Report of Mr.C.G.Somiah, Comptroller and Auditor General of India and Chairman of the INTOSAI Standing Committee on EDP Audit to the 39th Governing Board of INTOSAI

Mr. Chairman and Distinguished Members

1. I have the honour to present this report on the INTOSAI Standing Committee on EDP Audit.
2. This Standing Committee which today comprises of representatives from fourteen Member SAIs, had its first meeting at Washington in October 1992, where three working groups were formed and convenors for these groups identified.
3. Since my last report to the 38th Governing Board of INTOSAI in May 1993 ( a copy of which is enclosed as Annexure), the Committee held its second meeting in October 1993 at Ottawa to consider the action plans prepared by the working grouops, identify projects, establish priorities and develop work plans for each project. Nine projects with specific time schedules for implementation were approved for the three working groups at this meeting. In addition, SAI-India was required to bring out an EDP Directory based on responses from SAIs to an EDP Survey. The Committee at its meeting in Ottawa, also interacted with the INTOSAI Development Initiative (IDI) and they agreed to help the Committee in the development of an EDP Audit Training Curriculum and also to approach the World Bank and the Regional Funding Institutions for financial support for organising relevant training programmes.
4. At the third meeting of the Committee, held at New Delhi on August 25-26 1994, five projects were approved for dissemination among INTOSAI members. These were:-
  1. INTOSAI EDP Directory
  2. Information System Security Review Methodology
  3. Guide to Developing IT Strategies in Supreme Audit Institutions
  4. IT Audit Training Curriculum
  5. The first issue of an Information Technology Journal called "intoIT"

Executive summaries of these five products are enclosed.
5. Progress on the other five projects approved at Ottawa in October 1993, was reviewed at this meeting. These projects were:-
  1. Guide on Audit of Electronic Data Interchange (EDI) and Electronic Authorisation and Access (EAA)
  2. Guide on Funding
  3. Utility of CD-ROM for dissemination of information
  4. Reference list of Material on Performance Auditing
  5. Seminar on "Future Risks and Opportunities in the field of IT Performance Auditing"
6. New project proposals would be taken up at the next meeting of the Committee at Stockholm, Sweden in March 1995.
7. The mjaor problem faced by the Committee was in resolving the manner of dissemination of its publications to all members of INTOSAI, the issue being translation into the INTOSAI languages. The Committee was faced with the problem for the first time when the EDP Survey Questionnaire had to be circulated but this was resolved with the assistance of Austria and Kuwait in the translation work, as the document to be translated was relatively small. On the Journal "intoIT", which would be an important vehicle for dissemination of the salient features of the Committee's outputs, and where IT-related issues would be brought out periodically, we had sought the advice of the Secretaries General of the Regional Working Groups of INTOSAI, regarding the mode of distribution of the Journal. Four of the groups, namely ASOSAI, SPASI, CAROSAI and OLACEFS have indicated that they do not feel the need for translation of the Journal into other languages. ARABOSAI had indicated that they would submit this issue for the consideration of their Executive Council which was scheduled to meet in September. EUROSAI have stated that due to budget restrictions, they would not be able to assist the committee. AFROSAI have not replied to our references on this issue.
8. The output of the Committee in the shape of documents and the copies of the Journal to be circulated is quite large, but it has neither the expertise nor the resources required for translation of all its products into the INTOSAI languages. After detailed discussion about this issue, the Committee has decided to recommend that it could circulate its publications and outputs in English to the English knowing SAIs and request the INTOSAI Secretariat to make the translations, for distribution to other SAIs. If the INTOSAI Secretariat is unable to extend its assistance, the respective Secretaries General would be requested to arrange circulation amongst their non-English knowing members as appropriate. We seek the advice and guidance of the Governing Board of INTOSAI as to which of the two alternate suggestions should be adopted by Committee.
9. At its meeting at New Delhi, the Committee also decided to send copies of the IT Audit Training Curriculum, the Information System Security Review Methodology and the Guide to Developing IT Strategies in SAIs to the INTOSAI Development Initiative (IDI) for exploring the possibility of formulating specific training programmes and incorporating in the IDI training plan for 1996-98. The Committee would pursue the matter further with IDI to see whether IDI's training programmes can address the IT Training needs of SAIs and also take into consideration the local requirements of the different regional groups of INTOSAI.
10. One of the projects approved by the Committee at its Ottawa meeting was the development of a guide on funding. A draft approach paper has now been prepared, documenting the substantive reason to convince prospective international donors that the funding of SAIs is a priority worth their consideration. This approach paper, after revision to incorporate suggestions of Committee members, would be sent to the INTOSAI Secretariat for advice on the future course of action and approach to be adopted on this issue.
11. My colleagues in the Committee and I thank the Chairman, Secretary General and members of the Governing Board for their guidance, encouragement and support to the Committee.

Thanks to the hosts.

ANNEXURE `A’

List of members of the INTOSAI Standing Committee on EDP Audit

ANNEXURE `B’

List of Members of Working Groups of INTOSAI Standing Committe on EDP Audit

 

Back to Reports Index