e-Government - ein PrÃ¼fungsleitfaden - EUROSAI IT Working Group

Weitere Magazine

Empfehlungen

Info

76 GLOSSAR AUS DEM ENGLISCHEN ORIGINAL “E-GOVERNMENT IN AN AUDIT PERSPECTIVE” DER EUROSAI IT WORKING GROUP Accountability Accuracy Authenticity Availability Back office system (or back end) Certification authority Controls in user systems Completeness Confidentiality Digital certificate – In information security, a principle whereby system users are uniquely identifiable and are held responsible for their actions. Being able to identify users uniquely enables security violations to be traced to individuals. This objective is defeated with the sharing of passwords. – Property assured by a system’s control sited immediately before the user application to validate received transaction data concerning, for example, product numbers, quantity, quality, prices, etc. – In information security, the property that determines that the originator of a message, a file, etc., actually is who he/she/it claims to be. – The ability to access and use a system, resource or file, when and where required. – Computer infrastructure within an organisation, which supports core business process applications but has no external interface with costumers (unlike a Web site or portal) – In cryptography, an authority trusted by all users to create and assign digital certificates This role is usually performed by public institutions, such as Post Office or clearing banks (e. g. Barclays). – Internal pre-programmed controls supplemented to the necessary extent with manual controls. – Property assured by a system’s control sited immediately before the user application, to ensure that there is no break during translation from external to internal data format or that system failure does not cause loss of data or that faults with the sender of the transaction does not lead to the transaction not being received in its entirety. – In information security, the property that information is not made available or disclosed to unauthorised individuals, entities or processes. – In cryptography, a message that guarantees the authenticity of the data contained within it. In public key cryptography to guarantee authentication a certificate should be issued by a Certification Authority trusted by all users. A certificate generally contains the public key owner’s identity, the public key itself and its expiry date.
77 Digital documents Digital signature Domain E-decision making E-government E-governance E-procurement Front office system (or front-end) – A public body’s data that exists in electronic or digital format including not only documents that have been digitised from paper media (e.g. letters) but also those that only exist and are used in digital form throughout their entire ‘life-span’. – File decryption and encryption to authenticate certain type of communication in transaction services binding via the Web, that usually must be in writing to be legally valid, used by administration to communicate safely and legally with citizens, business or other public authorities(G-2-C; G-2- B; G-2-G). – Part of the naming hierarchy of the internet. A domain name precisely locates an organisation or other entity on the internet, for instance: http://www.eurosai.org/ . An address of the form http://www.eurosaiit.org/. is a sub-domain. – Interaction between the public sector entities and how society organizes itself for collective decision through the use of electronic transparent mechanisms. – The use of information and communication technologies by the government with the aim to: (a) provide more and/or better information and other services, externally to citizens and businesses, and internally to other government organisations; (b) improve government operations in terms of more effectiveness, and/or efficiency; (c) enhance political participation. – Signifies the development, deployment and enforcement of the policies, laws and regulations necessary to support the functioning of a digital society and economy. Governance issues blossom through all levels of e- government. – The replacement of traditional trading documentation, for example purchase orders and invoices, by electronically transferred data. – Computer infrastructure in an organisation designed specifically as an interface for communicating with external costumers, such as Web sites or portals. General IT controls Integrity Internal controls – In information security, controls implemented in the IT environment in order that the outer perimeters for system, data and operational reliability become acceptable, according to the needs of the public body. These controls are different in nature and can be organisational, physical, preprogrammed or manual, for example. – In information security, the property that signifies that data received is the same as the data sent. – In information security, pre-programmed controls in the user system to ensure a complete, exact and timely processing of approved transactions; also meant to prevent mistakes from occurring, or indeed to ensure that mistakes are discovered and corrected.
Seite 1:
e-Government - ein Prüfungsleitfad
Seite 4 und 5:
4 5 Prüfungen in einem digitalisie
Seite 6 und 7:
6 1 Einführung Unter der Überschr
Seite 8 und 9:
8 Im vierten und fünften Kapitel
Seite 10 und 11:
10 Auf der Suche nach anderen Defin
Seite 12 und 13:
12 Einige Autoren beschreiben Diens
Seite 14 und 15:
14 sowie Verfahren zur Fehlerkorrek
Seite 16 und 17:
16 - Bereitstellen von miteinander
Seite 18 und 19:
18 Weniger bemerkenswerte, aber ebe
Seite 20 und 21:
20 abhängig und auch für menschli
Seite 22 und 23:
22 - Wissen, gute Praxisfälle und
Seite 24 und 25:
24 - (Zweiweg-Interaktion): Ausfül
Seite 26 und 27: 26 Anhang 1 Liste der Basis-Dienstl
Seite 28 und 29: 28 3 Risiken 3.1 Einführung Dieses
Seite 30 und 31: 30 Verwaltungsverfahren und Unterla
Seite 32 und 33: 32 - Direkte Bereitstellung aller e
Seite 34 und 35: 34 Die Verwaltung sollte technische
Seite 36 und 37: 36 Personenbezogene Daten müssen j
Seite 38 und 39: 38 Mit einer Protokollierung wird e
Seite 40 und 41: 40 An den Prüfer von e-Government-
Seite 42 und 43: 42 - unzureichend detaillierte Buch
Seite 44 und 45: 44 4 Prüfung von Programmen und Pr
Seite 46 und 47: 46 - Effizienz des Entscheidungspro
Seite 48 und 49: 48 Audit method j Audit types Group
Seite 50 und 51: 50 Stages of “life cycle” of ta
Seite 52 und 53: 52 - Prüfen der Übereinstimmung d
Seite 54 und 55: 54 (11) Prüfung der Organisation u
Seite 56 und 57: 56 Dieses Bild vermittelt eine Idee
Seite 58 und 59: 58 5 Prüfungen in einem digitalisi
Seite 60 und 61: 60 Verwaltung; elektronische Dokume
Seite 62 und 63: 62 IT-Sicherheit und IT-Sicherheits
Seite 64 und 65: 64 Auf der Grundlage von Wesentlich
Seite 66 und 67: 66 Funktionieren die internen Kontr
Seite 68 und 69: 68 Wurde durch Kontrolle 1 sicherge
Seite 70 und 71: 70 5.4 Schlussfolgerungen Während
Seite 72 und 73: 72 - Leistungsfähigere IT-Organisa
Seite 74 und 75: 74 - Änderungen der Organisation,
Seite 78 und 79: 78 Interoperability - In informatio
Alle anzeigen

e-Government - ein PrÃ¼fungsleitfaden - EUROSAI IT Working Group

Erfolgreiche ePaper selbst erstellen

Template löschen?

Als Template speichern?