The introduction of cloud computing services in public administration has not been sufficiently targeted so far in Latvia, as the State Audit Office of Latvia has concluded after the audit. Although cloud computing provides opportunities to optimise information and communication technology (ICT) resources, improve security, and reduce costs, previous measures have not ensured a unified and coordinated approach across the entire public administration.
IN BRIEF
- The benefits of cloud computing services were identified as early as 2013; however, the creation of a more active state data processing cloud has been launched in 2024.
- Although ICT spending continues to grow annually and one plans to invest another 12.5 million euros in four state cloud computing centres by 2026, calculations of potential savings from cloud computing services have not been made.
- The state data processing cloud alone will most likely not be able to satisfy all the needs of state administration, because, according to institutional forecasts, the volume of disk arrays will have to be increased by 48% in two years while the projects envisage only a 20% increase.
- State institutions lack knowledge and practical support in the implementation of cloud computing, a fifth of the surveyed state institutions do not even know where to look for information about service providers and their terms of use.
“Cloud computing is not just a technological concept, as it is an essential component of the digital transformation of public administration. Public administration investments in cloud computing have the potential to provide a secure, effective and cost-effective public service environment, however, for the benefits of cloud computing to become visible, a unified strategy, clear action and practical support for state institutions are needed. Here, both the responsible institution for the sector, the Ministry of Smart Administration and Regional Development (MSARD), and each state institution play a significant role,” emphasised Ms Ilze Bādere, Council Member of the State Audit Office of Latvia.
Lack of strategy and coordination
Over the past five years, ICT spending by state institutions has more than doubled from 147 million euros in 2020 to 352 million euros in 2024. Costs for IT services and equipment most directly related to cloud computing have tripled by reaching 258 million euros. In other European countries, the introduction of cloud computing has allowed companies to reduce costs by 10–20% but such calculations do not exist and are not being made in Latvia. Consequently state institutions look more at the benefits of security and resource optimisation than at potential financial savings in the context of cloud computing. Although the need to combine state ICT resources has been recognised in various documents for more than a decade, the MSARD has not yet ensured sufficiently targeted and coordinated action. Only four state institutions have submitted ICT resource and data migration plans, of which only one has been coordinated. In the audit survey, almost half of institutions (48%) indicated that they had assessed opportunities for cloud computing implementation or prepared plans, but these had not been submitted to the MSARD. As a result, the progress of digital transformation is fragmented, without a common national vision and oversight.
Slow infrastructure development and uncertainty about private services
The creation of state cloud computing is currently based on four centres, that is, the Latvian State Radio and Television Centre, the Latvian National Library, the Information Centre of the Ministry of the Interior and the Ministry of Agriculture (Rural Support Service). According to auditors, half of the information systems used in state administration are located in them in total. With the current capacity and funding (12.5 million euros until 2026), satisfying all the needs of public administration with the state data processing cloud alone will be impossible. For instance, the state institutions predict that the volume of disk arrays will have to be increased by 48% within two years while the projects envisage only a 20% increase. The use of cloud computing services offered by private individuals is a possible solution for attracting additional resources.
Over time, the approach to the use of cloud computing services provided by private individuals has changed in the documents of the MSARD by allowing them at one time or prohibiting them at other times. There are still no clear criteria in which cases foreign or local service providers may be used. Meanwhile, 44% of state institutions already use foreign private cloud computing services and 11% of state institutions use Latvian private cloud computing services. It creates risks to security and transparency.
Lack of safety requirements and supervision
The audit has concluded that 86% of state institutions already use some kind of cloud computing service and more than half of them plan to expand their use. Unclear security aspects are a significant obstacle to the wider use of cloud computing services. The regulation was to be developed by April 2025. The Ministry of Defence is still developing uniform security requirements for data centres. The requirements are an essential prerequisite for the MSARD to develop a reliable and secure national IT infrastructure and for state institutions to be able to choose cloud computing service providers that meet security requirements. Only 57% of state institutions know what security aspects to assess when choosing services. Service quality indicators and the distribution of responsibility in the event of incidents are also not defined, which prevents ensuring a reliable and transparent environment.
Insufficient practical support for state institutions
The results of the audit survey confirm that a large proportion of state institutions lack knowledge and practical support. Only 36% of state institutions are fully informed about the guidelines developed by the MSARD for the selection of cloud computing services, another 36% are partially informed, and 28% are not aware of such guidelines at all. In addition, a fifth of state institutions (19%) are not clear where to look for information about service providers and their terms of use, and another 29% admit that this clarity is only partial. These results show how important it is to ensure a single information space and practical support in the implementation of services so that state institutions can make informed decisions.
“The State Audit Office of Latvia recommends strengthening the role of the Ministry of Smart Administration and Regional Development as a reform driver by safeguarding a clear strategy and coordinated transition to cloud computing. State institutions have various resource availability and experience in the field of ICT; therefore a unified operating environment is a prerequisite for balanced development of public administration ICT, eliminating the gap in the ICT capacity of state institutions. Such an environment is necessary to ensure interoperability, quality and security, as well as state institutions need universally accessible information and support, including methodological materials and contract standards,” indicated Ms Bādere.
Recommendations of the State Audit Office of Latvia #PēcRevīzijas
The audit provided four recommendations to the Ministry of Smart Administration and Regional Development, the implementation of which will allow for the improvement of the implementation of state cloud computing services:
- The necessary resources will be identified throughout the state administration and a targeted and coordinated transition to cloud computing services will be promoted;
- Harmonization will be achieved in the state data processing cloud and service provision, as well as a common understanding of the implementation policy and available support;
- State institutions will have access to information on policy, laws and regulations and practical guidelines for the selection and implementation of services in one place;
- Monitoring of service quality and costs will be ensured, which allows for the implementation of the provision of cloud computing services in line with the intentions of the government.
About the State Audit Office of Latvia
The State Audit Office of the Republic of Latvia is an independent, collegial supreme audit institution. The purpose of its activity is to find out whether the actions with the financial means and property of a public entity are legal, correct, useful and in line with public interests, as well as to provide recommendations for the elimination of discovered irregularities. The State Audit Office conducts audits in accordance with International Standards of Supreme Audit Institutions of the International Organization of Supreme Audit Institutions INTOSAI (ISSAI), whose recognition in Latvia is determined by the Auditor General. Upon discovering deficiencies, the State Audit Office of Latvia provides recommendations for their elimination, but it informs law enforcement authorities about potential infringements of the law.
Additional information
Ms Gunta Krevica
Head of Communication Division
Ph. 23282332 | E-mail: Gunta.Krevica@lrvk.gov.lv