The Public Finance Management Act (PFMA) national audit outcomes report, for 2009-2010, has shown that a total of 82% of government departments and 56% of public entities require improvement in their IT frameworks.
Only four departments and 22 public entities showed improvement or maintained good practice in this regard.
IT general control audits were performed at 28 national departments and 50 entities. Twenty-nine departments failed to submit their IT plans in time to the Department of Public Service and Administration (DPSA). Audit findings regarding IT governance were raised at 23 departments and 28 entities.
The report identified IT governance as a key matter to be addressed, stating that the DPSA, using SITA, in collaboration with National Treasury, is to prescribe a “comprehensive IT governance framework, which provides guidance towards IT strategic alignment and decision-making, resourcing, risk management and internal control”.
According to the auditor-general's report, IT general controls are those controls that relate to the IT infrastructure and are imbedded in information systems' management processes. The focus areas included in the scope of the audits were: IT governance, security management, user access control and IT service continuity.
The report highlighted the lack of a prescribed government-wide IT governance framework, which could give due consideration to the risks, as well as the processes and controls required to ensure IT value and improved service delivery.
The key audit findings that were commonly identified were: approved IT strategic plan/IT strategic plan not implemented or not monitored, IT steering committee either not established or not functioning effectively, lack of formal IT risk register, policies and procedures either not in place or incomplete, and functions of the information security officer either not allocated or not performed.
Eight departments also did not have a permanent government IT officer. These departments included health, science and technology, public enterprises and labour.
The national general report stated: “The public sector departments and public entities are heavily reliant on IT systems to perform their statutory financial management, reporting and administrative functions. Furthermore, these systems enable the automation of business processes and transaction processing, which contributes to effective internal control at departments and entities.”
“The DPSA is playing a role in addressing matters pertaining to measuring and reporting performance and providing e-government leadership and coordination to assist departments in ensuring that their IT systems are adequate and effective and efficient,” stated the national outcomes report.
Share
