​Auditor General Charles Deguara presented the National Audit Office (NAO) Report entitled “Information Technology Audit – Department of Examinations" to Speaker Anġlu Farrugia. The scope of this Information Technology (IT) audit was to analyse the overall IT setup of the Department of Examinations (DoE) focusing mainly on the core IT systems.


Essentially this report included the following key findings and recommendations:


  • The NAO noted that the DoE did not have a formal IT strategic plan nor specific annual IT budget, and thus recommended the drafting of such a plan and possibly the allocation of budget estimates following discussions with the Ministry for Education (MFED)'s Information Management Unit (IMU-MFED).


  • Given the lack of a dedicated IT unit at the DoE, the NAO recommended that the engagement of at least a full time IT officer should be considered.


  • In view of the fact that DoE officers use the shared network-drives, external portable hard drives or pen drives to backup data, the NAO recommended that the DoE revises the current backup procedures adopted by DoE officers and issues clearly defined guidelines or policy.


  • Considering the ICT investments made by the MFED, the NAO recommended that DoE management discusses and liaises with the IMU-MFED to get a thorough overview of the existing pool of MFED's education IT systems, which may contribute to the further automation and facilitation of DoE business processes and functions.


  • The NAO recommended that the DoE considers enhancing its reach and accessibility to the public through the use of social media platforms.


  • Given that the DoE was preparing to relocate its offices to a new site subsequent to audit testing, the NAO recommended that all efforts must be made by the DoE to ensure that as a minimum, the level of physical access and CCTV related controls present in the previous offices are maintained in the new location. The same applies for the level of fire prevention and suppression controls.


  • The NAO recommended that the DoE starts working on a Business Continuity Plan and Disaster Recovery Plan.  This would include the possibility of using an alternative site (such as an office within an MFED building) to access DoE systems, which are hosted at the Malta Information Technology Agency (MITA), should the DoE offices be unavailable due to a disaster.


This Report may be accessed through the National Audit Office website or Facebook page