Back to list
23 June 2020

The auditor requires improvements be made to security of statistics systems information

Foto raporti

The National Audit Office (NAO) has published the audit report on information technology “Governance, Operations Management and Security of IT Systems in the Kosovo Agency of Statistics”. We carried out the audit of this Agency which is in charge of, distributor, and coordinator of official statistics of Kosovo. This audit includes 2019-2020 period and its objective was to assess the organisation and governance of Information Technology regarding data security controls, applications controls and maintaining of data integrity.

The audit results have shown that the Agency, through information technology systems, has managed in general to implement and publish statistical projects foreseen by the publication plan. However, it has not established the necessary mechanisms for general controls over IT, which includes the environment wherein activities were developed, operated, managed and maintained.

There is a lack of adequate IT needs assessment, inadequate segregation of duties and responsibilities among staff and insufficient IT staff. Moreover, management of IT activities is not sufficiently based on policies, procedures and operating processes.

The Agency has not taken sufficient steps to ensure that information is not exposed to unauthorised parties. Policies addressing information security issues were missing and staff’s awareness on the general requirements on information security has resulted to be deficient.

The Auditor General of Kosovo, Besnik Osmani, highlighted that audit outcomes indicate that issues related to information security about statistical systems need to be improved. In particular, information technology systems need to be strengthened prior to the initiation of important processes envisaged for 2021, such as the census of population, household economy, and housing.

Osmani said that given the importance of statistics at the national level, the National Audit Office recommended the Government of Kosovo to address particular issues related to information security and capacities of Kosovo Agency of Statistics. He also said that 13 recommendations were made to the Kosovo Agency of Statistics in order to quickly address the issues related to the management and governance of information technology within the Agency.

You may read the full report here vegëz.