A recent audit conducted by the Auditor-General’s Office (AGO) found weaknesses in IT controls and numerous other irregularities.
These IT controls include government bodies like the Ministry of Defence (MINDEF), Ministry of Manpower (MOM), and Singapore Customs.
According to The New Paper, these lapses include inadequate monitoring and review of users of IT systems.
External vendors, for instance, had access to sensitive or personal information.
Not A New Issue
What’s even more startling is that this isn’t a new issue.
Speaking to TNP, an AGO spokesman said that “AGO had highlighted similar weaknesses in various public sector entities in its reports for the past few years”.
The spokesman added that the IT controls in the public sector need to be “sufficiently robust to prevent and detect unauthorised access and activities”.
There were a few more concerns about the IT controls.
Firstly, vendor staff have had read-access to personnel and payroll information in MINDEF’s Enterprise Human Resource system for more than two years.
Secondly, 13 vendor staff in MOM had access to view and change data in the work permit and Employment/S Pass databases.
Lastly, seven vendor staff engaged by Customs had access to its IT servers without password authentication. They had access to data such as customs licenses, collections of tax and excise duties.
IT controls were not the only area of concern, however.
AGO’s review of MINDEF’s activities found that it had overpaid 12 RSAF pilots over $270,000 in flying allowances.
One pilot was paid wrongly over six years, while another two were underpaid. MINDEF has since recovered the incorrect payments.
AGO also found irregularities in the quotation documents submitted by contractors to the Ministry of National Development (MND) and the Urban Redevelopment Authority (URA).
For MND, AGO discovered irregularities in 49 out of 71 work orders amounting to around $320,000.
Similar inconsistencies were found in one infrastructure project for the URA.
Both MND and URA have since made police reports.
There were also lapses in the approval of 142 contract variations, worth $12.4 million, in the National Gallery development project, managed by National Gallery Singapore.
Measures To Be Taken
The National Gallery said it is reviewing its processes and policies. They have also taken measures to recover the overpayments from the contractors.
AGO’s findings show that IT controls have to be improved and contractual transactions better managed and supervised.