2023 Working Group on Information System Audit and Management (WGISAM) Meeting

By Brighton Mpatisha – WGISAM Chair

In 2023, the AFROSAI-E Capacity Building Subcommittee recommended that SAIs identify and audit critical information systems and use relevant technology to improve audit coverage. This year’s WGISAM meeting theme directly responded to this recommendation.

The WGISAM annual meeting took place from 25 – 29 September 2022 in Windhoek, Namibia. Thirty Information Systems (IS) auditors and IS management experts from 12 SAIs attended the meeting. The theme was leveraging technology to make a difference in the lives of citizens. The meeting aimed to share SAI experiences on this theme, focusing on auditing critical information (government) systems.

In addition to the main theme discussion, participants deliberated on several significant topics, including:

  • Responding to key information systems.
  • Supporting audit of critical information systems.
  • Use of technology to improve audit coverage.
  • Future-ready/relevant SAI.
  • Application of data analytics (big data) in auditing key information systems.

The meeting saw diverse presentations from the World Bank and Namibia’s Ministry of ICT. These discussions centred on digitalisation and highlighted the pivotal role that SAIs can play in facilitating the digital transformation of government systems.

The meeting provided an opportunity to discuss the preliminary INTOSAI Guidelines for Performance Evaluations of Information Systems Exposure Draft, a project in which AFROSAI-E actively participates as a team member. Further discussion by WGISAM focused on how SAIs can conduct performance evaluations of these critical systems.

Participants also thoroughly examined the AFROSAI-E cyber security guides recently approved for exposure.

The team came up with several resolutions to both the Auditors General and the overall operation of the working group. The primary outcomes from the meeting are summarised below:

Recommendations to AGs

  • Continue with knowledge sharing and research using big data and audit of critical information systems.
  • Build capacity for IS auditors in performance evaluation of Information Systems through coordinated audits and work with performance auditors.
  • Share SAI’s journey to digitalisation and the challenges encountered. Further, look at how SAIs can contribute to digitalisation in governments:
    • Consider ways to join and contribute to the African Union digital working group. 
    • Gather information on the digital economy for Africa and consider implications for SAIs. 
    • Digital transformation assessment for SAIs.
    • Include digital transformation on AG’s agenda.
  • Review and conceptualise the World Bank GovTech Maturity Index as part of SAI strategies to assess country digitalisation.

Resolutions on operations of the Working Group  

  • Individual members will be tasked with specific subgroup activities, and for improved coordination, research assignments will be distributed to pairs from the same SAI.
  • Each subgroup should incorporate cybersecurity as a discussion topic to explore solutions for addressing the current challenges SAIs encounter.
  • Ensure that the Working Group is visible on the AFROSAI-E website and frequently updated.