Public financial-management-control-and-security-in-the-age-of-transparency

Version 7 section

• brief discussionPublic Financial Management

Control and Security in the Age of

Transparency

SEGURINFO Uruguay 2011

trust

3

Version 7 section

• brief discussion

transparency

Version 7 section

• brief discussion

strategic openness

55

Version 7 section

• brief discussion

trust but verify

Strengthening Public Financial Management through

Transparency in Timor-Leste

Version 7 section

• brief discussion

Version 7 sectionFreeBalance is a global provider of Government Resource Planning (GRP) software for public financial management (PFM)

• Canadian software company ISO-9001/2008 certified

• For Profit Social Enterprise

• 100% focus on government

• Global presence, implemented in 19 countries in North America, Latin America, Caribbean, Africa, Middle East, and Asia/Pacific

• From post-conflict through G8

Who is FreeBalance?

Version 7 section

• brief discussion

FORCES

99

Version 7 section

• brief discussion

globalization

1010

Version 7 section

• brief discussion

transparency

1111

Version 7 section

• brief discussion

citizen services

1212

Version 7 section

• brief discussion

international assessment

1313

Version 7 section

• brief discussion

governance

1414

Version 7 section

• brief discussion

corruption

1515

Government Expenditures as a % of GDP 2006: Non OECD Countries

Version 7 section

• brief discussion

Democratic

Republic of

Timor-Leste

(RDTL)

Objectives

build civil society

build infrastructure

build capacity

build citizen involvement in government

GDP Per Capita (PPP, logs)

UGANDA

PAPUA NEW GUINEA

AU

ST

RA

LIA

-3

-2

-1

0

1

2

3

209 Countries

Norm

alized Government Effectiveness Index

HIGH

LOW

Benefits of Transparency Government Effectiveness and GDP*

* At purchasing power parity

Source: The World

Bank

Higher the government effectiveness

= higher the country GDP Per Capita

GDP Per Capita (PPP, logs)

UGANDA

PAPUA NEW GUINEA

AUSTRALIA

-3

-2

-1

0

1

2

3

207 Countries

Norm

alized Voice and Accountability Index

.

HIGH

LOW

Benefits of Transparency Voice and Accountability and GDP*

* At purchasing power parity

Source: The World

Bank

Higher the government

accountability = higher the country

GDP Per Capita

GDP Per Capita (PPP, logs)

UG

AN

DA

PA

PU

A N

EW

GU

INE

A

AU

ST

RA

LIA

-3

-2

-1

0

1

2

3

204 Countries

Norm

alized Control of Corruption Index

HIGH

LOW

Benefits of TransparencyControl of Corruption and GDP*

* At purchasing power parity

Source: The World

Bank

Higher the control of corruption

= higher the country GDP Per

Capita

Version 7 section

• brief discussion

= stability

Version 7 section

• brief discussion

= investor confidence

Version 7 section

• brief discussionavoid the

resource curse

Version 7 section

• brief discussion

problem

2828

Version 7 section

• brief discussion

transparency - corruption

Version 7 section

• brief discussion

controls - corruption

Version 7 section

• brief discussion

transparency

3131

controls

Version 7 section

• brief discussion

1. Strategic Transparency

Version 7 section

• brief discussion

1.1. International Standards

Version 7 section

• brief discussionIPSAS

International Public Sector Accounting

Standards

Version 7 section

• brief discussion

EITI

Extractive Industries Transparency

Initiative

Version 7 section

• brief discussion

GFS

Government Financial Statistics

Version 7 section

• brief discussion

MTEF

Medium Term

Expenditure

Frameworks

Version 7 section

• brief discussion

1.2 e-Procurement Portal

Version 7 section

• brief discussion

review

39

government

tenders

published

vendor

alerts

tender

results

published

Version 7 section

• brief discussion

1.3. Transparency Portal

Version 7 section

• brief discussion

review

41

10 years of

budget &

financial datadrill down

through the

chart of

accountsoutput in

RTF, Word,

Excel, PDF,

Text, XML,

HTML

http://www.transparency.gov.tl

Version 7 section

• brief discussion

2. Internal Controls

Version 7 section

• brief discussion

Version 7 section

• Chart of Accounts (COA) is key

within governments. Key control

needs include:

•Hierarchical – organizational,

functional, project, budgetary

•Multi-dimensional data access

2.1 Hierarchical Controls

4343

Version 7 section

• brief discussion

Version 7 section

• Sophisticated reporting

• Pro-active monitoring

• Administrative and compliance

needs

2.2 Reporting

4444

Version 7 section

• brief discussion

Version 7 section2.3 Multiple Controls

Multiple controls for the same activity

or function

Version 7 section

• brief discussion

3. Audit

Version 7 section

• brief discussion

Version 7 section

• Same activity can vary within

government ministries, departments

and agencies (MDAs)

• Audit workflow based rules and

procedures for conformity

3.1 Activity

Version 7 section

• brief discussion

Version 7 section

• Roles and responsibilities

•Separation of duties

3.2 Roles

Version 7 section

• brief discussion

Version 7 section

• Non-

repudiation

of data

3.3 Traceability

Version 7 section

• brief discussion

4. System Security

Version 7 section

• brief discussion

Version 7 section

�Physical Security- Lock and Key

� Authentication – Wax Seals and

Stamp

Paper

Version 7 section

• brief discussion

Mainframes

�Physical Security- Lock and Key

� Authentication – User ID and Password

Version 7 section

• brief discussion

Network Security

�Identity Management

�Encryption

�High Availability

Version 7 section

• brief discussion

Version 7 sectionInternet

�Internal and External Site

�Firewalls

�Virtual Private Network (VPN)

�Secure Socket Layer

Version 7 section

• brief discussion

Version 7 sectionCloud

�Data Access Security

�Identity Management

�Regulatory Compliance

�Data Segregation

Version 7 section

• brief discussion

Security Details

5656

Version 7 section

• brief discussion

Data Security

• Protect vital Government Data

• Multiple layers of Encryption

– Data

– Traffic

– Access

Version 7 section

• brief discussion

Data Access Security• Data-based filtering system

• Configurable

• Standalone

• Non-intrusive

• Works jointly with Functional Classes

Data Access Security

• Resides between the Business Logic Layer and the Client Side.

DB DAL BLL

DASUser

Version 7 section

• brief discussion

Security Dimension Types• Chart of Accounts Restriction

• Hierarchical Domain

• Domain Restriction

• Literal Restriction

Version 7 section

• brief discussion

Secure Scripting

– Support for server and client-side validation.

– Strong access control.

– Obfuscation of JavaScript enhances client-side

security

– Stripping of comments and whitespace

– Industry standard SSL technology

Version 7 section

• brief discussion

5. Security Advantages of Open

Source Middleware

6262

Open Source Middleware

• Who are the most vocal proponents of open

source middleware software in the American

government?

• Answer: Department of Defense and Central

Intelligence Agency

• Why?

• Answer: Because they can examine the source

code of the middleware.

• FreeBalance software is not open source so no

one can examine your source code.

• You can’t stop transparency

• Can have transparency and security together

• Public Financial Management and Governance focus

• Electronic funds transfers reduces corruption opportunity

Conclusions