibility between them is sometimes unclear and difficult to assess. According to the Swedish NAO this leads to particular challenges in ensuring satisfactory and common protection against fraud at missions abroad. Ensuring protection is made even more difficult in that the missions abroad vary regarding in terms of size, case volume, case mix and risk exposure. In addition, for the missions abroad the internal control requirements are notsufficiently explicit.
Full description
Swedish National Audit Office
, issued in 2018
Risk cases: 2