IT Control Objectives for Implementing the Public Finance Management Act in South Africa

Article excerpt

Introduction

The interests of organisations in the public sector differ from those of the private sector. While the private sector is driven by business survival, the public sector is driven by political survival. However the mechanisms that are used to enhance business goals in both sectors do not significantly differ. While an issue like profit is not a main stream government concern, another issue like governance and its attendant appendages like accountability, efficiency, effectiveness and value for money are cross-sector concerns, catching the attention of both the private and the public sector. While the private sector is concerned about the newly proposed Companies Bill that will implement more stringent Corporate Governance in South Africa, the public sector is concerned with the Public Finance Management Act (PFMA). The requirements of these two are not that different. The issues that arise in both regulations are governance based referring to efficiency, effectiveness, transparency, financial reporting and high standards of corporate governance. Both legislations necessitate the design and implementation of IT mechanisms for internal control. The concern of this paper is the design and implementation of IT mechanisms for internal control to enhance South African government departments' compliance with the provisions of the PFMA.

The propositions of this paper resulted from a research study that used a two pronged approach. The first part included a literature study to establish whether COBIT could be used to guide the implementation of the PFMA. The second phase included in-depth interviews to identify those aspects of the PFMA that are considered important for IT's intervention as an enabler of the design and implementation of internal control over financial reporting for the PFMA.

This paper will present a brief background of the PFMA. Then a similar regulation, the Sarbanes-Oxley, will be presented to set a background for illustrating how COBIT has met the IT control needs in another regulated environment. Internal control and IT governance are discussed as a prelude to the exploration of COBIT's potential for implementing the PFMA. After the exploration of this potential, then the IT controls for PFMA will be presented. Compliance oriented architecture as a result of optimised PFMA implementation using COBIT will be presented before concluding.

Background

The PFMA is a legislation that was passed by the first democratic government in South Africa. The Act aims at proper financial management in order to ensure effective service delivery through the effective and efficient use of available national resources (Department of Public Enterprises, 2002, p. 21). The PFMA consists of the following components:

* Risk management.

* Asset management.

* Financial management and Budgeting.

* Performance management.

* Procurement, provisioning and Third Party Services.

* Legal compliance.

* Financial Reporting and Record Management.

* Medium Term Expenditure Framework.

* Strategic & business planning.

The main objective of the PFMA is to secure transparency, accountability, and sound management of the revenue, expenditure, assets and liabilities of the institutions to which this Act applies (PFMA, 1999, section 2).

Dickovick (2004, p. 33) explains this object clearly that the South African government aimed at curbing the over-expenditure of the provinces and public entities, which includes the national departments. He asserts that central government efforts to limit overspending culminated in the PFMA of 1999, which was, inter alia, designed to improve expenditure management by requiring provincial governments to submit periodic reports to the central government.

The stages of expenditure leading to the PFMA have been analysed by Dickovick (2004, p. …