Lax oversight in IT, financial controls uncovered in Auditor-General's report

Lax oversight in IT, financial controls uncovered in Auditor-General's report

04:28
The Auditor-General's Office (AGO) observed that there were weaknesses in IT controls, laxity in financial controls and inadequate oversight of development projects among the government agencies it audited in the financial year of 2016/2017. 

SINGAPORE: The Auditor-General's Office (AGO) observed that there were weaknesses in IT controls, laxity in financial controls and inadequate oversight of development projects among the government agencies it audited in the financial year of 2016/2017. 

According to the AGO's latest report released on Tuesday (Jul 18), it audited the Government Financial Statements, four government funds, 12 statutory boards, five Government-owned companies and three other accounts. It also carried out selective audits of nine statutory boards and three government funds whose financial accounts were not audited by AGO. 

For weakness in IT controls, the Auditor-General found that there were weaknesses in IT controls in its audits of the Central Provident Fund Board (CPFB), the Singapore Corporation of Rehabilitative Enterprises (SCORE), the National Parks Board (NParks) and MSF. 

CPFB, for example, showed lapses in the management of the two IT security monitoring systems which tracked the activities of its databases and systems. It did not monitor the IT security monitoring systems for unauthorised changes, and for one system in particular, AGO's test checks of the system logs for three months revealed that about 88.7 per cent of the changes made by administrators were not supported by approved change requests, the report stated. 

In terms of laxity in financial controls, the AGO found instances of this in entities such as the Singapore Sports Council, SCORE and the Economic Development Board. "These lapses include late payments, payments not certified by authorised officers, contracts not signed by authorised signatories, poor management of assets and grants disbursements made based on inaccurate or incomplete information," the report pointed out.  

As for inadequate oversight of development projects, AGO's audits revealed weaknesses in the management of such projects under MOH. 

These include the lack of assessment of the need for and cost reasonableness of expenditure before payments were made to an agent, not ensuring that the agent adhered to the approving limits set by MOH for variations, and such works carried out before proper approvals were obtained, the report stated. 

For the development of Ng Teng Fong General Hospital, AGO observed that MOH incurred expenditure of S$4.08 million for site supervisory staff engaged by its agent "without verifying the need for and reasonableness of the expenditure". 

The Auditor-General concluded by noting that the public sector entities audited have taken the observations "seriously, and have "indicated that they are committed to rectify the lapses and put in place measures to prevent future occurrence". 

OVERALL SYSTEM OF MANAGING PUBLIC FUNDS REMAIN SOUND: MOF

 In a response to the AGO report, the Ministry of Finance said that while the public sector’s overall system of managing public funds remains sound, "there are areas where government agencies can do better, by strengthening their financial governance".

It said the public service is taking steps to address the issues in a systemic way, specifically by:

- Enhancing financial controls in grants administration

"The Accountant-General’s Department, in consultation with government agencies, has been developing a guide that will help government agencies put in place appropriate control procedures to ensure better accountability and efficiency in their grant administration. When completed, MOF will be issuing it to government agencies by the 4th quarter of 2017."

- Strengthening management of development projects and contract variations

"We have recently set up the Building & Infrastructure Centre of Excellence under JTC Corporation which will advise government agencies and strengthen their capabilities in managing infrastructure projects. We have also enhanced the project management training programme for public officers. MOF has worked with agencies to develop further guidelines on managing contract variations for development projects. These were issued in June 2017."

- Strengthening audits and policies to improve IT governance

"The public sector has IT policies to ensure proper controls are put in place in order to safeguard the integrity of its IT systems and the data within. These policies have been continually strengthened over the years to improve the IT security posture of the public sector. Internal audits are also conducted from time to time against these policies to help agencies identify shortcomings for remediation.

"Beyond the remedial steps taken by the agencies concerned in response to the AGO findings, the newly-formed Smart Nation and Digital Government Group will strengthen the internal IT audit regime so that agencies can better identify and rectify any gaps in compliance with the prevailing IT policies.

"In addition, SNDGG will continue to refine the policies and proliferate best practices to raise the governance and performance of public sector IT systems."

The Ministry said improving financial governance and accountability of government agencies is a journey of continuous improvement. "We will continue to use the findings from internal reviews and the AGO audits to identify gaps and make concerted efforts to rectify the lapses," it said.

Source: CNA/kk