The second meeting of the AFROSAI-E Working Group for Information System Audit and Management was held online, with the theme ‘Supporting a remote Audit Office’, during the last week of September. During the meeting, members deliberated and adopted a Terms of Reference for the Working Group. To effectively implement its objectives, the working group formed three subgroups and developed workplans for 2021 to 2022. The subgroups are:
- charged with spearheading knowledge sharing among auditors and information system managers
- leading research efforts on various information system topics
- leading efforts to take stock of regional information system management and assurance regulations/frameworks as well as advocate for good practices.
One of the main meeting discussion topics was Information System Audit with a focus on key government systems. The discussions highlighted the importance of identifying core government applications and requisites to enable the audit of systems remotely. Participants confirmed that while SAIs have identified these systems and have clear criteria of what is considered critical, they are not able to access or audit these critical systems remotely, especially during the Covid-19 pandemic.
Further deliberations focused on what SAIs need to have in place to run a remote audit office. Participants considered the technical and policy issues that need to be in place and specifically discussed the need for:
- Enabling SAI strategy, plans, tools and policies
- Understanding of technology possibilities
- SAI business continuity planning
- Clear definition of remote working
- Policies on remote work
- Regulations and strategies on cloud computing
- Cyber security
- SAI infrastructure needs
- Data and information sharing with clients
The WGISAM is now finalising their work plans for implementation in 2021. The next meeting will be in the third quarter of 2021 and SAIs willing to host are encouraged to inform the AFROSAI-E Secretariat.