152
results found in
14 ms
Page 15
of 16
Prevention Activities Against Traffic Accidents
Performance Audit Studies covering certain IT Issues related to Prevention Activities Against Traffic Accidents. It aims to contribute to the continuous improvement of prevention activities against ... traffic accidents, which are dramatically leading to loss of life and property. Examination and evaluation of the Traffic Information Systems (TIS) under the traffic control headline. TIS' main purpose ... is to conduct the traffic control activities efficiently with the help of systematic data. Objective of this audit was to contribute to the continuous improvement of prevention activities against traffic ... ... ... You need a way more than IT, to make an IT system successful ... SAI of Turkey examined the Traffic Information Systems and found out that not only IT infrastructure determined the audited IT project's outcomes. There were also non-IT issues that decided: low ... quality of driving education, poor technical infrastruture, as well as lack of monitoring and coordination at prioritization stage.
Full description
Performance Audit Studies covering certain IT Issues related to Prevention Activities Against Traffic Accidents. It aims to contribute to the continuous improvement of prevention activities against ... traffic accidents, which are dramatically leading to loss of life and property. Examination and evaluation of the Traffic Information Systems (TIS) under the traffic control headline. TIS' main purpose ... is to conduct the traffic control activities efficiently with the help of systematic data. Objective of this audit was to contribute to the continuous improvement of prevention activities against traffic ... ... ... You need a way more than IT, to make an IT system successful ... SAI of Turkey examined the Traffic Information Systems and found out that not only IT infrastructure determined the audited IT project's outcomes. There were also non-IT issues that decided: low ... quality of driving education, poor technical infrastruture, as well as lack of monitoring and coordination at prioritization stage.
Full description
Turkish Court of Accounts
, issued in 2008
Risk cases: 4
Federal Human Resources Data
Internal control weaknesses may put mission at risk GAO audited the Enterprise Human Resources Integration payroll data warehose. The American auditors pointed at problems that may impede 'leverage of these data to meet its mission and allow others to make full use' of them. The critical internal contols areas to be improved in this cas are: completeness, accuracy, and validity of information, authorization, documentation, monitoring, results' evaluation.
Full description
Internal control weaknesses may put mission at risk GAO audited the Enterprise Human Resources Integration payroll data warehose. The American auditors pointed at problems that may impede 'leverage of these data to meet its mission and allow others to make full use' of them. The critical internal contols areas to be improved in this cas are: completeness, accuracy, and validity of information, authorization, documentation, monitoring, results' evaluation.
Full description
General Accountability Office
, issued in 2016
Risk cases: 2
The protection of research data at the Danish universities
The protection of research data at the Danish universities It is Rigsrevisionen’s assessment that the five largest universities are not adequately protecting their research data against unknown IT equipment. As a result, foreign actors may relatively easy gain unauthorized access to the universities’ research data.This is not considered satisfactory by Rigsrevisionen. The study shows that the five largest universities have defined guidelines for researchers’ use of software and hardware centrally, but that they have failed to centralise efforts to maintain a satisfactory level of security for research data. This is due mainly to the fact that, at some universities, researchers are allowed to bring their own devices,and at all the universities, researchers are allowed to have local administrator privileges, which gives them access to install software. Additionally, all five universities know of incidents where unknown hardware has been connected to their network.
Full description
The protection of research data at the Danish universities It is Rigsrevisionen’s assessment that the five largest universities are not adequately protecting their research data against unknown IT equipment. As a result, foreign actors may relatively easy gain unauthorized access to the universities’ research data.This is not considered satisfactory by Rigsrevisionen. The study shows that the five largest universities have defined guidelines for researchers’ use of software and hardware centrally, but that they have failed to centralise efforts to maintain a satisfactory level of security for research data. This is due mainly to the fact that, at some universities, researchers are allowed to bring their own devices,and at all the universities, researchers are allowed to have local administrator privileges, which gives them access to install software. Additionally, all five universities know of incidents where unknown hardware has been connected to their network.
Full description
National Audit Office of Denmark
, issued in 2018
Risk cases: 3
Opportunities Exist for FAA to Improve Airport Terminal Area Safety Efforts
Inefficient use of data The US GAO examined various issues related to runway safety and to update its prior work on airport terminal areas. Their findings point at inefficient use of data, which may lead to more risk and to inefficient targeting their limited resources.
Full description
Inefficient use of data The US GAO examined various issues related to runway safety and to update its prior work on airport terminal areas. Their findings point at inefficient use of data, which may lead to more risk and to inefficient targeting their limited resources.
Full description
US Government Accountability Office
, issued in 2019
Risk cases: 3
Information security work at nine agencies
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Difficulties in achieving appropriate IT security Together with the Swedish NAO we assume that the picture that emerges at the agencies audited applies also to most of the other agencies in the public administration. The information security work is not given high enough priority in relation to the risks that exist. This applies to both the Government, which should have been clearer in its directions to agencies on this matter, and to agency managements, which did not give priority to the work of information security to the extent required. Much indicates that it is difficult for many agencies to achieve an appropriate level of information security work.
Full description
Swedish National Audit Office
, issued in 2016
Risk cases: 4
Conflicts of interest
First, recognise the conflicts of interest are a real risk the British NAO gathered a significant amount of intelligence on conflicts, particularly in the health and education sectors. These are areas of government where services are increasingly commissioned and delivered by parties at arm’s-length to departments. Conflicts of interest can occur naturally as a product of the way a system is designed and most often arise from operational situations.
Full description
First, recognise the conflicts of interest are a real risk the British NAO gathered a significant amount of intelligence on conflicts, particularly in the health and education sectors. These are areas of government where services are increasingly commissioned and delivered by parties at arm’s-length to departments. Conflicts of interest can occur naturally as a product of the way a system is designed and most often arise from operational situations.
Full description
National Audit Office
, issued in 2015
Risk cases: 8
Coordinated Audit on Information Technology Governance
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
Risk cases: 5
VA ACQUISITION MANAGEMENT: Supply Chain Management and COVID-19 Response
Pandemic points up weaknesses of procurement solutions US Department of Veterans Affairs acquires hundreds of millions of dollars-worth of medical supplies each year. The Medical-Surgical Prime Vendor-Next Generation (MSPV-NG) is one of its key initiatives to modrnize its processes. GAO auditor pointed in their previous audits that the approach lacked an effective medical supply procurement strategy, clinician involvement, and reliable data systems. In time of the pandemic, the problem seems even more difficult to deal with.
Full description
Pandemic points up weaknesses of procurement solutions US Department of Veterans Affairs acquires hundreds of millions of dollars-worth of medical supplies each year. The Medical-Surgical Prime Vendor-Next Generation (MSPV-NG) is one of its key initiatives to modrnize its processes. GAO auditor pointed in their previous audits that the approach lacked an effective medical supply procurement strategy, clinician involvement, and reliable data systems. In time of the pandemic, the problem seems even more difficult to deal with.
Full description
US Government Accountability Office
, issued in 2019
Risk cases: 4
Online fraud
Uneven response to online fraud This type of fraud can affect everyone, but yet it is not a strategic priority for local police forces and the response from industry is uneven. UK NAO underlines: For too long, as a low-value but high-volume crime, online fraud has been overlooked by government, law enforcement and industry. It is a crime that can affect everyone. Fraud is now the most commonly experienced crime in England and Wales, is growing rapidly and demands an urgent response. Yet fraud is not a strategic priority for local police forces, and the response from industry is uneven.
Full description
Uneven response to online fraud This type of fraud can affect everyone, but yet it is not a strategic priority for local police forces and the response from industry is uneven. UK NAO underlines: For too long, as a low-value but high-volume crime, online fraud has been overlooked by government, law enforcement and industry. It is a crime that can affect everyone. Fraud is now the most commonly experienced crime in England and Wales, is growing rapidly and demands an urgent response. Yet fraud is not a strategic priority for local police forces, and the response from industry is uneven.
Full description
National Audit Office
, issued in 2017
Risk cases: 6
WannaCry Cyber Attack and the NHS
Why the British NHS became a victim of WannaCry The NAO's investigation points at the problem of insufficient powers of the cybersecurity coordinator across the health organisation. As a result no remedial actions were taken, and the cyber attack succeeded thanks to neglected precautions.
Full description
Why the British NHS became a victim of WannaCry The NAO's investigation points at the problem of insufficient powers of the cybersecurity coordinator across the health organisation. As a result no remedial actions were taken, and the cyber attack succeeded thanks to neglected precautions.
Full description
National Audit Office
, issued in 2017
Risk cases: 3