38
results found in
13 ms
Page 2
of 4
Report on the government’s processing of confidential data on persons and companies
Rigsrevisionen has examined how eight government institutions process confidential data on persons and companies in 11 selected IT systems. The report is based on IT audits carried out in connection ... with the annual audit in the spring 2014. The purpose of the audit was to assess whether confidential data on persons and companies are adequately protected by the government institutions. ... ... Inadequate protection of confidential data ... If a government institution does not protect confidential data to the extent necessary, the risk that third parties get unauthorized access to the data is very high. In opinion of the Danish SAI ... , inadequate protection of confidential data may also erode the citizens’ and companies’ confidence in government data security. That may eventually become a barrier for the continued efforts to implement ... e-government and make government administration more efficient.
Full description
Rigsrevisionen has examined how eight government institutions process confidential data on persons and companies in 11 selected IT systems. The report is based on IT audits carried out in connection ... with the annual audit in the spring 2014. The purpose of the audit was to assess whether confidential data on persons and companies are adequately protected by the government institutions. ... ... Inadequate protection of confidential data ... If a government institution does not protect confidential data to the extent necessary, the risk that third parties get unauthorized access to the data is very high. In opinion of the Danish SAI ... , inadequate protection of confidential data may also erode the citizens’ and companies’ confidence in government data security. That may eventually become a barrier for the continued efforts to implement ... e-government and make government administration more efficient.
Full description
National Audit Office of Denmark
, issued in 2014
Risk cases: 2
The Board of Audit and Inspection (BAI) conducted an audit on the information systems in the area of service delivery to improve the system’s efficiency and convenience.
Korea was recognized as an Information Technology (IT) powerhouse by the international community of the UN in 2010. Such an achievement is attributable to the significant investments that the Korean ... government has commissioned toward improving the country’s information infrastructure within a short period of time.<br/> The government is investing 1 trillion won every year in an e-government project ... for citizens in the welfare and employment sectors by utilizing the renewed information infrastructure.<br/> However, the information system of some government ministries proved to have overlapping functions ... Enormous IT investments require tremendous coordination ... Korean government is investing 1 trillion won in e-government projectsevery year. Thus, the country has earned a reputation for the IT powerhouse. Apart from undeniable advantages, the huge scale ... and the speed, the information technologies are implemented with, cause some problems to be tackled. The SAI Korea turns special atention to two of them: overlapping functionalities and interconnectivity issues.
Full description
Korea was recognized as an Information Technology (IT) powerhouse by the international community of the UN in 2010. Such an achievement is attributable to the significant investments that the Korean ... government has commissioned toward improving the country’s information infrastructure within a short period of time.<br/> The government is investing 1 trillion won every year in an e-government project ... for citizens in the welfare and employment sectors by utilizing the renewed information infrastructure.<br/> However, the information system of some government ministries proved to have overlapping functions ... Enormous IT investments require tremendous coordination ... Korean government is investing 1 trillion won in e-government projectsevery year. Thus, the country has earned a reputation for the IT powerhouse. Apart from undeniable advantages, the huge scale ... and the speed, the information technologies are implemented with, cause some problems to be tackled. The SAI Korea turns special atention to two of them: overlapping functionalities and interconnectivity issues.
Full description
Board of Audit and Inspection of Korea
, issued in 2011
Risk cases: 3
Population registration - uphill quality work
Quality of population register The Swedish NAO notes that quality requirements for population registration are highand that quality work should concentrate on the errors that have the most seriousconsequences for society. They point then at the need to increase knowledge of the errors, improve IT tools and governance to receive more quality work.
Full description
Quality of population register The Swedish NAO notes that quality requirements for population registration are highand that quality work should concentrate on the errors that have the most seriousconsequences for society. They point then at the need to increase knowledge of the errors, improve IT tools and governance to receive more quality work.
Full description
Swedish National Audit Office
, issued in 2017
Risk cases: 4
Federal Agencies Need to Address Aging Legacy Systems
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
Be aware of legacy IT risks The US government spends about 75 percent of the total amount budgeted for information technology on operations and maintenance. GAO reviewed Office of Management and Budget and 26 agencies, covering years 2010 through 2017 and recommends to develop a goal for spending measure and finalize guidance to identify and prioritize legacy IT needing to be modernized or replaced.
Full description
General Accountability Office
, issued in 2016
Risk cases: 3
Housing in England: overview
Efforts to support housing Even if housebuilding in England has not kept pace with need and there has been a reduction in social rented homes, significant advantages can be enjoyed: an increase in home ownership and in the number of private rented homes. The quality of housing improved in recent years too. The National Audit Office has reviewed critical elements of the housing being one of the government's key priorities. Looking for risks, they found that a potential conflict of objectives can lead to tensions in delivery.
Full description
Efforts to support housing Even if housebuilding in England has not kept pace with need and there has been a reduction in social rented homes, significant advantages can be enjoyed: an increase in home ownership and in the number of private rented homes. The quality of housing improved in recent years too. The National Audit Office has reviewed critical elements of the housing being one of the government's key priorities. Looking for risks, they found that a potential conflict of objectives can lead to tensions in delivery.
Full description
National Audit Office
, issued in 2017
Risk cases: 2
Management of IT security in systems outsourced to external suppliers
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
Security to be improved in IT processes outsourced to external suppliers When IT processes are outsourced to external suppliers, the authorities no longer have direct control of the IT security, but remain responsible for managing the security of the IT. Authorities that fail to manage IT security actively based on risk assessments, and omit to monitor the implementation of these requirements, will not be able to determine if the level of IT security in the outsourced systems safeguards their systems and data. This is how the conclusion of the Rigsrevisionen starts. The Danish auditors noticed improvement in the audited entities, but they add that tha majority of the auditees: can refine their requirements for and follow-up on access control and logging practices
Full description
National Audit Office of Denmark
, issued in 2016
Risk cases: 3
Cyber Attacks: Securing Agencies’ICT Systems
Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... . In the government sector, the Australian Signals Directorate (ASD)3 has estimated that between January and December 2012, there were over 1790 security incidents against Australian Government agencies. Of these, 685 ... were considered serious enough to warrant a Cyber Security Operations Centre response. <br/> The protection of Australian Government systems and information from unauthorised access and use is a key ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
Cyber crime is an international problem, and it is estimated that in 2012, 5.4 million Australians fell victim to such crimes, with an estimated cost to the economy of $1.65 billion ... . In the government sector, the Australian Signals Directorate (ASD)3 has estimated that between January and December 2012, there were over 1790 security incidents against Australian Government agencies. Of these, 685 ... were considered serious enough to warrant a Cyber Security Operations Centre response. <br/> The protection of Australian Government systems and information from unauthorised access and use is a key ... ... Cyber-security strategy needs consistent implementation and periodic reviews ... List of 35 mitigation controls against cyber intrusions are a basic tool of information security strategy of the Australian Government. Top four are: 1. application whitelisting, 2. patching ... application, 3. patching operating systems, 4. minimising administrative privileges. Analysis by the ANAO helps to fill gaps and to direct next steps.
Full description
The Australian National Audit Office
, issued in 2014
Risk cases: 3
Recovery of housing allowance - easy to make mistakes
Avoid mistakes in housing allowance recovery Housing allowance recovery rules are complex and outdated. What more, ad hoc changes can result in unpredicted deficiencies. The Swedish NAO found that monitoring and evaluation based analysis is of critical importance to avoid problems on the administration side - and what much more important: on the side of financialy vulnerable households.
Full description
Avoid mistakes in housing allowance recovery Housing allowance recovery rules are complex and outdated. What more, ad hoc changes can result in unpredicted deficiencies. The Swedish NAO found that monitoring and evaluation based analysis is of critical importance to avoid problems on the administration side - and what much more important: on the side of financialy vulnerable households.
Full description
Swedish National Audit Office
, issued in 2018
Risk cases: 4
Working of Inland Container Depots and Container Freight Stations
NEW! Online report on audit of SAI India With this first digital audit report of the Comptroller and Auditor General of India, new chapter has been opened in our profession: the online form is primary versus printable pdf. Advantages: high level of readability, live responsive charts, easy browsing and search of what users find interesting. The reported performance audit concerned 'dry ports', or multimodal logistics centres, which play growing role in domestic and international trade. It shows how gaps in concept and lax attitude to internal control can result on capacities, speed of trade, and enviromental safety.
Full description
NEW! Online report on audit of SAI India With this first digital audit report of the Comptroller and Auditor General of India, new chapter has been opened in our profession: the online form is primary versus printable pdf. Advantages: high level of readability, live responsive charts, easy browsing and search of what users find interesting. The reported performance audit concerned 'dry ports', or multimodal logistics centres, which play growing role in domestic and international trade. It shows how gaps in concept and lax attitude to internal control can result on capacities, speed of trade, and enviromental safety.
Full description
Comptroller and Auditor General of India
, issued in 2017
Risk cases: 5
Central government staff costs
Results of staff reductions The British NAO found that departments had significantly reduced numbers of their civil servants and of course salary costs at the same time. But they reduced staff numbers mainly by minimising recruitment, and the age profile of the civil service has changed. NAO pays a lot attention to what effect this has had on the future pipeline of talent and skills. It reminds also that the departments need long-term operating models to work efficiently with the staff reduced.
Full description
Results of staff reductions The British NAO found that departments had significantly reduced numbers of their civil servants and of course salary costs at the same time. But they reduced staff numbers mainly by minimising recruitment, and the age profile of the civil service has changed. NAO pays a lot attention to what effect this has had on the future pipeline of talent and skills. It reminds also that the departments need long-term operating models to work efficiently with the staff reduced.
Full description
National Audit Office
, issued in 2015
Risk cases: 5