Report Number 2006-086 Summary

Auditor General mini logo Summary

Report Number:	2006-086
Report Title:	Agency for Workforce Innovation - One Stop Management Information System
Report Period:	07/012004 - 06/30/ 2005 and Selected Actions through 12/16/2005
Release Date:	01/20/2006

The Agency for Workforce Innovation (Agency) is the designated administrative agency for receipt of Federal workforce development grants and other Federal funds. The Agency is responsible for providing program and fiscal instructions to regional workforce boards pursuant to plans and policies of Workforce Florida, Inc. (WFI). WFI, a not-for-profit corporation, is the principal workforce policy organization for the State. WFI serves as the State’s Workforce Investment Board. Pursuant to Florida law[1], WFI provides oversight and policy direction to ensure that the workforce development programs are administered by the Agency in compliance with approved plans and under contract with WFI. To more efficiently administer the workforce development programs, the Agency contracted with Gulf Computers, Inc, which was subsequently purchased by HCL Technologies (Mass), Inc. (HCL), to design and build an automated information system for the operation and management of the workforce development programs.

The One Stop Management Information System (OSMIS) is designed to maximize public access to data, focus on self-service, provide a “single point of entry”, and replace Tallahassee-based legacy systems and all existing standalone regional workforce boards systems. The system provides functions for employment service providers, customers, program and agency management, and the Legislature in support of the workforce development program vision. OSMIS supports various Federal programs, including, but not limited to, Workforce Investment Act (WIA) – Youth, WIA – Adult, WIA – Dislocated Worker, Wagner-Peyser, Veterans (VETS), Welfare to Work, and Food Stamp Employment Training.

Our audit focused on evaluating selected general and application information technology (IT) controls related to OSMIS, and selected user controls during the period July 1, 2004, through June 30, 2005, with selected actions taken through December 16, 2005. Our audit was limited to the controls at the Agency and did not extend to WFI or the regional workforce boards.

The results of our audit are summarized as follows:

Finding No. 1: Access capabilities to the various modules within OSMIS had been granted to users who did not need the access for their job function.

Finding No. 2: The Maintain User screen for security administration for the Financial Management module of OSMIS granted all access rights upon user set-up unless rights were specifically denied when the user account was established.

Finding No. 3: There was a lack of coordination between the Agency and the regional workforce boards for security administration.

Finding No. 4: Access capabilities to the OSMIS application had not been timely deleted for users who had terminated employment and no longer needed access.

Finding No. 5: There was not a policy at the Agency to identify positions of special trust and there were no procedures for reviewing the work of employees who occupy critical or sensitive positions.

Finding No. 6: Improvements were needed in certain security controls protecting OSMIS.

Finding No. 7: Cash disbursement functionality within the Financial Management module of OSMIS included transactions not needed for cash disbursement processing.

Finding No. 8: Written procedures for the reconciliation of OSMIS data to FLAIR had not been developed.

Finding No. 9: There were inadequate controls over certain aspects of the change management process.

Finding No. 10: OSMIS user documentation did not always accurately reflect system functionality.

Finding No. 11: The Agency had not developed policies and procedures for exception reporting and error handling for OSMIS interface transactions.

[1] Section 445.004(5)(b), Florida Statutes

The Director's response is included at the end of this report as Appendix A.