130 likes | 290 Vues
Data security and positions with access to confidential information. Agenda. About the audit Audit findings Control space of E-Government: Report Cases. About the audit. Part of the 2011 audit into the state of central government accounts
E N D
Data security and positions with access to confidentialinformation
Agenda • About the audit • Audit findings • Control space of E-Government: • Report • Cases Data security and positions with access to confidential information| February 18th 2013
About the audit • Part of the 2011 audit into the state of central government accounts • We performed audits at all the ministries and one departmental agency intoInformation Security ( IS): • Quality of data protection policy; • Protection of data systems. • We examined Positions with access to Confidential Information at all the ministries. ( PCI) • Audit start: October 2011 • Audit publication: May 2012 Data security and positions with access to confidential information| February 18th 2013
Audit findings IS - Qualityof data protection policy • Most ministries and departmental agencies score badly in the following two respects: • It is not clear who is responsible for which data systems and data chains. • No regular reviews of data protection policy have been planned or performed. Data security and positions with access to confidential information| February 18th 2013
Audit findingsIS - Protection of data systems • Poor scores in the two following areas in particular: • No clear picture of the security risks associated with data systems; • The overall package of reliability requirements and security measures is not reviewed at regular intervals. Data security and positions with access to confidential information| February 18th 2013
Control space of E-Government – The form Data security and positions with access to confidential information| February 18th 2013
Control space of E-Government – Case IS: Quality of data protection policy Data security and positions with access to confidential information| February 18th 2013
Control space of E-Government– Case PCI: Positionswith access toconfidential information Data security and positions with access to confidential information| February 18th 2013
Control space of E-Government – Headline Data security and positions with access to confidential information| February 18th 2013
Let’sseehowthis looks like…. Data security and positions with access to confidential information| February 18th 2013
www.rekenkamer.nl@rekenkamerwww.linkedin.com/company/algemene-rekenkamerwww.rekenkamer.nl@rekenkamerwww.linkedin.com/company/algemene-rekenkamer