164
results found in
12 ms
Page 11
of 17
Data security and positions with access to confidential information
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... . The 2007 Civil Service Data Information Security Decree (in Dutch: VIR 2007) is the legal foundation of the first part of this audit (data security). The Security Screening Act (in Dutch: WVO ... ) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... ... Shortcomings in information security and in positions with access to confidential information ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information. ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data
Full description
This government wide audit on information security and positions with access to confidential information has been performed at all ministries ans for each ministry also at one of the agencies ... . The 2007 Civil Service Data Information Security Decree (in Dutch: VIR 2007) is the legal foundation of the first part of this audit (data security). The Security Screening Act (in Dutch: WVO ... ) is the foundation of the second part (positions with access to confidential information). Only four of the organizations we have audited show an acceptible level of compliance with the 2007 Civil Service Data ... ... Shortcomings in information security and in positions with access to confidential information ... protection policy and poor protection of information systems. Also, non vetted positions with access to confidential information. ... Surprising weaknesses were revealed by the NCA in its Government-wide operational audit performed as part of the 2011 audit into the state of central government accounts: Poor quality of data
Full description
Netherlands Court of Audits
, issued in 2012
Risk cases: 3
Maintenance efficiency in the rail network
, fixed assets and operational stability of the railway system. The most important objective for the maintenance is to reduce the scope of operational interruptions, and to facilitate better punctuality ... The primary objective of railway politics is to contribute to ensure that users of the transport service have good railway options. The Norwegian National Rail Administration is organised under ... the Ministry of Transport and Communications, and its responsibilities include operation, maintenance and development of the State's railway infrastructure. The maintenance activities must safeguard safety ... ... Rail network maintenance - negative balance of costs and results ... SAI Norway evaluated efficiency of the railway maintenance and found that its costs increased nearly 110 per cent in years 2006–2014. Negative development in uptime and regularity dominated the first ... part of the examined period, from 2006 to 2011. It turned positive from 2011, but in 2014 results were still worse than in 2006. The results have lagged behind the Ministry's target figures for most ... of the period.
Full description
, fixed assets and operational stability of the railway system. The most important objective for the maintenance is to reduce the scope of operational interruptions, and to facilitate better punctuality ... The primary objective of railway politics is to contribute to ensure that users of the transport service have good railway options. The Norwegian National Rail Administration is organised under ... the Ministry of Transport and Communications, and its responsibilities include operation, maintenance and development of the State's railway infrastructure. The maintenance activities must safeguard safety ... ... Rail network maintenance - negative balance of costs and results ... SAI Norway evaluated efficiency of the railway maintenance and found that its costs increased nearly 110 per cent in years 2006–2014. Negative development in uptime and regularity dominated the first ... part of the examined period, from 2006 to 2011. It turned positive from 2011, but in 2014 results were still worse than in 2006. The results have lagged behind the Ministry's target figures for most ... of the period.
Full description
Office of the Auditor General of Norway
, issued in 2016
Risk cases: 2
Management of Information Resources of the Ministry of the Interior
information systems. Whereas the Ministry has failed to implement some of the public audit recommendations of 2007 and 2010,6 we analysed, whether there have been any positive changes in the field of IT ... Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... management. Their impact is important not only because the Ministry manages 16 information resources, which ensure data availability to the population, efficient activity of the services, and operation ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
information systems. Whereas the Ministry has failed to implement some of the public audit recommendations of 2007 and 2010,6 we analysed, whether there have been any positive changes in the field of IT ... Many activities of the Ministry of the Interior require the use of information resources that are of great significance to the entire State, such as the state and departmental registers, and public ... management. Their impact is important not only because the Ministry manages 16 information resources, which ensure data availability to the population, efficient activity of the services, and operation ... ... Process maturity examination can help in IT audit ... Main risk areas in case of this audit were strategic and organisational - Ministry’s weak ownership of IT resources, insufficient audit and internal control function. SAI Lithuania auditors found ... also flaws in change management and security processes. But the finding, which gave them the key to the root cause of problems, was connected with maturity assessment of the auditee's IT processes.
Full description
National Audit Office of the Republic of Lithuania
, issued in 2016
Risk cases: 4
Improved Planning and Performance Measures Are Needed to Help Ensure Successful Technology Modernization
Massive modernization effort needs coordination Social security issues can touch lives of many. Information technology in this area are increasingly costly and difficult to maintain. GAO is recommending to develop comprehensive metrics to effectively gauge modernization progress; complete comprehensive strategic planning, including its enterprise architecture; and define the new roles and responsibilities to help ensure effective oversight.
Full description
Massive modernization effort needs coordination Social security issues can touch lives of many. Information technology in this area are increasingly costly and difficult to maintain. GAO is recommending to develop comprehensive metrics to effectively gauge modernization progress; complete comprehensive strategic planning, including its enterprise architecture; and define the new roles and responsibilities to help ensure effective oversight.
Full description
General Accountability Office
, issued in 2012
Risk cases: 3
Staff scheduling in government institutions
Scheduling irregular hours work Danish Rigsrevisionen shows in their study problems with staff scheduling in government institutions where employees are required to work irregular hours. Optimized staff scheduling contributed to reducing payroll costs. On the other hand, problems with rearrangement of work, recording working hours, optimisation of staffing levels and analysis of overtime triggers - add up to high costs of workforce. IT is not always used as ally either.
Full description
Scheduling irregular hours work Danish Rigsrevisionen shows in their study problems with staff scheduling in government institutions where employees are required to work irregular hours. Optimized staff scheduling contributed to reducing payroll costs. On the other hand, problems with rearrangement of work, recording working hours, optimisation of staffing levels and analysis of overtime triggers - add up to high costs of workforce. IT is not always used as ally either.
Full description
National Audit Office of Denmark
, issued in 2015
Risk cases: 5
Homeland Security. Oversight of Neglected Human Resources Information Technology Investment Is Needed
Human resources IT investments get stuck in management's lack of interest Although the Human Resources Information Technology (HRIT) investment was initiated about 12 years ago with the intent to consolidate, integrate, and modernize the department's human resources IT infrastructure, the Department of Homeland Security (DHS) has made very limited progress in achieving these goals. HRIT's minimally involved executive steering committee during a time when significant problems were occurring was a key factor in the lack of progress. This is particularly problematic given that the department's ability to efficiently and effectively carry out its mission is significantly hampered by its fragmented human resources. DHS's ineffective management of HRIT, such as the lack of an updated schedule and a life-cycle cost estimate, also contributed to the neglect this investment has experienced. DHS will be limited in efficiently tracking and reporting accurate, comprehensive performance and learning management data across the organization, and could risk further implementation delays.
Full description
Human resources IT investments get stuck in management's lack of interest Although the Human Resources Information Technology (HRIT) investment was initiated about 12 years ago with the intent to consolidate, integrate, and modernize the department's human resources IT infrastructure, the Department of Homeland Security (DHS) has made very limited progress in achieving these goals. HRIT's minimally involved executive steering committee during a time when significant problems were occurring was a key factor in the lack of progress. This is particularly problematic given that the department's ability to efficiently and effectively carry out its mission is significantly hampered by its fragmented human resources. DHS's ineffective management of HRIT, such as the lack of an updated schedule and a life-cycle cost estimate, also contributed to the neglect this investment has experienced. DHS will be limited in efficiently tracking and reporting accurate, comprehensive performance and learning management data across the organization, and could risk further implementation delays.
Full description
US Government Accountability Office
, issued in 2016
Risk cases: 1
Electronic Records. Management and Preservation Pose Challenges
Basics of electronic records management This audit of GAO, reported in 2003, can be helpful in looking for basic problems in electronic records management. These problems are compounded as computer hardware, application software, and even storage media become obsolete, as they may leave behind electronic records that can no longer be read.
Full description
Basics of electronic records management This audit of GAO, reported in 2003, can be helpful in looking for basic problems in electronic records management. These problems are compounded as computer hardware, application software, and even storage media become obsolete, as they may leave behind electronic records that can no longer be read.
Full description
General Accountability Office
, issued in 2003
Risk cases: 7
Has Public Administration Used All Opportunities for Efficient Management of ICT Infrastructure?
Efficient Management of ICT Infrastructure Centralised management of ICT services and infrastructure would allow the institutions to optimise in long run their resources – financial, human, material and technical. However, we observed during the audit that the move towards ICT centralisation and single data centres has ceased. The different ministries and even the institutions subordinated to the same ministry do not cooperate sufficiently with each other regarding the ICT management, maintenance, and infrastructure placement. They rather choose to maintain their own, sometimes even several, data centres.
Full description
Efficient Management of ICT Infrastructure Centralised management of ICT services and infrastructure would allow the institutions to optimise in long run their resources – financial, human, material and technical. However, we observed during the audit that the move towards ICT centralisation and single data centres has ceased. The different ministries and even the institutions subordinated to the same ministry do not cooperate sufficiently with each other regarding the ICT management, maintenance, and infrastructure placement. They rather choose to maintain their own, sometimes even several, data centres.
Full description
State Audit Office of the Republic of Latvia
, issued in 2019
Risk cases: 3
Coordinated Audit on Information Technology Governance
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
IT governance needs awareness and SAIs' support The OLACEFS auditors found that the greatest challenge for the SAIs is to raise the awareness of the audit institutions about the importance of IT governance and the benefits that could be obtained by improving its degree of maturity. The audit was conducted by 11 SAIs and coordinated by TCU of Brasil. They concluded: 'It is important, even urgent, to invest resources to implement or enhance: the IT committees; the IT planning process; strategic IT planning; monitoring the IT contracting process; the business continuity plan; the designation of a responsible person or unit to manage security information; a risk management process; an asset inventory process; an information security committee; and a policy for access control.'
Full description
Risk cases: 5
Steps Needed to Identify Acquisition Training Needs for Non-Acquisition Personnel
Non-Acquisition staff can be crucial for acquisition Despite from hundreds of billions of dollars spent annually to acquire products and services, the US Department of Defense does not full information about staff to be trained. The information is needed about the non-acquisition staff, who can play crucial role in particular acquisitions. As GAO underlines, their identification is necessary to fully understand the training needs and... budget.
Full description
Non-Acquisition staff can be crucial for acquisition Despite from hundreds of billions of dollars spent annually to acquire products and services, the US Department of Defense does not full information about staff to be trained. The information is needed about the non-acquisition staff, who can play crucial role in particular acquisitions. As GAO underlines, their identification is necessary to fully understand the training needs and... budget.
Full description
US Government Accountability Office
, issued in 2019
Risk cases: 4