DATA COLLECTION AND DISTRIBUTION SYSTEM

Michigan Office of the
Auditor General
Thomas H. McTavish, C.P.A.
Auditor General

EXECUTIVE DIGEST #0759900
DATA COLLECTION AND DISTRIBUTION SYSTEM

INTRODUCTION
This report, issued in August 2001, contains the results of our performance audit of the Data Collection and Distribution System (DCDS), Michigan Administrative Information Network (MAIN), Department of Management and Budget (DMB).

AUDIT PURPOSE
This performance audit was conducted as part of the constitutional responsibility of the Office of the Auditor General. Performance audits are conducted on a priority basis related to the potential for improving effectiveness and efficiency.

BACKGROUND
DCDS was implemented in phases, starting in October 1996, with three pilot agencies (the Departments of Transportation, Civil Service, and Management and Budget). Statewide implementation was completed in March 1999. DCDS's scope and objectives were to enhance the labor cost distribution process, automate the labor adjustment process, and redesign the earnings history process. DCDS uses client/server technology that allows State employees to record data for time and attendance, labor cost distribution, inventory usage, equipment usage, and activities.

DMB-MAIN is responsible for the implementation and operation of MAIN, including DCDS. DMB's Office of Financial Management (OFM) is charged with maintaining a central accounting system and Statewide internal control. OFM has broad supervisory powers over all accounting and financial reporting activities within State agencies, including payroll. Both DMB-MAIN and OFM report to the State budget director.

AUDIT OBJECTIVES AND CONCLUSIONS
Audit Objective: To assess the effectiveness of DMB-MAIN's general controls over management, program changes, and security of information processing.

Conclusion: DMB-MAIN's general controls over management, program changes, and security of information processing were reasonably effective. However, we noted reportable conditions involving access controls and program and data change controls (Findings 1 and 2).

Audit Objective: To assess the effectiveness of DMB's internal control over DCDS.

Conclusion: DMB's internal control was reasonably effective over DCDS. However, we noted reportable conditions involving authorized users, application controls, and DCDS security administration (Findings 3 through 5).

AUDIT SCOPE AND METHODOLOGY
Our audit scope was to examine the information processing and other records of the Department of Management and Budget relevant to the Data Collection and Distribution System. Our audit was conducted in accordance with Government Auditing Standards issued by the Comptroller General of the United States and, accordingly, included such tests of the records and such other auditing procedures as we considered necessary in the circumstances.

Our methodology included examination of DMB's information processing and other records primarily for the period October 1998 through June 2000. We conducted a preliminary survey of DMB's information processing function that supports DCDS to determine the extent of our detailed analysis and testing. Also, we performed an assessment of DMB's internal control over DCDS pertaining to (a) general controls over management, program changes, and security of information processing, and (b) application controls, which included data origination, input, processing, and output.

AGENCY RESPONSES
Our audit report contains 5 findings and 5 corresponding recommendations. The agency preliminary response indicates that DMB agreed with all of the recommendations.

Full Audit Report - #0759900 - DATA COLLECTION AND DISTRIBUTION SYSTEM

Documents prefaced by require the Adobe Acrobat Reader®, a free application available on the Adobe homepage.

This page was created on August 16, 2001.


INTRODUCTION This report, issued in August 2001, contains the results of our performance audit of the Data Collection and Distribution System (DCDS), Michigan Administrative Information Network (MAIN), Department of Management and Budget (DMB).

AUDIT PURPOSE This performance audit was conducted as part of the constitutional responsibility of the Office of the Auditor General. Performance audits are conducted on a priority basis related to the potential for improving effectiveness and efficiency.

BACKGROUND DCDS was implemented in phases, starting in October 1996, with three pilot agencies (the Departments of Transportation, Civil Service, and Management and Budget). Statewide implementation was completed in March 1999. DCDS's scope and objectives were to enhance the labor cost distribution process, automate the labor adjustment process, and redesign the earnings history process. DCDS uses client/server technology that allows State employees to record data for time and attendance, labor cost distribution, inventory usage, equipment usage, and activities. DMB-MAIN is responsible for the implementation and operation of MAIN, including DCDS. DMB's Office of Financial Management (OFM) is charged with maintaining a central accounting system and Statewide internal control. OFM has broad supervisory powers over all accounting and financial reporting activities within State agencies, including payroll. Both DMB-MAIN and OFM report to the State budget director.

AUDIT OBJECTIVES AND CONCLUSIONS Audit Objective: To assess the effectiveness of DMB-MAIN's general controls over management, program changes, and security of information processing. Conclusion: DMB-MAIN's general controls over management, program changes, and security of information processing were reasonably effective. However, we noted reportable conditions involving access controls and program and data change controls (Findings 1 and 2). Audit Objective: To assess the effectiveness of DMB's internal control over DCDS. Conclusion: DMB's internal control was reasonably effective over DCDS. However, we noted reportable conditions involving authorized users, application controls, and DCDS security administration (Findings 3 through 5).

AUDIT SCOPE AND METHODOLOGY Our audit scope was to examine the information processing and other records of the Department of Management and Budget relevant to the Data Collection and Distribution System. Our audit was conducted in accordance with Government Auditing Standards issued by the Comptroller General of the United States and, accordingly, included such tests of the records and such other auditing procedures as we considered necessary in the circumstances. Our methodology included examination of DMB's information processing and other records primarily for the period October 1998 through June 2000. We conducted a preliminary survey of DMB's information processing function that supports DCDS to determine the extent of our detailed analysis and testing. Also, we performed an assessment of DMB's internal control over DCDS pertaining to (a) general controls over management, program changes, and security of information processing, and (b) application controls, which included data origination, input, processing, and output.

AGENCY RESPONSES Our audit report contains 5 findings and 5 corresponding recommendations. The agency preliminary response indicates that DMB agreed with all of the recommendations.