Report on the annual accounts of the European Food Safety Authority for the financial year 2016 together with the Authority’s reply
1. The European Food Safety Authority (EFSA) was established in 2002 as a European body responsible for scientific advice on all matters linked to food and feed safety, including animal health and welfare and plant protection. The requirements for preparation and presentation of its accounts and reporting by the Court of Auditors are set out in Regulation (EC) 178/2002, Article 44 as amended by Regulation (EC) 1642/2003.
2. The European Court of Auditors (ECA) has presented to the European Parliament and the Council its report on the annual accounts of the European Food Safety Authority (EFSA) for the financial year ended 31 December 2016. This was the fourteenth year in which EFSA was fully responsible for its own financial management.
3. The ECA conclude that the annual accounts for the year ended 31 December 2016 are in all material aspects reliable, and that the underlying transactions are legal and regular.
4. In its audit report dated November 2016 the Commission’s Internal Audit Service (IAS) concluded that the controls in place for IT project management are adequate, but referred to significant weaknesses in relation to IT governance. It recommended updating EFSA’s IT governance policy, to introduce an organisation-wide IT risk management framework and risk register and to separate the information security function from the IT Unit. EFSA agreed with the IAS on a plan to take corrective action.