Brian Stanley (Laois-Offaly, Sinn Fein) | Oireachtas source

We will write to the RTB about that. We will also raise with it the delay in laying the accounts, and we will write to the National Transport Authority as well. They are the two bodies that exceeded the three-month period.

As usual, the list of accounts and financial statements will be published on the committee's web page. Do we agree and note the listing of accounts and financial statements? Agreed.

Moving on to correspondence, as previously agreed, items that have not been flagged for discussion at this meeting will continue to be dealt with in accordance with the proposed actions that have been circulated, and decisions taken by the committee in regard to correspondence are recorded in the minutes of the committee's meetings and published on the committee's web page.

The first category, B, concerns correspondence from Accounting Officers and their Ministers in follow-up to committee meetings. No. 1571B is from Mr. Ray Mitchell, assistant national director of the HSE, dated 10 November 2022, and provides information requested by the committee during our meeting with the HSE of 6 October. It covers a range of areas, including the shelf life of alcohol gel purchased earlier during the pandemic and the implementation of recommendations contained in the Comptroller and Auditor General's 2016 chapter on the oversight of grants to health agencies. It is proposed to note and publish the item and request some additional information sought during the meeting that has not been covered in the correspondence. Is that agreed? Agreed.

I flagged this item for discussion for a few reasons. We raised with the representatives, when they appeared before the committee, the fact that vast quantities of hand gel are now obsolete, and they have explained that the active ingredient is ethanol, which apparently has a shelf life. That seems to be the explanation they are giving in the correspondence. In regard to other matters that will come before us, they state that in the management and oversight of grants to health agencies, by which I presume they mean section 38 and section 39 organisations, actions have been taken to implement the recommendations. The letter states:

As of 2022 the HSE has fully established Contract Management Support Units (CMSUs) in each of the HSE's nine Community Healthcare Organisation (CHOs). The CMSUs are a key resource within CHOs in terms of enhancing the level of management and oversight in respect of Agencies funded by the respective CHOs. In particular, they assist service managers in the CHOs in terms of managing and documenting all aspects of the relationship with Agencies.

The letter goes on to explain that further. This is something we are going to hear more about in the next while.

Another issue relates to the cyberattack. The letter states:

The ICT & Cyber investment case outlined a €656m cost over a period of 7 years. As part of the service planning process a funding ask was made for year 1 of this transformation programme, and at the time of writing a funding allocation of €40m has been provided for 2023 to progress as a matter of urgency the remediation of Cyber risks to strengthen and secure our ICT & digital infrastructure.

When I read that, I thought the figure for year one was small. Considering the risk to cybersecurity and the fact there has been a cyberattack on the HSE, €40 million being provided in the first year, of a total of €656 million, seems small. We could raise this with the HSE to see whether the figure is adequate and whether there is other funding we do not know about or other resources the HSE is putting into this. While I am limited in my knowledge of computer technology, I would imagine that €40 million of €656 million over a seven-year period is a small start in light of the risk to the State. We could ask whether that is the totality of the funding available to it and whether it assesses this as adequate given the risk posed by cyberattacks and the experience it has had in the past two years, if that is agreeable.