Information Systems Audit also is the process of deriving assurance on whether the development, implementation, support and maintenance of information systems meets business goals, safeguards information assets and maintains data integrity. The CAG examines the implementation of IT systems and IT controls to ensure that the systems meet the government entities’ business needs without compromising security, privacy, cost, integrity of data, availability of data and other critical business elements.

Audit reports issued by CAG on Information Systems Audit

The results of Information Systems Audit are communicated through various reports as explained below:

  • Management letters which communicates audit findings and recommendations to the management of the audited entities;
  • Annual General Audit Reports which consolidate key audit findings from management letters of different audited entities and general recommendations addressing to the Government as a whole.