EUR-Lex Access to European Union law
This document is an excerpt from the EUR-Lex website
Document 52010TA1214(04)
Report on the annual accounts of the European Network and Information Security Agency for the financial year 2009, together with the Agency’s replies
Report on the annual accounts of the European Network and Information Security Agency for the financial year 2009, together with the Agency’s replies
Report on the annual accounts of the European Network and Information Security Agency for the financial year 2009, together with the Agency’s replies
OJ C 338, 14.12.2010, p. 16–21
(BG, ES, CS, DA, DE, ET, EL, EN, FR, IT, LV, LT, HU, MT, NL, PL, PT, RO, SK, SL, FI, SV)
|
14.12.2010 |
EN |
Official Journal of the European Union |
C 338/16 |
REPORT
on the annual accounts of the European Network and Information Security Agency for the financial year 2009, together with the Agency’s replies
2010/C 338/04
CONTENTS
|
|
Paragraph |
Page |
|
INTRODUCTION … |
1-2 |
17 |
|
STATEMENT OF ASSURANCE … |
3-12 |
17 |
|
COMMENTS ON THE BUDGETARY AND FINANCIAL MANAGEMENT … |
13-15 |
18 |
|
OTHER MATTERS … |
16-17 |
18 |
|
Table … |
19 |
|
|
The Agency’s replies … |
21 |
|
INTRODUCTION
|
1. |
The European Network and Information Security Agency (hereinafter ‘the Agency’), located in Heraklion, was created by Regulation (EC) No 460/2004 of the European Parliament and of the Council of 10 March 2004 (1). The Agency’s main task is to enhance the Union’s capability to prevent and respond to network and information security problems by building on national and Union efforts (2). |
|
2. |
After the adoption of two amending budgets, the Agency’s final 2009 budget was 8,1 million euro, compared with 8,4 million euro the previous year. The number of staff employed by the Agency at the end of the year was 57 as compared with 58 the previous year. |
|
12. |
The comments which follow do not call the Court’s opinions into question. |
COMMENTS ON THE BUDGETARY AND FINANCIAL MANAGEMENT
|
13. |
The appropriations carried forward to the following year amounted to 19 % of the budget. In particular, 41 % of operational appropriations (Title III) were carried forward to 2010 mainly due to delays in two big projects. This situation indicated delays in the implementation of the activities financed from the Title III and was at odds with the budgetary principle of annuality. |
|
14. |
One budget transfer (12) between titles was made without informing the Management Board and without obtaining its prior consent, contrary to the budgetary principles of specification. |
|
15. |
The inventory of fixed assets was managed using a spreadsheet, which did not guarantee the integrity of the data. No exhaustive physical inventory was made and the correctness of the accounting records was not ensured. |
OTHER MATTERS
|
16. |
With regard to staff selection procedures, neither the thresholds that candidates had to meet in order to be invited to interview nor those necessary to be put on the reserve list were fixed in advance. They were set by the selection boards after the evaluation and ranking of the candidates. These practices put at risk the transparency of the recruitment procedures. |
|
17. |
With regard to procurement procedures, in one case (13), services not provided for by the contract were requested. In two other cases (14), errors (use of incorrect quality-price weightings and wrong value for the financial offer) were made during the awarding phase of the contracts. There is room for the Agency to strengthen its internal controls to make sure that contracts and procurement procedures are correctly applied. |
This Report was adopted by Chamber IV, headed by Mr Igors LUDBORŽS, Member of the Court of Auditors, in Luxembourg at its meeting of 14 and 16 September 2010.
For the Court of Auditors
Vítor Manuel da SILVA CALDEIRA
President
Table
European Network and Information Security Agency (Heraklion)
|
Areas of Union competence deriving from the Treaty |
Competences of the Agency (Regulation (EC) No 460/2004 of the European Parliament and of the Council) |
Governance |
Resources made available to the Agency in 2009 (Data for 2008) |
Products and services 2009 (Data for 2008) |
|||||||||||||||||||||||||||||||||||||||||||||||||||
|
The representatives of the Member State governments have, by common agreement, adopted a statement on the creation of a European Network and Information Security Agency. The Agency should operate as a point of reference and establish confidence by virtue of its independence, the quality of the advice it delivers and the information it disseminates, the transparency of its procedures and methods of operating, and its diligence in performing the tasks assigned to it. (Council Decision of 19 February 2004, taken on the basis of the TFEU). |
Objectives
|
Tasks The Agency:
|
1 — Management Board The Management Board shall be composed of one representative of each Member State, three representatives appointed by the Commission, as well as three representatives, proposed by the Commission and appointed by the Council, without the right to vote, each of whom represents one of the following groups:
2 — Executive Director
3 — External audit Court of Auditors. 4 — Internal audit Internal audit service of the European Commission. 5 — Discharge authority Parliament, acting on a recommendation from the Council. |
Budget Total revenue 2009 (2008): 8,1 million euro (8,4 million euro) T1: Staff Available: 5,2 million euro (4,7 million euro) T2: Buildings, Equipment and Miscellaneous Operating Expenditure Available: 0,5 million euro (0,7 million euro) T3: Operating Expenditure Available: 2,5 million euro (2,9 million euro) Staff at 31 December 2009
Posts occupied 43 (39);
Total staff: 57 (58) Allocated to operational: 39,5 (15) (38) administrative and IT: 18,5 (20) |
MTP 1 (16) : Improving resilience in European communication networks In 2009, MTP 1 compared the findings against similar international experiences and results, issued guidelines, and formulated consensus-based recommendations after broad consultation with the stakeholders concerned. The recommendations were widely promoted to the policy and decision makers concerned. This MTP followed and supported, as appropriate, the reviewing and updating of the EU Electronic Communication Directives. MTP 2: Developing and maintaining cooperation between Member States In 2008, the MTP aimed at:
The aim has been to develop co-operation among Member States in order to improve their capabilities and increase the overall coherence and interoperability levels. MTP 3: Identifying emerging risks for creating trust and confidence The Agency will establish a framework that will enable decision makers to better understand and assess emerging risks arising from new technologies and new applications. This will contribute to stakeholders’ trust and confidence. In 2009, a proof of concept previously developed was tested and developed further. In addition, the Agency continued preparing position papers to express the Agency’s view on emerging risks arising from new technologies and new applications. This MTP provides an antenna function for decision makers in Europe and possibly beyond. |
||||||||||||||||||||||||||||||||||||||||||||||||||
|
Source: Information supplied by the Agency. |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||
THE AGENCY’S REPLIES
|
13. |
The Agency seeks to maximise the return it gets from outsourced project work; it also applies contingency measures to contain the consequences of delayed outsourced activities. |
|
14. |
The Agency will take all necessary actions to mitigate the risk of repeating similar occurrences in the future. In the first quarter of 2010 improvements were made to the tool used for the follow up of budgetary transfers according to Article 23 of the Financial Regulation of ENISA. |
|
15. |
The Agency recognises the significance of this comment. A formal Inventory Management procedure has been planned and ABAC Assets, the integrated ordering, purchasing and inventory management tool developed by the European Commission, is on track for launch in 2010. |
|
16. |
The Agency takes note of the Court’s comment and will adapt its procedures accordingly. |
|
17. |
In the first case, in the Agency’s view ‘similar services’ could be authorised under this call for tenders. In November 2009, after the Court’s audit, the services of a qualified service provider were contracted by means of an open call for tenders. The Agency makes efforts to improve the internal control outlook taking due account the priorities in allocating resources. |
(2) The Table summarises the Agency's competences and activities. It is presented for information purposes.
(3) These accounts are accompanied by a report on the budgetary and financial management during the year which gives, inter alia, an account of the rate of implementation of the appropriations with summary information on the transfers of appropriations among the various budget items.
(4) The financial statements include the balance sheet and the economic outturn account, the cash-flow table, the statement of changes in capital and the annex to the financial statements which includes the description of the significant accounting policies and other explanatory information.
(5) The budget implementation reports comprise the budget outturn account and its annex.
(6) OJ L 248, 16.9.2002, p. 1.
(7) Article 33 of Commission Regulation (EC, Euratom) No 2343/2002 of 19 November 2002 (OJ L 357, 31.12.2002, p. 72).
(8) Article 38 of Regulation (EC, Euratom) No 2343/2002.
(9) The rules concerning the presentation of the accounts and accounting by the Agencies are laid down in chapter 1 of Title VII of Regulation (EC, Euratom) No 2343/2002 as last amended by Regulation (EC, Euratom) No 652/2008 of 9 July 2008 (OJ L 181, 10.7.2008, p. 23) and are integrated as such in the Financial Regulation of the Agency.
(10) International Federation of Accountants (IFAC) and International Standards of Supreme Audit Institutions (ISSAI).
(11) The Final Annual Accounts were drawn up on 10 June 2010 and received by the Court on 1 July 2010. The Final Annual Accounts, consolidated with those of the Commission, are published in the Official Journal of the European Union by 15 November of the following year. These can be found on the following website http://eca.europa.eu or http://www.enisa.europa.eu/about-enisa/accounting-finance
(12) 24 400 euro.
(13) Service contract for the organisation of events/meetings, involving overall expenditure of 74 000 euro.
(14) Grant C/03/09/CFP (80 000 euro) and contract P/26/09/TRM (30 000 euro), the errors did not affect the outcome of the procedures.
(15) One staff member is employed 50 % in administrative tasks and 50 % in operational tasks.
(16) Multiannual Thematic Programmes (MTPs).