FRANCE: Auditing IT governance, strategy and security of 6 universities in French overseas territories
To improve the overall level of training, higher education provision in overseas France has expanded and diversified considerably. Between 2002 and 2022, the number of students in overseas France rose by 54%. Against this backdrop, the French Cour des Comptes audited the functioning of higher education and research in overseas territories of France, in particular through the management of 6 universities: in French Guiana, the French West Indies, French Polynesia, New Caledonia, Reunion and Mayotte.
GERMANY: Portfolio management in the German financial administration
The financial administration as part of Germany’s public administration is responsible for assessing and collecting taxes. In the Federal Republic of Germany, this task falls into the remit of both the federal government and the federal states. Financial administration bodies rely on their IT and use numerous complex and tailored IT applications.
ISRAEL: The digital revolution: the State Comptroller of Israel’s approach to digital transformation and cybersecurity
In today’s digital era, the State Comptroller of Israel has expanded its oversight to address the complexities of modern governance. With increasing reliance on digital technologies, the need for robust information systems, effective cybersecurity, and ethical technology use is more critical than ever. Under the leadership of Mr. Matanyahu Englman, appointed in 2019, the Comptroller’s office has adopted innovative methodologies to maintain efficiency, accountability, and operational integrity across the public sector.
KOSOVO: Highlights of IT audit from SAI Kosovo
The National Audit Office of Republic of Kosovo* has conducted the IT audit Pharmaceutical Stock Information Management System.
The Ministry of Health (MH), specifically the Pharmacy Division (PD), is responsible for supplying medicines and disposable materials from the Essential Medicines List (EML) to Primary Health Care (PHC) institutions based on the planning of those Institutions for 34 Main Family Medicine Centers (MFMCs).
MALTA: National Audit Office of Malta IT audit report: Document management systems across government
In an era where digital transformation is reshaping every sector, the shift from paper-based to electronic document management has become a pressing priority for Governments worldwide. Malta’s public institutions are no exception, tasked with managing an ever-growing volume of digital records and emails essential to their daily operations. In response to this challenge, the National Audit Office (NAO) of Malta has conducted a comprehensive Information Technology (IT) audit[1], focusing on the effectiveness of document management systems across various Government Ministries.
THE NETHERLANDS: NCA audit on national IT-infrastructure NAFIN
The explosion of the Nord Stream pipeline, spies caught with explosives to destroy military transports, countless cut internet cables at sea and on land and the mass disruption of the French railway system in July 2024: critical European infrastructure has increasingly been the target of sabotage in recent years. We have been auditing how the Netherlands shields its critical infrastructure from cyberthreats since 2018. We carry out these audits because the outage, failure or misuse of IT systems can disrupt society. A feature of these audits is that we dive deeper than ‘paper and policy’ and carry out digital and physical practical tests in collaboration with the auditee.
SLOVENIA: IT audit - Managing business continuity in the field of drinking water supply
The Court of Audit published a report on the efficiency of the public utility company Komunala Škofja Loka d.o.o. in managing business continuity in the field of drinking water supply in the period from January 1st, 2023, to March 31st, 2024. According to the opinion of the Court of Audit Komunala Škofja Loka was partially efficient managing business continuity in the field of drinking water supply.
New member in the EUROSAI IT Working Group
We are pleased to announce that starting from June 2024, the EUROSAI IT Working Group has a new member from Israel – Office of the State Comptroller and Ombudsman of Israel.
We are warmly welcoming our new colleagues in the working group that has already 45 members in total.
Summary of ITWG 17th meeting
On 24-25 September a seminar “Intelligent Auditor in an Artificially Intelligent State?” took place - on 24 September participants gained the knowledge about auditing AI while on 25 September it was possible to learn from the experience of using AI while auditing.
Updates and new activities of the e-Government Subgroup
The Subgroup’s effort focused on its two audit supporting tools: Control space of e-government (CUBE: egov.nik.gov.pl) and the Active IT Audit Manual (AITAM: aitam.tcontas.pt).
Join ITWG e-course "Introduction to Public Sector IT Audit"
In the frame of Research and Training Hub project, EUROSAI IT Working Group has developed a training course "Introduction to Public Sector IT Audit" and is open for anyone interested in acquiring basic knowledge about how to approach IT aspects in audit work. The goal of the training course “Introduction to Public Sector IT Audit” is to increase the quality and impact of contemporary audits that frequently include IT components. Therefore, non-IT-auditors and beginner-level IT-auditors would benefit from basic knowledge about IT auditing provided in the training course. The training consists of 7 modules in total.
QATAR: Protecting end-user devices – key takeaways from performance audits of government entities in Qatar
For the past 5 years the State Audit Bureau of Qatar (QSAB) has focused heavily on carrying out IT performance audits at government entities. As part of these audits, while reviewing IT asset management we have also assessed physical security of end user devices. Physical security for end user devices is not only good risk management, but is a value-for-money proposition wherein protection costs less than incident management, and recovery. However, at times value-for-money in security is difficult to assess and quantify, and it might also conflict with an entity’s security objectives. Perhaps an anecdote from one of our audits might highlight this dilemma.
KUWAIT: Ensuring security and compliance: key steps for effective cloud audits
Organizations are increasingly migrating into the cloud because of its scalability, cost-effectiveness, flexibility and innovation in operations. Thus, thorough audits of the cloud have become critical to provide a resilient and optimized environment for the organization. A cloud auditor’s first step is to align the audit plan with organizational goals, focusing on high-risk areas to protect critical assets.
KUWAIT: Securing Kuwait: a journey through business continuity and cybersecurity
In the heart of Kuwait, a bustling small country known for its innovative spirit and technological advancements, a significant initiative was launched in 2022 to ensure the physical security of its IT infrastructure. This initiative, driven by the need to protect the growing digital assets, marked the beginning of a transformative journey in business continuity and cybersecurity.