[ad_1]
SINGAPORE – Weaknesses in IT controls continue to be of concern to several government agencies, and audits have revealed failures in procurement, contract and operations management at entities such as Jurong Town Corporation (JTC).
In its annual audit report released on Monday (September 7), the Office of the Auditor General (AGO) noted problems in three ministries and eight statutory boards.
These include weaknesses in information technology in the national water agency PUB, as well as gaps in the management of business grant programs under Workforce Singapore (WSG) and Enterprise Singapore (ESG).
Public accountability remains one of the government’s top priorities, the Finance Ministry said in its response to the report.
“The heads of the agencies involved have reviewed each case and are taking active steps to address the failures. Where relevant, corrective actions were taken at the government-wide level to prevent recurrence of these failures.”
Government agencies have verified that no confidential data was compromised and that there were no unauthorized activities as a result of IT failures, and that they have taken recovery actions for failures involving overpayments, the ministry added.
This year’s report was delayed due to Covid-19 measures, including the implementation of the breaker period, said Auditor General Goh Soon Poh. These affected the schedule for the preparation of the government’s financial statements and, consequently, the completion of the audit by AGO. The report is generally published in July.
Weaknesses in IT controls
Several IT issues involved the more privileged operating system user accounts, Ms. Goh said.
These accounts give users full access privileges to the operating system, including the ability to make changes to the activity logs. For this reason, it is considered prudent to restrict access to these accounts and review all activities carried out with them.
But in some organizations, misconfigurations led to operating system administrators being able to access these accounts without password authentication. Others did not conduct adequate activity reviews.
In the case of PUB, which was involved in a public-private partnership project, it failed to ensure that its private sector partner had adequate controls in place. For example, excessive rights were granted to the partner supplier. An administrator account was also shared between the partner’s staff and their vendor.
Procurement and contract management lapses
Procurement and contract management flaws were found at the Government Technology Agency, JTC, National Library Board (NLB) and PUB.
NLB was found to have mismanaged contract variations and overall project management for the renovation of the Singapore National Archives building. In principle, approvals were sought for variations without compelling reasons, and they were approved despite the fact that no overall cost estimates were provided.
In the end, the project exceeded its approved cost by $ 1.72 million, the Attorney General noted.
Meanwhile, JTC paid a terminated contractor, although it could have withheld the payment under the contract and used it to offset the contractor’s claimable debt. Subsequently, JTC filed a claim against the contractor for this debt, but as of June it had not yet received any money owed.
Failures in operations management
Failures were found in the operational processes in the Ministry of Foreign Affairs (MFA), JTC and PUB.
In the case of MFA, the AGO detected problems when auditing a mission abroad. Measures to enforce the terms stipulated in the service agreements signed with the mission’s authorized visa agents were inadequate, he said. Three of the 16 designated visa officers were found to have indicated visa rates that were between 16% and 50% higher than stipulated in service agreements.
The AGO also found that JTC’s rented and leased premises may have been sublet to some 26,000 entities without approval. It also pointed to the illegal storage or sale of diesel to the public at four rented industrial facilities, which could pose environmental and safety risks. Following this, JTC investigated around 2,800 entities and found around 2,010 suspected cases of unauthorized subleasing.
In PUB, the agency’s private sector partner on a project was able to modify parameters in real time on an IT system, which would affect the amounts to be paid by PUB.
Gaps in the management of trade grant programs
In its audit of six business grant programs administered by WSG and ESG, the AGO noted several issues with grant evaluation and approval, as well as disbursement and termination.
For example, he pointed to three cases where individuals or businesses may have circumvented WSG grant requirements and controls. She also found cases of double claims by companies and cases of double financing in different grants. Additionally, there were instances where WSG did not follow up to recover unused grant money in a timely manner.
In the case of ESG, the funds disbursed for certain grants were not in line with the grant guidelines, resulting in an excess or a shortfall. Its officials also had inconsistent practices when evaluating companies’ eligibility.
[ad_2]