HTML Preview It Audit Report page number 1.


Exhibit-E
A desk review of IT Audit on effectiveness of Controls in Public Expenditure Management System Page 1
Audit Report : IT Audit Report on 'Effectiveness of controls in Public Expenditure Management System
Schedule of Audit : April 4, 2016 to May 15, 2016
Date of Issue : August 31, 2016
Name of Agency : Department of Public Accounts, Ministry of Finance
No.
Recommendation
Action taken (as per the detailed
action plan/report submitted).
Status/Progress of
corrective actions taken
by the audited agency
Reasons for non-
completion of
action on any
recommendations
1
Comprehensive ICT security policy should be developed
The Department lacks a comprehensive ICT security policy, which
may impede effective management of security measures to safeguard
confidentiality, integrity, and availability of critical information.
The Department should, therefore, develop a comprehensive ICT
security policy specific to their department and the policy should be
communicated to every employee of the Department for their
awareness, understanding and greater compliance.
Action Plan:
DPA will develop a separate
ICT security policy at DPA
specifically for PEMS.
Timeline: September 2017
Agreed to Implement
by September 2017.
Information on the
progress of
implementation, if
any were not
available.
2
Department should perform periodic reconciliation of account
balances of non-revenue and refundable deposits
The RAA noted a huge difference of accounts balances of Non-
revenue and refundable deposits between the budgetary agencies
and at the DPA level. Besides, inconsistent and inaccuracies in
information and account balances, there may be risks of such
misuse of these balances if appropriate measures are not put in
place. Thus, the Department should establish a system of performing
periodic reconciliation of these account balances by obtaining and
comparing monthly bank balances with control totals of deposits by
budgetary agencies. Possibility of incorporating such feature in
PEMS should also be explored by the Department.
Action Plan:
DPA will try to implement
possible controls/ validations in
PEMS. In addition, DPA will
also create awareness by
sending out specific notification
to the budgetary agencies
related to NRD and RD.
Timeline: June 2017
Agreed to Implement
by June 2017
Information on the
progress of
implementation, if
any were not
available.
DOWNLOAD HERE


To think is easy. To act is difficult. To act as one thinks is the most difficult. | Johann Wolfgang Von Goeth