Europese Rekenkamer adviseert verbeteringen aan de EU (en)
The European Court of Auditors i (ECA) assessed whether the Common External Relations Information System (CRIS i) was effective in responding to the Commission’s information needs. In particular, the Court assessed whether CRIS had been designed to respond effectively to the Commission’s needs and whether the information that it provided was reliable. The audit involved a review of the Commission’s documentation for the system as well as the performance of substantive tests on CRIS data.
The ECA concludes that CRIS is mostly effective in responding to the Commission's information needs in the field of external actions. However, after ten years of development, it is still subject to persistent shortcomings. These concern in particular the definition of CRIS's role with regard to the Commission's accounting system, weaknesses in data coding, insufficient effectiveness in ensuring data integrity and, more generally, insufficient security of the system and its data. Some of the observations raised corroborate other observations made in previous Court reports.
The Court makes the following recommendations to make CRIS more effective in responding to the Commission’s information needs:
-
-The intended role of CRIS as an information system should be set out, notably with regard to the Commission’s ABAC accounting system. In particular, the Commission should aim to reduce the duplication of ABAC functions in CRIS.
-
-CRIS data code lists should be rationalised so that they are unique and their data values are mutually exclusive. Moreover, present data quality controls (checks, processes) should be revised and reinforced for effective safeguards ensuring reliable data. Taking into account the large and diverse population of CRIS users, proper attention should be paid to improving the system’s user-friendliness in future CRIS developments.
-
-Responsibilities for the management of CRIS data security should be established. An overall IT risk assessment should be carried out. Due care should be given, particularly to the protection of personal and financial data.
Background: CRIS is the Commission’s information system to support the management of external action. Since this system became operational in 2002, its functions were continually extended. It has now become the main reference information system for management, reporting and documentation of external action, financed both by the general budget and the EDF. CRIS allows all Commission staff involved in external action management, both at headquarters and in EU delegations, to work on a common database. It provides data concerning the different phases of management, from programming to preparation and monitoring, covering both operational and financial aspects of the actions concerned. It also feeds financial data into the Commission’s accounting system ABAC.