Government IT still under resourced

(CNS): The government is still not investing enough in information technology to ensure its future security or the necessary systems required to move towards comprehensive e-government services. Computer services is still operating on half the budget it had in 2009 and is still under resourced, despite warnings from the Office of the Auditor General (OAG) going back to 2012 that not enough was being invested in technology and government was not making IT security a priority.

Appearing as a witness before the Public Accounts Committee (PAC) on Friday, the acting chief officer in the home affairs ministry, Wesley Howell, revealed that more than five years ago the Computer Services Department had double the budget it has this year, at a time when IT security threats are greater than ever and there is an increasing demand for government to move online.

The OAG first reviewed the management of government’s IT in 2012 and the auditors warned then of the vulnerability and failures in the management systems, but that report was kept under wraps in order to give the government a chance to address it without advertising the weaknesses and failings. But when after a second review three years later the audit office found that nothing had changed, they chose to go public last year.

Howell told PAC that there was now a plan in place and an expert had been recruited to head the CSD. He said steps had been made towards a national framework but there was still not enough resources and a lot of work to do.

The committee heard that, given the work ahead, it would be some time before government’s goal of delivering services online would be realised. Howell said that after years of significantly “strained resources” as well as difficulties filling the top job at the Computer Services Department because of recruitment difficulties in a competitive market, it was taking time to deal with the challenges.

He added that there needed to be a “radical change” to the budget for IT because the lack of investment in security and technology was a problem, not just for CSD but the whole of government.

Departments are operating in silos and government systems are not being linked or communicating with each other, Howell noted and warned of continuing risks. He said that while the department had been concentrating on security recently to address the concerns raised in the audits, just six of the priority concerns had been addressed.  The rest, he said, were works in progress and he was hoping there would be more cash coming in the next budget for 2016/17.

He said the main challenge had been to “stop the bleeding on the most exposed risks” and put in risk management strategies for CSD and, as a result, government IT systems were now in a much better position than when the audit was done, a position the auditor general agreed with.

But Howell pointed out how the need to concentrate on security had delayed the rollout of e-government, which PAC Chairman Ezzard Miller pointed out had been talked about for years with no results. He said there were around three dozen online services but until all of the security issues were fixed, there would be no new e-government services.

IT Audit Report 2015 – PAC opening comments by acting auditor general, 26 Feb 2016

Related story: Government faces serious IT security threats