Two E-Governance Projects

Sweden and the United StatesThe INTOSAI Working Group on IT Audit

(WGITA)

May 2008

2

What is e-governance (e-gov)?

The government’s use of information technology to communicate with

• citizens,

• businesses, and

• different parts of government

3

What are e-gov projects?

Include

• systems,

• applications,

• processes, and

• infrastructure

4

Two E-Gov Projects Approvedby WGITA

Project 1: E-Gov Risks

Project 2: Performance Auditing E-Gov

5

Project 1: E-Gov Risks

Introduction• E-gov projects have a number of risks that

need to be managed (similar to the risks for IT projects, which have been extensively researched)

• Unless the risks of e-gov projects are managed effectively, the projects may not provide the intended benefits

6

Project 1: Current Set of Risks

• Budgetary barriers limit how much can be allocated to a delivery

• Lack of collaboration between government agencies leads to fragmented solutions

• Lack of common technical infrastructure—including tools, methods, and processes—causes inefficiencies

7

Project 1: Current Set of Risks (continued)

• Little management of user expectations results in user disappointment

• Lack of privacy and security weakens value of e-gov

• Rapid technological change causes use of outdated design, interfaces, or solutions

8

Project 1: Current Set of Risks (continued)

• Designing “for everybody”—not having specific users in mind—results in inefficiencies

• Lack of downsizing for traditional processes means efficiency effects are not realized

• Lack of vision means no clear focus on such factors as what will be delivered, maintained, and supported

• Lack of linking of performance measures to objectives causes inefficient monitoring and evaluation

9

Project 1: Methods, Analysis, and Results

Methods:

• Review the published literature and use the most common risks (partially completed)

• Use other sets of risks recommended by WGITA members

10

Project 1: Methods, Analysis, and Results

(continued)Analysis:

Analyze identified risks

Sort into risk categories

11

Project 1: Methods, Analysis, and Results

(continued) Results:• A reasonable set

of mitigation strategies• A template or some other type of risk

identification and analysis (so that in future audits, information on the types of risks and suitable management can be requested)

12

Project 1: Schedule

By the 2009 WGITA meeting, provide

• a set of e-gov risks and

• mitigation strategies

13

Project 2: Performance AuditingE-Gov

Provide auditors with a set of measures that are typically used to measure the success of e-gov projects after implementation

14

Project 2: Schedule

By the 2009 WGITA meeting, provide

a set of measures to measure the success of

e-gov projects

15

Contacts

• SwedenBjörn Unndallbjorn.undall@riksrevisionen.se

• The United States

Madhav Panwar panwarm@gao.gov