The Auditor General, Mr. Charles Deguara, today presented to the Speaker of the House of Representatives, Hon. Anglu Farrugia, the National Audit Office (NAO) report entitled “IT Audit: Active Ageing and Community Care”.
The report included a review of the IT systems and infrastructure utilised by the Active Ageing and Community Care (AACC) in Malta. The audit aimed to determine whether the AACC had the necessary controls in place to maintain the confidentiality, integrity and availability of data, ensure the efficient use of IT resources, as well as to identify any potential risks and make the necessary recommendations to mitigate such risks.
The key findings and recommendations made by the NAO in this audit report, were essentially the following:
• As the AACC does not yet have a formal IT strategic plan, the NAO recommended that such a plan is to be drafted.
• The NAO noted the urgent need for additional IT officers to reduce the dependency on one official and ensure proper segregation of duties.
• Recommendations were made by the NAO in relation to cable management, air-conditioning, temperature/humidity monitoring, smoke detectors and physical access controls in some of AACC’s IT network rooms/areas.
• Backups of AACC offline user and generic email boxes are to be backed up regularly.
• AACC should ensure that roles and responsibilities related to the administration of the new core IT system being implemented, are clearly defined in the agreement once the system is fully commissioned.
• The NAO recommended that meetings with the IMU-MSPC and the software developer are held to discuss system/infrastructural adjustments that may be required to ensure continuous availability and adequate performance levels when the system is working at full capacity.
• The entity needs to conduct an IT business impact analysis in order to draft related IT business continuity and recovery plans.
• The NAO recommended that the AACC reviews the physical access controls present in all its premises including the residential homes and day care centres in order to ensure the current measures are adequate and updated with the latest available technology.
• NAO recommended regular reviews of the fire detection and suppression systems in all AACC sites.
Overall, the NAO commended the fact that the AACC was investing in a holistic project for the creation of a new digital platform and the adoption of a new software application which will cover the majority of AACC services.
To view report (.PDF) please follow link.