“The senior leadership of the public service is accountable and committed to addressing the lapses identifies, resolving the problem at the root and preventing future recurrence,” said Second Minister for Finance Indranee Rajah said in Parliament on Monday (5 October) when answering questions about the Auditor-General’s report for the financial year 2019/2020 which highlighted weaknesses in IT controls.
Specifically, these weaknesses were in the areas of reviewing the activities of privileged users and managing account and user access rights.
Ms Rajah emphasised that actions have been taken at the whole of government level to address the gaps identified in the report.
Noting that these observations by the AGO were also raised in previous reports, the Minister that solutions are in the works for the over 2000 government IT systems—which were built by different vendors over the years using different technology.
This includes automating the processes of reviewing privileged users’ activities as well as managing user accounts when an officer moves to another portfolio, which is currently being done manually and is prone to human error, said the minister.
Automating processes will take time
Ms Rajah revealed that the Smart Nation and Government Digital Group (SNDGG) is developing systems to automate these processes and minimise errors which were identified. Though she added that full implementation of these solutions to the entire government network will take time, given the volume of IT systems that have to be dealt with across ministries and agencies.
“SNDGG has started a pilot with some agencies and the tool will be progressively deployed from January 2021. This will be fully implemented for high priority systems by Dec 2022 and all remaining systems by Dec 2023,” said Ms Rajah.
The minister went on to say that the solution for automating the management of account and user rights, on the other hand, has been taken up by 38 agencies so far, with SNDGG working on enhancing the solution further.
“This system will be implemented for 800 high priority systems by December 2023 and all remaining systems by December 2024,” she said, noting that “when officers are freed up from manual tasks, they are better able to focus on aspects of cybersecurity and data protection that cannot be replicated by a machine.”
Educating public officers on good governance and practice
Beyond the digital solution, Ms Rajah also noted that SNDGG is stepping up efforts in educating public officers on the importance of strong ICT governance and security controls, as well as to have the right habits and instincts.
She noted that all public officers are already required to undergo an annual cyber and data security training.
Beyond that, she noted that the recurrent lapses highlighted in the AG’s report pertain to more complex types of procurement such as IT and construction.
The minister stressed, “Managing these complexities require not only technical skills but experience and judgement which require long term efforts to build up.”
“To address this, we have been stepping up efforts in recent years to strengthen the competencies and capabilities of public offices in managing the procurement process,” she added.
This includes ramping up training for officers on the evaluation and approval of tenders, providing additional guidance to approving authorities—which will be available starting 2021—and requiring officers involved in the procurement process to complete a compulsory e-learning module which is supplemented with regular refreshers and updates on new policies and practices.
As for construction, Ms Rajah also announced that the Building and Construction Authority (BCA) is developing a framework to train public officers in managing construction contracts, noting also the good practice guide released by the BCA and Ministry of Finance (MOF) last year “containing practical advice on the management of variation orders and how to spot fraudulent quotes.”
She explained, “To enhance governance, we will track agencies performance in management based on a set of governance indicators,” adding that the MOF and Civil Service College has also jointly established a finance and procurement academy this year to better equip procurement officers with the relevant skills.
“The academy will work with technical agencies such as BCA and GovTech to not only conduct formal training but also promote informal learning such as through practitioner sharing and mentorships. It will also support our officers in continual learning to keep abreast of developments in finance, procurement and contract management policies and practices.”
Similar efforts are being made to develop finance capabilities in public officers, from the already-implemented induction course to refresher milestone programs and forums.
Holding senior public offers accountable to a higher standard
Finally, Ms Rajah emphasised that the MOF regularly briefs senior management on the importance of public accountability.
She said, “Let me say, public officers are expected to be accountable for their actions and decisions and this includes maintaining high standards of compliance with guidelines and procedures as they perform their duties.”
“We place high expectations on the senior leadership if the public service who are entrusted to be stewards of public resources. They must uphold strong governance and accountability in their organisations.”
She continued, “These expectations are spelt out in the form of leadership competencies and responsibilities which are conveyed to all senior public service leaders in ministries and statutory boards,” adding that leaders are evaluated against these expectations as part of their performance reviews.
She further added, “Depending on the nature and cause of the incident, appropriate disciplinary action may be taken as well.”