The Power of Recommendations Dainius Jakimavičius National Audit Office of Lithuania Vilnius, April 23, 2013.

Slides:



Advertisements
Similar presentations
Twenty years of EU co-financed programmes in Greece:
Advertisements

POLAND Development Management System in Poland Brussels, 2 July 2010.
Supporting National e-Health Roadmaps WHO-ITU-WB joint effort WSIS C7 e-Health Facilitation Meeting 13 th May 2010 Hani Eskandar ICT Applications, ITU.
Alignment of COBIT to Botswana IT Audit Methodology
SYSTEM OF EVALUATION AND MANAGEMENT CONTROL RESULTS-BASED BUDGETING THE CHILEAN EXPERIENCE Heidi Berner H Head of Management Control Division Budget Office,
Workshops for implementing the Strategic Plan for Biodiversity through the National Biodiversity Strategies and Action Plans Module 2 The Biodiversity.
Risk Management and Internal Controls ASSAL 20 November 2014 Annick Teubner Chair, IAIS Governance Working Group.
Development of internal control: methodology and responsibility
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
PUBLIC SECTOR INTERNAL AUDIT IN THE REPUBLIC OF LITHUANIA Mr. Jonas Vaitkevičius Head of Internal Audit and Financial Control Methodology and Monitoring.
1 “Environmental Auditing in the Republic of Macedonia” “Environmental Auditing in the Republic of Macedonia” State Audit Office Nada Sekulovska Gorast.
Liberia – Duke University Program PFM reform strategy Duncan Last Public Financial Management Division March 4, 2011.
OpportunitiesChallengesNeeds Already have 217 recognized FLMMA sites. Not ecologically representativeMaps of reef habitats to help optimize design Organizations.
Financial Management and Control Arrangements in Practice Monika Kos, Ministry of Finance, the Republic of Poland.
© OECD A joint initiative of the OECD and the European Union, principally financed by the EU The Strategic Planning System at Central Public Administration.
Enhancing Institutional and Administrative Capacity case: POLAND
Internal Auditing and Outsourcing
Institutional arrangements and legal framework for energy statistics United Nations Statistics Division International Workshop on Energy Statistics
Quality assurance in IVET in Romania Lucian Voinea Mihai Iacob Otilia Apostu 4 th Project Meeting Prague, 21 st -22 nd October 2010.
Establishment and Development of the Internal Audit System for the Public Sector in Kyrgyz Republic INTERNAL AUDIT COMMUNITY OF PRACTICE ISTANBUL
Performance Budgeting and its Impact on Audit of State Annual Accounts Neringa Cikanavičiūtė Principal Auditor National Audit Office of Lithuania 3-5 September.
Eshboev B.A. Head of the Department for Monitoring of implementation of national development programmes of the Ministry of Economic Development and Trade.
0 Kestutis Rekerta Strategic Planning Division, Government Office of Lithuania World Bank Workshop, Bratislava, September 6, 2006 STRATEGIC PLANNING IN.
1 European Lifelong Guidance Policy Network Work Package 1 – Career Management Skills Synthesis Meeting NATIONAL PROGRAMME FOR CAREER GUIDANCE Aleksandra.
Romanian Court of Accounts years of existence.
Auditing services for assurance in evaluation of companies’ information systems (technologies) efficiency Kherson State University Samchynska Yaroslava.
O F F I C E O F T H E Auditor General of British Columbia 1 OAG Review of the Performance Agreements between MoHS and Health Authorities.
Ministry of the Interior of the Republic of Latvia Lāsma Stabiņa National Anti-Trafficking Coordinator Riga, 5 February 2015, HESTIA Kick-Off meeting.
The Issues of Budgetary Reform Unit 3. PFM Reform – Change Management Module 3.2. Preparing and managing a reform programme.
1 UNDECLARED WORK IN CROATIA Executive Capacity of Governance and Underground Economy: The Case of Croatia Zagrebl, September 1, 2015.
PUBLIC SECTOR FINANCIAL CONTROL OF THE REPUBLIC OF LITHUANIA By Ms Daina Vaivadienė Chief Specialist of the Internal Audit and Financial Control Methodology.
New Challenges in Institutional Development of the National Audit Office of Lithuania Dainora Venckevičienė Chief Specialist at the Division for Legal.
Improving Coverage and Management Effectiveness of the Protected Area System in the Republic of Moldova Maria NAGORNII Head of the Analysis, Monitoring.
An Integrated Control Framework & Control Objectives for Information Technology – An IT Governance Framework COSO and COBIT 4.0.
Some reflections from the policy point of view - Results of the evaluation on urban development Workshop on Evaluation 25 April 2013, Budapest.
Building Blocks for a Successful Public- Private Partnerships Presented by Igor Abramov Counsel & Co-chair, Eurasia and Russia Practice Group, Heenan Blaikie.
1 Governance, accountability and performance reporting in the public sector Des Pearson Executive in Residence August 2013.
Reforming civil service in the Baltic States: the Case of Lithuania Jurgita Siugzdiniene, PhD Department of Public Administration, Kaunas University of.
Portfolio Committee on Appropriations Audit of predetermined objectives 26 March 2013.
© OECD A joint initiative of the OECD and the European Union, principally financed by the EU THE COORDINATION OF THE DECENTRALIZATION PROCESS Claudia Lung.
PUBLIC INTERNAL CONTROL (PIC) SYSTEM OF HUNGARY Ms. Edit NÉMETH CENTRAL HARMONISATION UNIT FOR PUBLIC INTERNAL CONTROL, HUNGARY BUDAPEST, 25 TH OF JUNE,
Copyright © 2013 by The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin.
Workshop on Implementing Audit Quality Practices Working Group on Audit Manuals and Methods March 2006 Vilnius (Lithuania) Hungarian Experiences.
Lessons from Programme Evaluation in Romania First Annual Conference on Evaluation Bucharest 18 February 2008.
MONGOLIA COUNTRY CONTRIBUTION PAPER “The Availability, Timeliness, and Quality of Rapid Estimates in Case of Mongolia” Presenter: G. Gerelt-Od, First Vice-Chairman,
Legal Framework and Structure. Public Internal Financial Control Strategy ( ) focuses on three activities Institution of a Centralized Harmonization.
Lithuanian Education Quality Management: System of School Internal and External Audits Ričardas Ališauskas Head of Education Development Division of the.
Kathy Corbiere Service Delivery and Performance Commission
STRATEGY FOR DEVELOPMENT OF ISIS AND IT STRATEGY IN THE NSI-BULGARIA Main principles, components, requirements.
Pilot Project on implementation of SEA for regional planning in Ukraine Prof. Dr. Michael Schmidt Dmitry Palekhov Brandenburg University of Technology.
M O N T E N E G R O Negotiating Team for the Accession of Montenegro to the European Union Working Group for Chapter 32 – Financial Control Bilateral screening:
Belgian Technical Cooperation Internal audit presentation.
1 STRATEGIC PLANNING AND BUDGET PRIORITISATION IN CROATIA Francois-Roger Cazala, Rimantas Veckys SIGMA - Lithuanian Ministry of Finance.
Outcomes of the FMC review Vania Tomeva, PIFC consultant July 2013, Tbilisi 1.
PFM reform – change management Module 3.2 Preparing and managing a PFM reform programme 1.
EVALUATION SYSTEM FOR NIGER REPUBLIC Dr TARINGUE WAZIRI GAMBO.
ASSESSING LONG-TERM STRATEGIC DOCUMENTS WITH THE EU PERSPECTIVE Supreme Audit Office Poland Slawomir Grzelak Director, Department of Economy,
Audit of debt and liabilities of local governments Audit Department 3 Panevėžys Division, Principal Auditor Inga Trepšienė and Senior Auditor Jurgita Vilniškienė.
Audit of predetermined objectives
Joint Seminar Brussels 2017.
Predetermined Objectives – 2013/14
Session 2: Institutional arrangements for energy statistics
GOOD PRACTICES AND REFORM OF PUBLIC ADMINISTRATION
Seminar on Evaluation of Internal Control Systems
Program budgeting in the Kyrgyz Republic
Draft OECD Best Practices for Performance Budgeting
Alignment of COBIT to Botswana IT Audit Methodology
PUBLIC SECTOR FINANCIAL CONTROL OF THE REPUBLIC OF LITHUANIA
Role of Evaluation coordination group and Capacity Building Projects in Lithuania Vilija Šemetienė Head of Economic Analysis and Evaluation Division.
Strategic development goals and priorities of the Republic of Tajikistan . National monitoring and evaluation system for their achievements. Eshboev.
Presentation transcript:

The Power of Recommendations Dainius Jakimavičius National Audit Office of Lithuania Vilnius, April 23, 2013

First steps traditional performance criteria - economy, efficiency, and effectiveness looking at the most common problems of development of information systems in 14 ministries and the Department of Statistics similar problems identified First IT Audit “Regarding results of assessment of activities of establishing and development information systems in terms of economy, efficiency, and effectiveness” (2001) Recommendations: to link IT strategy plans of ministries and agencies with the strategic plan of information society development for Lithuania to strengthen inter-ministerial coordination and control of IT projects and initiatives

IT Audit at the National Audit Office of Lithuania IT Audit IT internal controls IT Performance Audits IT general controls IS development controls Application controls Financial Audit Performance Audit

Responsibilities for IT Audit Objects of IT auditComplexity of Information SystemsResponsibilities 1. IT general controls Financial auditors, joint groups of financial and IS auditors; IS auditors Financial auditors, IS auditors Medium Financial auditors, joint groups of financial and IS auditors; IS auditors Complex Financial auditors, joint groups of financial and IS auditors; IS auditors 2. IS development controlsSimple, medium, complexIS auditors 3. Application Controls SimpleFinancial auditors, IS auditors Medium Financial auditors, joint groups of financial and IS auditors; IS auditors ComplexIS auditors 4. IT Performance auditsSimple, medium, complex IS auditors Performance auditors

COBIT: possibility to implement control practices COBIT IT Assurance Guide Control Practices Maturity Models Recommendations how to improve IT internal controls COBIT: processes maturity models management (control) practices IT Assurance Guide How to apply COBIT instruments to the state level ? Business processes Auditor’s judgment

Inputs from EUROSAI IT Working Group: ITSA Information technology self-assessment (ITSA) at the Supreme Audit institutions (since 2002) : method: COBIT framework:  processes  maturity models process: expert judgment:  selecting business processes  linking business with COBIT  selecting most important COBIT processes  assessing selected COBIT processes  action plan + implementation

Auditing state level – IT audits of 2006 and 2007 General Control of State Information Systems. State and Institutional Levels, (2006)  first attempt to apply COBIT instruments for the state level Management of Information Systems of Public Institutions in the Context of E-Governance, (2007)  using inputs from financial audits of 76 government and municipal institutions of Lithuania  recommendations addressed to the Government Recommendations of those audits gave a push for the Law on Information Resources Management (2011)

General Control of State Information Systems. State and Institutional Levels, (2006) Does the state have adequate legal and managerial capacities/mechanisms to assure effective and efficient governance of IT function ? The main findings : Regulation of State information resources was not comprehensive: due to absence of laws, regulations issued by the Government were applied only to ministries and institutions which report to the ministries. IT strategic planning should be enforced and necessary IT strategic planning instruments (for example, IT strategic planning committees) introduced to assure that IT development initiatives are subordinated to institutional development needs. Ministries/ governmental agencies having responsibility for certain aspects of state regulation (responsibility for management of information systems or responsibility for security regulation of information systems) do not have sufficient power of administrative control.

Management of Information Systems of Public Institutions in the Context of E-Governance, (2007) The main areas for the audit “Management of Information Systems of Public Institutions in the Context of E-Governance” (2007) were chosen: Strategic planning of IT function at the state level Information systems control and monitoring at the state and institutional levels Management of IT investments Set up and development of information systems Management and security of information systems Education of top-management in IT governance

Management of Information Systems of Public Institutions in the Context of E-Governance, (2007) The main recommendations for the Government (because there were no state institutions to cover those functions): To review, update and assure compatibility of long-term IT strategic documents and to assure control of implementation of planned results To review and update methodological documents for planning IT investments To assure continuous monitoring of IT investment projects considering their efficiency and effectiveness

Lessons learnt from the audits of Distribution of tasks between financial (generalist) and IT auditors and using inputs from financial audits COBIT: examples of governance/management practices and possibility to go beyond compliance by introducing effectiveness/efficiency criteria for general controls; applying COBIT to the state level Using self-assessment mechanisms for internal IT function at SAIs (lessons from EUROSAI ITWG):  probing instruments for increasing IT function effectiveness/efficiency on ourselves before suggesting to the others. This creates trust in actions and instruments we recommend

Enforcing legislation: Audit Governance of State information Resources” (2013) Aim: To examine the situation at the state level after the Law on Information Resources Management was passed (2011) To suggest ways how the new legal framework may be used for improvement of the following areas:  IT governance model  Financial instruments  IT services

Conclusions: IT governance model concepts, requirements and classification systems are inconsistent and uncoordinated => a risk that similar objects can be classified using diverse classification systems instead of using one universal system alignment of IT policies, high-level planning and other documents is not assured, existing monitoring systems are not coordinated, monitoring criteria are not standardised strategic documents lack appropriate consideration mechanisms => could tend to reflect interests of different sectors governance of information resources is not efficient, weak or non-existing evaluation and monitoring components in the governance scheme

Conclusions: Financial instruments Financial instruments are not sufficient to assure that funds for information resources are used in reasonable and cost-effective way, and IT projects are aligned with the main directions of information society development. Funds allocated for information resources in public sector should be used in more efficient way, by adapting already existing IT systems or solutions and applying unified management processes.

Conclusions: IT services IT services are unattractive and distantly used due to complexity of service catalogues, while necessary level of information security is not always assured. Lack of integration prevents from centralised use of state information resources therefore technical capacities are not fully used.

Recommendations to the Government (1) To improve IT governance model by applying governance methods suggested by Lithuanian and international standards and recommendations of the best practices:  to develop consistent classification scheme of state information resources, based on common principles;  to complement the plan of implementation of the Law on Management of State Information Resources including provisions of review and conformity of existing legal acts;  to develop and apply unified targets and performance criteria for IT management and security across all areas of governance.

Recommendations to the Government (2) To assure common policies for governance of information resources :  to foresee measures for better coordination of implementation of information resources policies;  to appoint institution responsible for coordination of classified information and to compile inventory of such information;  to assure that priorities for IT investments should be established at the level of the Government;  to compile and publish information on state-owned information networks.

Recommendations to the Government (3) To assure efficient use of financial resources and alignment of investments to the main trends of development of information society, to elaborate:  regulatory and control measures for centralised planning of the most important IT projects; regulatory and control measures should assure cost-effectiveness; technological compatibility, evaluation of impact and monitoring at the state level;  requirements to evaluate possibility of adapting already existing IT systems or solutions at the public sector;  requirements for planning of IT financial resources.

The law is enforced, what’s next ? Is the public sector ready to implement new legal requirements ? Are there are any problems in implementation.... ?  problems at institutional level (difficult to implement?)  recommendations to institution – to assure compliance + a little of best practices to make life easier  problems off institutional level (legislation doesn’t match practices)  recommendations to the government (introduce new practices to legislation which makes more efficient framework for IT)... or no problems at all ?

Thank you for your attention Questions ?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.