Audit of strategic affairs with a view to the future

The State Comptroller: “I will examine the preparedness of government ministries for a cyberattack”

  • Comptroller Englman has instructed the professional teams to focus on national computerized systems that store personal details belonging to the general public. Any leak of this data to unauthorized persons is liable to hurt the public and the state.

  • The examination will assess the robustness of the biometric database, as in the smart ID card system, the driving license database, the rav-kav public transportation ticket database and more.

 

State Comptroller Matanyahu Englman has begun implementation of the “constructive audit reform”, which stresses examination of national strategic affairs, by weighing of risks and challenges faced by government ministries and authorities. Within this framework, Comptroller Englman recently directed the professional teams in his office to include in the annual audit program, and by looking to the future, strategic affairs that may potentially harm Israeli security and critically affect the public.

Thus, for example, as part of this audit program, the preparedness of government ministries and authorities for cyberattacks and damage to various computerized systems will be examined. The comptroller stressed that with the advancement of the technological era, with both its increasing advantages and disadvantages, the IT audit must be deepened to include audit of the cyber dimension, which constitutes a major future challenge. 

The examination will assess, among others, the robustness of the national computerized systems such as the biometric database, the smart ID card system, the driving license database, and the rav-kav public transportation ticket database. These systems, used by assorted authorities, contain personal data of the general public and any leak of this data to unauthorized persons is liable to hurt the public and the state.

IT audits examine the preparedness of computerized systems and the entities in charge of operating them for cyber events, with the emphasis on the area of information security, which is the core problem of the activities of these bodies in today’s technological era. The audits use advanced computerized tools that allow analysis of the databases in the audited bodies.

To facilitate deepening of IT audits, the comptroller has called for updating of the human resources skill mix in the Office of the State Comptroller, including recruiting computer and information system experts whose expertise will enrich the audit work.