Ensuring proper governance in a hybrid working environment

14 FEB 2022

Written Reply to Parliamentary Question on ensuring proper governance in a hybrid working environment

Parliamentary Sitting: 14 February 2022

Mr Melvin Yong Yik Chye: To ask the Prime Minister (a) whether hybrid modes of working pose a risk of weaker oversight within the Public Service in areas such as spending and financial governance; and (b) if so, what are the control systems that will be put in place to ensure proper oversight and governance of public service officers.

Written Reply by Mr Chan Chun Sing, Minister for Education and Minister-in-charge of the Public Service.

The Government remains committed to upholding high standards of governance and oversight regardless of the mode of working. The Public Service has a range of controls and checks to safeguard financial processes and data, which will continue to apply in a hybrid work environment. We have also progressively enhanced our measures to ensure that hybrid work does not lead to higher risks in terms of financial controls.

Access controls are put in place to ensure proper governance. For example, public officers who work from home are only able to access central financial systems subject to their compliance with Government data protection and cyber-hygiene requirements. In addition, payment processes in the Public Service have been progressively automated with system controls. This means that invoices are received electronically from suppliers via the electronic invoicing network, and this reduces manual handling of paper invoices and the risk of data-entry error by officers. To strengthen governance and oversight, agencies have also adopted network analytics to identify potential conflicts of interest in procurement. Post-disbursement, independent audits and data analytics are also performed to detect any anomalies and verify that funds were channelled appropriately to the intended beneficiaries.

As more public officers access systems remotely in a hybrid work environment, the Public Service has also put in place measures to foster a strong culture of cyber and data security. For example, all public officers are required to go through an annual cybersecurity awareness training. GovTech has published a set of best practices on measures that public officers should take to secure their home network, and the secure use of video-conferencing tools when working from home. All agencies also have an Agency Chief Information Security Officer and Chief Data Officer who oversee and take charge of cyber and data security matters in agencies. All agencies are also required to engage independent internal or external auditors to conduct audits on ICT systems that are in operation.

The Public Service will continue to make adjustments to enable hybrid work and continuously strengthen our systems and processes to ensure sound governance.