SA agencies wasting money on legacy software


By Dylan Bushell-Embling
Thursday, 10 September, 2020


SA agencies wasting money on legacy software

The South Australian Auditor General has identified a number of control deficiencies in its latest annual audit into the government’s IT systems and the status of selected IT projects.

The investigation identified 120 deficiencies across the 13 systems in use by 10 agencies evaluated during the audit. Of these, two issues were deemed high risk and 60 deemed medium risk.

According to the Auditor General's report, most of the control deficiencies identified in the 2019–20 ITGC reviews — representing 64% of total findings — related to the management of user access, passwords and audit logging.

The two high-risk deficiencies were related to segregation of duties conflicts and insufficient access to application source code respectively.

Other deficiencies identified include change and disaster recovery management processes, patch management and backup management processes.

The auditor has made recommendations including implementing and reviewing audit logging, developing and regularly reviewing formal disaster recovery plans and strengthening password management practices — complete with regular reviews of password setting policies.

Another area highlighted in the report is the challenge agencies are facing in maintaining legacy systems.

The audit found that it cost sampled agencies at least $20 million in additional vendor costs to maintain legacy systems.

There were 215 legacy applications in operation at the sampled agencies, with many of them over 10 years old.

Even more concerningly, only 59% of these systems were under vendor support arrangements, even though agencies considered many of them to be key business applications.

Of the full listings of operating systems and databases in use by the agencies, 1266 of the 5602 operating system instances and 219 of the 1928 databases were considered to be legacy.

Image credit: ©stock.adobe.com/au/reshoot

Related News

Department of Defence renews archTIS software subscription

The Department of Defence has renewed its annual software subscription licence for the NC Protect...

UK Police blame "human error" for record deletion

The UK Police National Commissioner has attributed the accidental loss of 150,000 police records...

NASCIO unveils 2021 US federal advocacy priorities

The US National Association of State Chief Information Officers is calling for harmonised federal...


  • All content Copyright © 2021 Westwick-Farrow Pty Ltd