The first IT Audit Champions Programme concluded in July with the 3^rd module workshop, held in Kigali, Rwanda. 

Governments within the AFROSAI-E region have embraced technology by digitising their existing processes and services. Some have gone the extra mile to use digital technologies to fundamentally re-design and transform their business models. This rapid change and sophistication of technology has however come at a cost. There are many cases of fraud being committed using information technology hence, the need to equip the IT auditors with skills to audit the ever-evolving IT environment.

We regret to inform you that Mr Stephenson Kamphasa’s term as Auditor General of SAI Malawi ended on 11 June 2018.

Also, in sad news from SAI Zambia, Mr Ron Mwambwa, who had been acting Auditor General for the last three years, has also left the SAI. 

ISSAI 12: Value and Benefits of SAIs, requires SAIs to communicate their audit messages clearly and understandably, to enable effective oversight and; to lead by example in exercising their mandate. This month we highlight two reports from member SAIs that demonstrates their commitment to these ideals.

The Peer Review Subcommittee of the INTOSAI Capacity Building Committee, held a conference in Bratislava in June 2018. AFROSAI-E CEO, Meisie Nkau, attended the conference.

The conference created an opportunity for SAIs and regional organisations to share experiences, good practices and different peer review mechanisms and tools. Meisie used this opportunity to share the AFROSAI-E mechanism namely the Institutional Capacity Building Framework (ICBF) annual self-assessment tool, which is complimented tri-annual quality assurance reviews.

Penetration testing as a defence mechanism against cybercrime

The increase of information systems has brought with it many new developments to increase the efficiency and effectiveness of business processes. But, it has also brought major challenges. Among the most concerning is the concern of cybersecurity in organisations and government institutions and the threat of cyber-attacks against productivity systems.

In defence against these cyber threats, organisations need cybersecurity expertise to detect, prevent and investigate cyber threats.