Control Systems in Place to Ensure Proper Oversight and Governance of Public Service Officers from Hybrid Modes of Working
Prime Minister's OfficeSpeakers
Summary
This question concerns MP Melvin Yong Yik Chye's inquiry regarding potential governance risks in hybrid work arrangements and the control systems ensuring oversight of public service officers. Minister for Education Chan Chun Sing stated that the Government maintains high standards through access controls, automated payment systems, and network analytics to detect procurement conflicts. He detailed that public officers must comply with cyber-hygiene requirements for remote access, while independent audits and data analytics are used to identify financial anomalies post-disbursement. To address cybersecurity, all officers undergo annual training and follow best practices for home network security overseen by Agency Chief Information Security Officers and Chief Data Officers. Agencies are also required to engage independent auditors for ICT systems to continuously strengthen governance and adapt processes for the hybrid work environment.
Transcript
75 Mr Melvin Yong Yik Chye asked the Prime Minister (a) whether hybrid modes of working pose a risk of weaker oversight within the public service in areas, such as spending and financial governance; and (b) if so, what are the control systems that will be put in place to ensure proper oversight and governance of public service officers.
Mr Chan Chun Sing (for the Prime Minister): The Government remains committed to upholding high standards of governance and oversight, regardless of the mode of working. The Public Service has a range of controls and checks to safeguard financial processes and data, which will continue to apply in a hybrid work environment. We have also progressively enhanced our measures to ensure that hybrid work does not lead to higher risks in terms of financial controls.
Access controls are put in place to ensure proper governance. For example, public officers who work from home are only able to access central financial systems subject to their compliance with Government data protection and cyber-hygiene requirements. In addition, payment processes in the Public Service have been progressively automated with system controls. This means that invoices are received electronically from suppliers via the electronic invoicing network and this reduces manual handling of paper invoices and the risk of data-entry error by officers. To strengthen governance and oversight, agencies have also adopted network analytics to identify potential conflicts of interest in procurement. Post-disbursement, independent audits and data analytics are also performed to detect any anomalies and verify that funds were channelled appropriately to the intended beneficiaries.
As more public officers access systems remotely in a hybrid work environment, the Public Service has also put in place measures to foster a strong culture of cyber and data security. For example, all public officers are required to go through an annual cybersecurity awareness training. GovTech has published a set of best practices on measures that public officers should take to secure their home network and the secure use of video-conferencing tools when working from home. All agencies also have an Agency Chief Information Security Officer and Chief Data Officer who oversee and take charge of cyber and data security matters in agencies. All agencies are also required to engage independent internal or external auditors to conduct audits on ICT systems that are in operation.
The Public Service will continue to make adjustments to enable hybrid work and continuously strengthen our systems and processes to ensure sound governance.