Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

PPT Albania, SIGMA Workshop on Digital Auditing for SAIs, Skopje, November 2019

15 views

Published on

PPT Albania, SIGMA Workshop on Digital Auditing for SAIs, Skopje, November 2019

Published in: Government & Nonprofit
  • Be the first to comment

  • Be the first to like this

PPT Albania, SIGMA Workshop on Digital Auditing for SAIs, Skopje, November 2019

  1. 1. SAI of ALBANIA SIGMA/SAI of North Macedonia Workshop on Digital Auditing Skopje, North Macedonia, 6-7 November 2019 ALSAI Experience in IT Systems Audit "Audit of the e-Albania Platform" Alfred Leskaj
  2. 2. AUDITING STANDARDS  ISSAI 100  ISSAI 5300  ISSAI 5310  COBIT 4.1  Information Technology Audit Manual (WGITA)  Active IT Manual  ALSAI Law 154/2014
  3. 3. PROGRAM AGENDA 1 2 3 4 5 INTRODUCTION AUDIT FOCUS KEY FINDINGS THE OBJECT OF THE AUDIT RECOMMENDATIONS 6 AUDIT OPINION
  4. 4. 1 2 3 4 5 INTRODUCTION AUDIT FOCUS KEY FINDINGS THE OBJECT OF THE AUDIT RECOMMENDATIONS 6 AUDIT OPINION
  5. 5.  e - Albania is a governmental portal for providing electronic public services.  The e-Albania portal is an EU funded IPA project.  The portal is concepted as a one-stop-shop where the citizen registers using his ID card, by searching and applying for the service he needs.  e-Albania portal, offers 29 downloadable PDF documents with digital stamp and provides legal validity. INTRODUCTION
  6. 6. e-albania offers electronic and information services for: People Businesses Public administration Visitors
  7. 7. Scheme of providing electronic services Governmental systems GovNet The interaction platform e-albania portal
  8. 8. 1 2 3 4 5 INTRODUCTION AUDIT FOCUS KEY FINDINGS THE OBJECT OF THE AUDIT RECOMMENDATIONS 6 AUDIT OPINION
  9. 9. AUDIT FOCUS The performance’s evaluation of the National Information Society Agency, in terms of effectiveness of the e-Albania portal, on the e-services benefiting through the platform of interaction of public institutions systems with each other.
  10. 10. 1 2 3 4 5 INTRODUCTION AUDIT FOCUS KEY FINDINGS THE OBJECT OF THE AUDIT RECOMMENDATIONS 6 AUDIT OPINION
  11. 11. THE OBJECT OF THE AUDIT  Audit of ICT Governance functioning. Verification of ICT Strategy, Policies and Procedures Assessment of human resources in ICT structures  Audit of information technology projects and investments Audit of IT investment projects regarding e-Albania platform  Audit of ICT Operations in e-Albania Evaluation of e-Albania platform management
  12. 12. 1 2 3 4 5 INTRODUCTION AUDIT FOCUS KEY FINDINGS THE OBJECT OF THE AUDIT RECOMMENDATIONS 6 AUDIT OPINION
  13. 13. KEY FINDINGS  NAIS frequent structural changes, doesn’t reflect changes in the regulatory basis of it’s functioning structure.  The realization of investments, for the creation of electronic services and the establishment of the portal has not been timely synchronized with the issuance of the legal basis for the electronic stamp by the responsible structures.  The e-Albania Platform publishes information and services from sources that have non-certified databases (by NAIS), by failing to ensure a proper interaction and a proper personal data safety.
  14. 14. 1 2 3 4 5 INTRODUCTION AUDIT FOCUS KEY FINDINGS THE OBJECT OF THE AUDIT RECOMMENDATIONS 6 AUDIT OPINION
  15. 15.  NAIS Governing structures, considering the time and resources needed and also the importance of the data that this institution possesses and processes, are required to draft the Strategic Information Technology Plan, where the objectives of the institution must be clearly addressed.  NAIS management structures are required to take measures to complete the structure and carry out occasional assessments of the human IT resources needed to achieve the objectives and take measures to complete those IT structures according to the approved plan. RECOMMENDATIONS
  16. 16.  The e-Albania Platform Directorate, in order to increase the use of the platform, is required to periodically analyze the reasons for not receiving the service and to perform the restoration of “support services” in Albanian language by telephone / chat with a 24/7 coverage. In providing support it needs to consider the legal framework regarding the requirements of the categories with special needs.  NAIS is required to take necessary measures in order to analyze and configure existing log storage capacities, and to draft and approve in accordance with “electronic document storage” legislation, storage time, procedures for their analysis and deletion.
  17. 17. 1 2 3 4 5 INTRODUCTION AUDIT FOCUS THE OBJECT OF THE AUDIT KEY FINDINGS RECOMMENDATIONS 6 AUDIT OPINION
  18. 18. AUDIT OPINION The lack of strategic objectives and priorities in terms of Information Technology investments in public institutions has impacted the effectiveness of the services provided by the e-Albania portal, coupled with the low number of electronic services provided to the Albanian public. While the frequent structural changes and regulatory framework of NAIS, in the absence of action plans for change management, mainly of critical elements in information systems, has made the investments in information systems ineffective, in ensuring Business Continuity and Disaster Recovery security.
  19. 19. Thanks for your attention

×