Reports Search Reports Spatial Search Risk-cases Search Risk-cases Graph Traversal
5 results found in 14 ms Page 1 of 1
Data security and positions with access to confidential information
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... . The 2007 Civil Service Data Information Security Decree (in Dutch: VIR 2007) is the legal foundation of the first part of this audit (data security). The Security Screening Act (in Dutch: WVO ... Information Security Decree, eight organizations show scope for improvement and nine organizations show an unsatisfactory level of compliance with the 2007 Civil Service Data Information Security Decree. When ... ... Shortcomings in information security and in positions with access to confidential information ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information.
Full description
Netherlands Court of Audits , issued in 2012
Risk cases: 3
Management of IT security in systems outsourced to external suppliers
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
National Audit Office of Denmark , issued in 2016
Risk cases: 3
Report to the Public AccountsCommittee on mitigation of cyber attacks
security controls that can increase security and mitigate cyber attacks. International studies have concluded that three central security controls can prevent the majority of the currently known types ... have addressed the risk of cyber attacks and whether they have implemented these three security controls. ... This report concerns the action taken by Danish government bodies to prevent cyber attacks. Behaving sensibly in cyberspace to avoid attacks is important, but should be supplemented by technical ... Three basic security measures are often neglected ... Government agencies are open for cyber attacks because they often forget to respect three basic IT security measures. The three measures are: 1. technical restriction on programs downloading; 2 ... . limited use of local administrators rights; 3. systematic software updates.
Full description
National Audit Office of Denmark , issued in 2013
Risk cases: 3
Use of consultants and temporary staff
New skills needed in a longer term UK NAO: Used well, consultants and temporary staff can be an important source of specialist skills and capabilities that are uneconomic for departments to maintain in their permanent staff. Since 2009-10, the government has used spending controls to reduce its use of consultants and temporary staff, and by 2014-15 spending had fallen by £1.5 billion. However, spending has increased by between £400 million and £600 million since 2011-12, suggesting that this was more of a short-term reduction than a sustainable strategy. In the longer term, departments will need to develop workforce, skills and capacity plans to reduce their dependence on external skills. They will need to improve their strategic workforce planning to determine where they can deploy existing staff, where they need to recruit, and where they need to engage temporary resources. Without this, departments cannot demonstrate that they are achieving value for money from the use of consultants and temporary staff.
Full description
National Audit Office , issued in 2016
Risk cases: 7
Digital transformation in government
Support exemplars, provide consistent guidance... and do not lose focus As the NAO states: Government faces significant challenges in providing public services. While many government services are now available online, public administration is struggling to manage more complicated programmes and to improve the complex systems and processes that support public services.
Full description
National Audit Office , issued in 2017
Risk cases: 4
5 results found. Page 1 of 1