International audit: In the public sector, ambitions for AI are hindered by a shortage of specialists and unresolved security issues

2026-04-28

International audit: In the public sector, ambitions for AI are hindered by a shortage of specialists and unresolved security issues

Twelve European supreme audit institutions, including the National Audit Office of the Republic of Lithuania, carried out an international parallel audit to assess countries' readiness for the development of artificial intelligence (AI). The audit covered the experiences of Albania, Estonia, France, Israel, Italy, Latvia, Lithuania, North Macedonia, Poland, Romania, Slovakia and Switzerland.

It analysed how countries plan and implement AI development - assessing national strategies, funding, infrastructure, digital maturity, legal regulation, information security, ongoing projects, human resources and the application of AI.

"Countries clearly see the potential of AI, but practical readiness is still lagging behind. The biggest challenge today is not technology, but people's skills. The efficiency of the public sector today depends not on how many new jobs we create, but on how many tools we provide to existing staff. AI must become that invisible assistant which takes over routine tasks and streamlines operations, so that public sector employees can focus on decisions requiring empathy and complex analysis. Without strategic action and properly trained specialists, this assistant will be not a benefit but an additional administrative burden," emphasises Auditor General Irena Segalovičienė.

The main factors limiting the development of AI are data, security and skills

The international audit shows that the development of AI in the public sector is most limited by three factors: human resources, data maturity and cyber security. As many as 92% of the countries participating in the audit indicated that the main obstacle to implementing AI is a shortage of specialists. This shows that technology alone is not enough for AI progress - the necessary skills to develop and apply it are essential.

Gaps in data maturity limit the practical application of AI. The quality of AI solutions depends directly on the data available to them. Although all countries claim to have data-sharing policies, operational barriers remain significant. As many as 75% of countries cited regulatory and governance constraints, while 63% highlighted issues of technical incompatibility. Without high-quality, standardised and accessible data, AI initiatives are often limited to pilot projects and fail to deliver real value to citizens.

Cyber security is more often recognised than ensured. The vast majority of institutions understand the risks - 86% of countries cite data leakage as the main threat. However, actual preparedness lags significantly behind: only 30% of countries apply mandatory cybersecurity protocols and systematic training for staff working on AI projects. The audit reveals a clear disparity - the risks are known, but their management is not yet consistent, so it is recommended to strengthen the AI governance. Countries should clearly define responsibilities, ensure the implementation of strategies and measure their progress. It is also important to increase budget transparency - it must be clear how funds allocated to AI are planned and used.

The international audit recommends developing practical, easily applicable regulatory guidelines to ensure the consistent application of AI. Furthermore, it is essential to strengthen governance in hybrid infrastructures - better coordinating national, private and international resources and funding.

Lithuania: there is an initiative to apply AI in the public sector, but strategic action is lacking

The public audit "Management of artificial intelligence in the public sector" conducted by the National Audit Office shows that the situation in Lithuania is broadly in line with international trends. Although some institutions are already applying AI solutions, their use remains fragmented and is not based on a common national direction. The country has no approved AI strategy, there is a lack of coordinated management and a clear division of responsibilities, and information on ongoing initiatives is not systematically collected.

The audit also revealed that insufficient attention is paid to risk management - most institutions do not identify AI-related threats, do not carry out impact assessments and do not have risk mitigation measures in place. Furthermore, there is a lack of practical methodological guidelines, and essential resources - data, computing capacity and expertise - are not adequately managed.

To bring about change, the National Audit Office recommended strengthening the coordination of AI management, planning infrastructure development, improving data management and consistently developing the skills of public sector employees.

The recommendations have been submitted to the Ministry of Economy and Innovation and the Ministry of National Defence, and their implementation will be ensured by the State Digital Solutions Agency, the public body "Innovation Agency" and the National Cyber Security Centre.

Progress has been made, but the changes are not yet complete

Some of the measures recommended by the National Audit Office to bring about change have already been implemented: a plan to expand AI computing capacity has been drawn up, monitoring plans have been established for the implementation of projects to develop Lithuanian-language resources for AI technologies, and training for public sector employees is underway.

However, the majority of measures are still being implemented. By 2026-2027, it is planned to set strategic AI objectives, create a platform for publicising AI projects, prepare methodological recommendations and strengthen competencies, while some decisions relating to infrastructure, data management and the integration of AI risks into cyber security risk assessments are scheduled for implementation by 2028-2030.