118
results found in
13 ms
Page 3
of 12
CRITICAL INFRASTRUCTURE PROTECTION: EPA Urgently Needs a Strategy to Address Cybersecurity Risks to Water and Wastewater Systems
US GAO reviewed cybersecurity threats facing the water sector and the federal government’s efforts to address these threats. Auditors found out problems including: funding prioritization, incident reporting, sector-wide risk assessment and vulnerability self-assessment tool. Recent cyber incidents highlight the vulnerability of the 170,000 water and wastewater systems in the U.S. water sector.
Full description
US GAO reviewed cybersecurity threats facing the water sector and the federal government’s efforts to address these threats. Auditors found out problems including: funding prioritization, incident reporting, sector-wide risk assessment and vulnerability self-assessment tool. Recent cyber incidents highlight the vulnerability of the 170,000 water and wastewater systems in the U.S. water sector.
Full description
US Government Accountability Office
, issued in 2024
Risk cases: $risks.size()
CYBERSECURITY: Implementation of Executive Order Requirements Is Essential to Address Key Actions
GAO continues to review and report status of information security - the high-risk area for more than 25 years already. Special focus is on federal cybersecurity challenges. An average of approximately 31,492 incidents per year for fiscal years 2017 through 2022 were reported by responsible Government bodies. In fiscal year 2022, agencies reported experiencing 30,659 incidents.
Full description
GAO continues to review and report status of information security - the high-risk area for more than 25 years already. Special focus is on federal cybersecurity challenges. An average of approximately 31,492 incidents per year for fiscal years 2017 through 2022 were reported by responsible Government bodies. In fiscal year 2022, agencies reported experiencing 30,659 incidents.
Full description
US Government Accountability Office
, issued in 2024
Risk cases: $risks.size()
Australian Taxation Office: Administration of Australian Business Number Registrations
More elligibility and data integrity needed The Australian Business Number (ABN) and Australian Business Register initiatives were implemented as part of theGovernment's comprehensive reform of the taxation system in 2000. Their introduction involved challenging issues of technology and governance , including the imperative to process and register significant numbers of applications in a short time. Overall, the Australian SAI concluded that the ABN registration process is operating effectively. However, matters relating to the eligibility of some ABN applicants need to be reviewed. Further, some data integrity issues remain outstanding.
Full description
More elligibility and data integrity needed The Australian Business Number (ABN) and Australian Business Register initiatives were implemented as part of theGovernment's comprehensive reform of the taxation system in 2000. Their introduction involved challenging issues of technology and governance , including the imperative to process and register significant numbers of applications in a short time. Overall, the Australian SAI concluded that the ABN registration process is operating effectively. However, matters relating to the eligibility of some ABN applicants need to be reviewed. Further, some data integrity issues remain outstanding.
Full description
The Australian National Audit Office
, issued in 2003
Risk cases: 3
Whether Disclosure of the Public Sector Data Is Ensured
Strategy more important than declarations Why open data are so dificult to become reality? Lithuania possesses the elements required to disclose data but lacks a strategic approach. The report by SAI Lithuania reviews all critical elements of this problem. Most of them look like a pattern reproduced by other countries. And one important thing: the SAI Lithuania opened their own data - exactly on the day of publication of the audit report!
Full description
Strategy more important than declarations Why open data are so dificult to become reality? Lithuania possesses the elements required to disclose data but lacks a strategic approach. The report by SAI Lithuania reviews all critical elements of this problem. Most of them look like a pattern reproduced by other countries. And one important thing: the SAI Lithuania opened their own data - exactly on the day of publication of the audit report!
Full description
National Audit Office of the Republic of Lithuania
, issued in 2016
Risk cases: 9
The protection of research data at the Danish universities
The protection of research data at the Danish universities It is Rigsrevisionen’s assessment that the five largest universities are not adequately protecting their research data against unknown IT equipment. As a result, foreign actors may relatively easy gain unauthorized access to the universities’ research data.This is not considered satisfactory by Rigsrevisionen. The study shows that the five largest universities have defined guidelines for researchers’ use of software and hardware centrally, but that they have failed to centralise efforts to maintain a satisfactory level of security for research data. This is due mainly to the fact that, at some universities, researchers are allowed to bring their own devices,and at all the universities, researchers are allowed to have local administrator privileges, which gives them access to install software. Additionally, all five universities know of incidents where unknown hardware has been connected to their network.
Full description
The protection of research data at the Danish universities It is Rigsrevisionen’s assessment that the five largest universities are not adequately protecting their research data against unknown IT equipment. As a result, foreign actors may relatively easy gain unauthorized access to the universities’ research data.This is not considered satisfactory by Rigsrevisionen. The study shows that the five largest universities have defined guidelines for researchers’ use of software and hardware centrally, but that they have failed to centralise efforts to maintain a satisfactory level of security for research data. This is due mainly to the fact that, at some universities, researchers are allowed to bring their own devices,and at all the universities, researchers are allowed to have local administrator privileges, which gives them access to install software. Additionally, all five universities know of incidents where unknown hardware has been connected to their network.
Full description
National Audit Office of Denmark
, issued in 2018
Risk cases: 3
Actions of national and municipal authorities to ensure the fulfillment of the obligations under the Loan Agreement “Safety Net and Social Sector Reform Program” between the Republic of Latvia and the World Bank
The audit was planned and conducted so as to provide reasonable assurance that the national and municipal authorities have implemented the measures specified in the Program Document and ensured ... the fulfilment of the prescribed performance targets. ... ... Well coordinated information structure is necessary for the unemployment benefits system ... SAI Latvia reviewed the unemployment benefits system and analyzed the cosequences of poor information flow among state and municipalities registers. Findings presented in the report are result ... of effective use of CAAT software.
Full description
The audit was planned and conducted so as to provide reasonable assurance that the national and municipal authorities have implemented the measures specified in the Program Document and ensured ... the fulfilment of the prescribed performance targets. ... ... Well coordinated information structure is necessary for the unemployment benefits system ... SAI Latvia reviewed the unemployment benefits system and analyzed the cosequences of poor information flow among state and municipalities registers. Findings presented in the report are result ... of effective use of CAAT software.
Full description
State Audit Office of Latvia
, issued in 2011
Risk cases: 1
General and Creation Control of the Information Systems of the Ministry of Foreign Affairs
achieved considerable progress in the management of the information systems. The auditors reviewed and assessed all key elements of the process. ... The objective of the audit was to assess general and creation control of the information systems of the Ministry of Foreign Affairs. Since the beginning of 2009, the Ministry of Foreign Affairs has ... Overview of problems - area by area ... SAI Lithuania looked into all critical elements of a Ministry's information system, starting from IT architecture, through information security to automation of data processing.
Full description
achieved considerable progress in the management of the information systems. The auditors reviewed and assessed all key elements of the process. ... The objective of the audit was to assess general and creation control of the information systems of the Ministry of Foreign Affairs. Since the beginning of 2009, the Ministry of Foreign Affairs has ... Overview of problems - area by area ... SAI Lithuania looked into all critical elements of a Ministry's information system, starting from IT architecture, through information security to automation of data processing.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2013
Risk cases: 4
Management and implementation of 1BestariNet
1BestariNet Service Project (1BestariNet) is an initiative undertaken by the Malaysian Ministry of Education (MOE) to replace and enhance ICT connectivity in schools. It is an enhancement ... to the SchoolNet service which terminated on 31 December 2010 with emphasis on end-to-end solutions (E2E) network services together with Virtual Learning Environment (VLE). Under this project, 10,000 primary ... and secondary public schools in Malaysia are equipped with high-speed 4G Internet access and a virtual learning platform, providing high-speed internet connectivity and access to a world-class Integrated Learning ... ... To answer big risks in IT systems development you need all levels of organisation ... Audit of 1BestariNet is presented by the Malaysian National Audit Department together with other IT projects reviewed. A result is this concise and instructive list of lessons learnt and failures ... to be avoided. To maximize performance and minimize vendor lock-in you need a lot of concerted effort by top and line management, as well as users ready to work with new tools.
Full description
1BestariNet Service Project (1BestariNet) is an initiative undertaken by the Malaysian Ministry of Education (MOE) to replace and enhance ICT connectivity in schools. It is an enhancement ... to the SchoolNet service which terminated on 31 December 2010 with emphasis on end-to-end solutions (E2E) network services together with Virtual Learning Environment (VLE). Under this project, 10,000 primary ... and secondary public schools in Malaysia are equipped with high-speed 4G Internet access and a virtual learning platform, providing high-speed internet connectivity and access to a world-class Integrated Learning ... ... To answer big risks in IT systems development you need all levels of organisation ... Audit of 1BestariNet is presented by the Malaysian National Audit Department together with other IT projects reviewed. A result is this concise and instructive list of lessons learnt and failures ... to be avoided. To maximize performance and minimize vendor lock-in you need a lot of concerted effort by top and line management, as well as users ready to work with new tools.
Full description
National Audit Department of Malaysia
, issued in 2013
Risk cases: 4
The Shared Services Centre
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The necessary environment for the efficient management of the Shared Service Center is lacking The department's administration of the Shared Services Centre (SSC) has been effective for sharing resources between the departments and delivering selected back-office services to a small client base. However, the governance arrangements established to oversight the SSC have not positioned it well for the future and the departments have not yet determined if the arrangement is efficient and resulting in savings. ANAO found instances where the advisory board of SSC was not consulted or involved in decisions relating to the strategic direction, financial arrangements and expenditure priorities. Information reported to the board did not focus on areas of strategic importance and the quality and completeness of this information could be improved. The mechanisms established for setting out responsibilities and obligations and ensuring transparency for services delivered by the SSC was weak. Service standards and levels were not fixed and can change. The delineation of responsibilities between the SSC and its clients was not clear and there was no commitment by the SSC to certify the quality of its control framework.
Full description
The Australian National Audit Office
, issued in 2016
Risk cases: 2
HEARING DETECTION AND INTERVENTION: Program Connects Deaf or Hard of Hearing Infants and Children to Services, but Actions Needed to Improve Access
US GAO reviewed Early Hearing Detection and Intervention (EHDI) program and discovered that although there is evidence supporting its effectiveness, some children in need may not have appropriate access to them. The audit findings show among others that measurement of the program performance requires improvement, as well as analysis of its results. About one in every 500 infants is identified as deaf or hard of hearing. Receiving early intervention services can help children meet speech, language, social, and emotional development milestones.
Full description
US GAO reviewed Early Hearing Detection and Intervention (EHDI) program and discovered that although there is evidence supporting its effectiveness, some children in need may not have appropriate access to them. The audit findings show among others that measurement of the program performance requires improvement, as well as analysis of its results. About one in every 500 infants is identified as deaf or hard of hearing. Receiving early intervention services can help children meet speech, language, social, and emotional development milestones.
Full description
US Government Accountability Office
, issued in 2025
Risk cases: $risks.size()