1 Algemene Rekenkamer | Postbus 20015 | 2500 EA Den Haag Data security and positions with access to confidential information.

Slides:



Advertisements
Similar presentations
Supported by navigating to excellence through personal support.
Advertisements

Security of eGovernment, European Parliament, Brussels 2013 Max Snijder, Linda Kool, Geert Munnichs L Kool | 1 19 February 2013 Findings from the ePassport.
Leveraging National Marketing Information Systems and the Regional Food Balance Sheet. Presentation by: Janet Kalulu Ngombalu Marketing information systems.
Linda Bounds Vice President of Financial Services.
Audit Guidance Using the Federal Information System Controls Audit Manual (FISCAM) to Achieve Audit Objectives in Financial and Performance Audits Mickie.
NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.
Brian Bradley.  Data is any type of stored digital information.  Security is about the protection of assets.  Prevention: measures taken to protect.
Isle of Wight Local Safeguarding Children Board Roles And Responsibilities.
Switzerland's Financial Sector: The Role of the Swiss National Bank Thomas Moser Alternate Member of the Governing Board Swiss National Bank.
Security issues in the Cloud Presentation for CloudCamp 2012 (Lagos) Christopher Odutola FVC Inc. Dubai.
Information Assurance and Information Sharing IMKS Public Sector Forum 7 February 2011 Clare Cowling, Senior Information Governance Adviser Transport for.
CIO Training Model Pravit Khaemasunun College of Innovation Thammasat University.
U.S. Department of Agriculture eGovernment Program December 3, 2003 eAuthentication Initiative USDA eAuthentication Service Overview eGovernment Program.
1 Algemene Rekenkamer | Postbus | 2500 EA Den Haag Audit of Public Private Partnerships Introduction and international Experiences Freek Hoek, Netherlands.
Financial Conglomerates, What are the Inherent Risks? 2006 CIAB Conference Port-of-Spain, Trinidad & Tobago November 16, 2006 Thordur Olafsson, CARTAC.
Ministry of Foreign Affairs of Republic of Macedonia. National Visa Information System National Visa Information System Marica Ristevska N-VIS Parameter.
Private and Confidential. Levels of Identity Verification Is this person who they claim to be? Knowledge based Authentication Is this a real identity?
ICT Standards and Guidelines Findings and Recommendations B. Chatterjee Chief Technology Officer, CNSI.
Thomas Levy. Agenda 1.Aims: Reducing Cyber Risk 2.Information Risk Management 3.Secure Configuration 4.Network Security 5.Managing User Access 6.Education.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
1 Algemene Rekenkamer | Postbus | 2500 EA Den Haag SAI Capacity Building in Fragile states.
United States Department of Agriculture Food Safety and Inspection Service February William C. Smith Assistant Administrator Office of Program.
1 Algemene Rekenkamer | Postbus | 2500 EA Den Haag Extractive industries, safety and the NCA Presentation at 2 nd WGEI meeting in Oslo 21 September.
EU Product Safety and Market Surveillance Package A BIS perspective.
1 Algemene Rekenkamer | Postbus | 2500 EA Den Haag Report to CBC Steering Committee from the IntoSAINT workstream 10 September 2015, Stockholm.
Productivity programme Visa Paajanen National Audit Office of Finland
ໂດຍ: ວິສອນ ໄຊສົງຄາມ ກົມຄຸ້ມຄອງສະຖາບັນການເງິນ, ທະນາຄານແຫ່ງ ສປປ ລາວ
Red Deer College February 8, 2010 William Miles, CISSP.
Information Asset Classification Community of Practicerev. 10/24/2007 Information Asset Classification What it means to employees.
Federal Information Security Management Act (FISMA) By K. Brenner OCIO Internship Summer 2013.
College Reviews An Overview Presented by Howard Lutwak, CIA Director of Internal Audit January 2004.
5 or more raise the score 4 or less let it rest
E-GOVERNMENT : AUTHENTICATION OF IDENTITY By Hon Trevor Mallard Minister of State Services, State Services Commission, NZ Government, 16 April Available:
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
Employee Privacy at Risk? APPA Business & Financial Conference Austin, TX September 25, 2007 Scott Mix, CISSP Manager of Situation Awareness and Infrastructure.
Working Group # 5 - Report. Working Group #5 Principle #11 CSDs 1.What constitutes "compliance" with the Principle? Describe (in specific terms) the state.
HELPING THE NATION SPEND WISELY Rob Prideaux Director of Corporate Affairs, UK National Audit Office Meeting of Representatives of Supreme Audit Institutions,
October 10, Better Together – The Road to Responsible Information Management Presented by Colleen Pedroza, State Information Security Officer.
Tax Administration Diagnostic Assessment Tool MODULE 11 “POA 9: ACCOUNTABILITY AND TRANSPARENCY”
Generally Accepted Recordkeeping Principles Generally Accepted Recordkeeping Principles ® Registered Trademark of ARMA International.
Republic of Sudan Federal Ministry Of Health Thematic Area 5 progress Health Emergency Preperdness and Response.
First Level Investigation Introduction Donna Dark.
1 Algemene Rekenkamer | Postbus | 2500 EA Den Haag Data security and positions with access to confidential information.
BUSINESS CLARITY ™ PCI – The Pathway to Compliance.
Ministry of Finance of the Republic of Azerbaijan State Treasury Agency Public Finance Management Information System.
Records Management Committee BOS Presentation February 1, 2005.
Copyright © 2015 McGraw-Hill Education. All rights reserved. No reproduction or distribution without the prior written consent of McGraw-Hill Education.
Fiduciary Responsibilities of the District. Fiduciary Duties of District Board Members One of the main responsibilities of board members is to maintain.
Finnish Cyber Security Strategy and its implementation 14 th October 2014, Београд Secretary General, Information Security Adviser Aku Hilve.
Important acronyms AO = authorizing official ISO = information system owner CA = certification agent.
French public administration experience Yerevan, October 13th, Stéphan Roudil, CIA/CGAP, Rapporteur general of the Central harmonisation committee.
SOFTWARE PIRACY & WORKPLACE ETHICS. What Is Software Piracy? Unauthorized copying/installation/use Unauthorized distribution or sale.
This presentation has been IRM protected by policy.
Chapter 9 Control, security and audit
Switchover from Teledeposit to VIRTUAL TERMINAL Moneris Solutions
February 12 – 19, 2018.
PEMPAL Internal Control Working Group– 45th IACOP Meeting
2012 סיכום מפגש 2 שלב המשכי תהליך חזוני-אסטרטגי של המועצה העליונה של הפיזיותרפיה בישראל.
برنامه‌ريزي منابع انساني
Week 2 Vocabulary Review
Technical Cooperation Program Mexico-Canada: Performance Budgeting Agenda UNDERSECRETARY OF EXPENDITURE 1.
Security Awareness Training: Data Owners
Insurance Supervision Board Ministry of Treasury and Finance
10:00.
PIFC Relationships Internal Audit – External Audit – Financial Inspection – Feed back from France The key players within the French administration Executive.
This is what we are required to do!!!!
Incident recording and reporting
SENSITIVE DATA STANDARDS
CYBER SECURITY SPACE OPERATIONS AND RESILIENCY.
Departmental Assurance Survey
Presentation transcript:

1 Algemene Rekenkamer | Postbus | 2500 EA Den Haag Data security and positions with access to confidential information

2 Agenda About the audit Audit findings Control space of E-Government: Report Cases Data security and positions with access to confidential information| February 18th 2013

3 About the audit Part of the 2011 audit into the state of central government accounts We performed audits at all the ministries and one departmental agency into Information Security (  IS): Quality of data protection policy; Protection of data systems. We examined Positions with access to Confidential Information at all the ministries. (  PCI) Audit start: October 2011 Audit publication: May 2012 Data security and positions with access to confidential information| February 18th 2013

4 Audit findings IS - Quality of data protection policy Most ministries and departmental agencies score badly in the following two respects: It is not clear who is responsible for which data systems and data chains. No regular reviews of data protection policy have been planned or performed. Data security and positions with access to confidential information| February 18th 2013

5 Audit findings IS - Protection of data systems Poor scores in the two following areas in particular: No clear picture of the security risks associated with data systems; The overall package of reliability requirements and security measures is not reviewed at regular intervals. Data security and positions with access to confidential information| February 18th 2013

6

7 Audit findings PCI - results

8 Control space of E-Government – The form Data security and positions with access to confidential information| February 18th 2013

9 Control space of E-Government – Case IS: Quality of data protection policy Data security and positions with access to confidential information| February 18th 2013

10 Control space of E-Government – Case PCI: Positions with access to confidential information Data security and positions with access to confidential information| February 18th 2013

11 Control space of E-Government – Headline Data security and positions with access to confidential information| February 18th 2013

12 Let’s see how this looks like…. Data security and positions with access to confidential information| February 18th 2013

13 Algemene Rekenkamer | Postbus | 2500 EA Den Haag algemene-rekenkamer

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.