The House today continued the deliberation on the Public Accounts Committee’s Review Report on the Royal Audit Authority’s Performance Audit Report on Preparedness for Cybersecurity and its recommendations in the Joint Sitting of the Parliament today.

The findings of the performance audit have led to several recommendations aimed at addressing existing issues and guiding effective management strategies. Firstly, the GovTech Agency is advised to enhance the institutional and regulatory framework for Cybersecurity. This involves establishing strong leadership, forming institutional connections among policymakers, regulators and implementers, and expanding the role of existing regulators with adequate personnel skilled in cybersecurity. 

Additionally, the agency should expedite the finalization and implementation of the draft National Cybersecurity Strategy, identify and safeguard Critical Information Infrastructures (CII), review and strengthen existing legal frameworks, and enforce robust mechanisms for data privacy and protection, including the development of protocols to safeguard sensitive information. These recommendations are to serve as a comprehensive roadmap for enhancing cybersecurity measures and ensuring effective management of critical data.

The member from Lamgong-Wangchang raised concerns about the security risks posed by extensive use of counterfeit softwares even in the key institutions like the Parliament and Judiciary. He suggested the need to promote the use of authentic softwares to ensure security and privacy. 

The Chairperson of National Council, Thridzin Sangay Dorji iterated that the report seemed more inclined towards the governance aspects among the three pillars to strengthen cybersecurity with less emphasis on human resources and technology aspects.

The PAC’s Deputy Chairperson, Hon’ble Dawa, acknowledged the use of counterfeit softwares in many agencies owing to its easy access but clarified that the IT officers working in various government agencies use anti-virus softwares to enhance data security and privacy. He also stated that even the GovTech Agency is grappling with a shortage of human resources and technology. 

With the advancement of the country, the cloud data should be considered the country’s asset and the government needs to guide, direct and provide training to the private multimedia entities to enhance their capacity, said the member from Athang-Thedtsho constituency. He also recommended the need to invest in capacity building of the GovTech Agency to counter cybercrimes. 

The member of PAC, Hon’ble Jamyang Namgyal, reported that the GovTech agency has carried out several advocacy programs in about 20 schools and various government agencies despite its scarce human resource. 

The Opposition Leader expressed his concerns regarding the lack of preparedness in ensuring cybersecurity, the shortage of manpower, and the associated risks related to the ensuing launch of the National Digital Identity (NDI) and private data of individuals.

The Joint Sitting, after lengthy deliberations, adopted the seven recommendations on the Performance Audit Report on irrigation Systems and five recommendations on the Performance Audit Report on Preparedness for Cybersecurity tabled by the Public Accounts Committee with all the 67 members present voting in favor for all the recommendations.  

The recommendations made by the Committee are available on our website, under committee reports.