6:50 PM
NEW DELHI: The Comptroller and Auditor General of India has observed that the crew management system (CMS), a critical IT application of the Indian Railways lacks sufficient security measures to prevent unauthorised access to the system.
CAG in its latest report placed before Parliament found that the system lacked adequate control to ensure completeness, accuracy and validity of data pertaining to various aspects of CMS operations.
"The CMS lacked adequate security measures to prevent unauthorised access to the system and uninterrupted operations," it noted.
The crew management system (CMS) is a critical IT application of the Indian Railways which manages crew assignment to various trains and directly impacts the safety of train operations.
The extent of achievement of the objectives of CMS was evaluated by CAG and the aspects relating to IT application controls, IT security, continuity of the organisation's business, contracting issues, project management/monitoring and change management were also reviewed.
The national auditor noted there was no business continuity plan (BCP) to continue operations round the clock at lobby level.
"There was no arrangement for remote backup of data and business continuity plan/disaster recovery plan at remote site was yet to be implemented. No procedure was devised for effecting changes in the software," CAG observed.
The application aims at managing over one lakh drivers and guards to ensure round the clock safe operations of railways.
The objective of this application was to improve the efficiency of train operations, effectively monitor crew and to comply with the safety requirements relating to crew management and to improve the financial management and monitoring.
CAG in its latest report placed before Parliament found that the system lacked adequate control to ensure completeness, accuracy and validity of data pertaining to various aspects of CMS operations.
"The CMS lacked adequate security measures to prevent unauthorised access to the system and uninterrupted operations," it noted.
The crew management system (CMS) is a critical IT application of the Indian Railways which manages crew assignment to various trains and directly impacts the safety of train operations.
The extent of achievement of the objectives of CMS was evaluated by CAG and the aspects relating to IT application controls, IT security, continuity of the organisation's business, contracting issues, project management/monitoring and change management were also reviewed.
The national auditor noted there was no business continuity plan (BCP) to continue operations round the clock at lobby level.
"There was no arrangement for remote backup of data and business continuity plan/disaster recovery plan at remote site was yet to be implemented. No procedure was devised for effecting changes in the software," CAG observed.
The application aims at managing over one lakh drivers and guards to ensure round the clock safe operations of railways.
The objective of this application was to improve the efficiency of train operations, effectively monitor crew and to comply with the safety requirements relating to crew management and to improve the financial management and monitoring.
.jpg)
.jpg)
0 comments:
Post a Comment