Quality and Risk Management System
The Treasury’s Quality Management System and Information Security Management Systems Complies with Internationally Recognised Standards
After the successful recertification audit of the Treasury’s integrated management system, the Treasury’s Quality Management Systems and Information Security Management System have been assessed and recognised as compliant with the requirements of the international standards ISO 9001:2015 and ISO 27001:2013.
The Quality and Information Security Management Systems were audited within an integrated management system and commended for their integrity and good management in particular.
In 2017, the Treasury’s accounting service and its development with project management methods were assessed for the first time and successfully certified according to internationally recognised quality and information security requirements.
The Treasury’s Quality Management System has been certified since 2006. Over these years, the Treasury has introduced and efficiently maintained process management and monitoring, planning and reaching of goals, monitoring of external and internal factor influences, risk management, organised communication processes, identification of stakeholders and inclusion of their requirements in the institution’s processes of operation, as well as employee professionalism, engagement and awareness of management decisions.
The auditors highlighted the professional project management, transparent process approach based on risk control, and clear and efficient organisation of information technology management as good practice. The methods used in improving client satisfaction and evaluating results were also viewed positively.
The Treasury has certified all its core activities: implementation of the central government budget, central debt management, cash and state loan management, performance of the functions of the paying and certifying authority of the European Union funds and foreign financial aid and the accounting service.
The audits were performed on 6 and 7 February 2017 by Bureau Veritas Latvia, an accredited certification body.
The Treasury’s operational strategy defines the following basic principles of quality and risk management system:
- Client-oriented organisation – learning and evaluating client needs and satisfaction to improve the Treasury’s services, as well as maintain and increase the quality thereof in the interests of the State and its residents.
- Managerial role – managers of all levels create and maintain an internal working environment that clearly reflects the institution’s future development vision and ensures that goals are met.
- Employee engagement – promoting employee engagement in reaching set goals to ensure the use of their knowledge and skills for the benefit of the Treasury and to increase employee awareness and level of responsibility.
- Process approach in system management – managing the institution’s resources and operation as a unified process within the Treasury’s management system to ensure that strategic goals and tasks are implemented more efficiently.
- Fact-based decision-making – ensuring efficient decision-making process based on data and information analysis, thus identifying and eliminating potential problems and risks, and taking advantage of the provided opportunities.
- Continuous improvement – improving the Treasury’s processes by finding and acting on development opportunities to increase work efficiency and quality, as well as introduce the best practice of resource management.
- Risk management integration in all processes – ensuring timely risk identification, analysis and necessary measures to reduce the probability and effects of risks to an acceptable level by utilising potential opportunities, as well as ensure that the Treasury’s goals are met.
- Risk management integration in all projects – identifying and eliminating or restricting the principal risks in the early stages of projects, monitoring them and reacting to opportunities throughout the course of projects to ensure that projects are managed efficiently and set goals are met.
- Daily monitoring and analysis – performing daily risk identification and monitoring by centrally collecting, compiling and analysing data on identified risks.