Archived - Audit of the PeopleSoft System

Date: June 2010
Project #09-07

PDF Version (413 Kb, 52 Pages)

Table of Contents

• List of Acronyms used in report
• Technical definitions for terms in report
• Executive summary
• Summary of findings and recommendations
• 1. Statement of assurance
• 2. Background
• 3. Objective and scope
• 4. Unavailable information
• 5. Methodology
• 6. Findings and recommendations
• 7. Business impact of audit findings
• 8. Conclusion
• 9. Acknowledgements
• 10. Management Action Plan
• Appendix A - Recommendned approach
• Appendix B - System cross-verification test results
• Appendix C - Audit approach
• Appendix D - Details regarding controls for leave requests in future fiscal years
• Appendix E - Documents reviewed

List of Acronyms used in report

Technical definitions for terms in report

Executive summary

Background

In 1994, the Government of Canada (GC) entered into an agreement with PeopleSoft Incorporated (now Oracle) for an enterprise-wide license to the company's PeopleSoft Human Resources Management System (HRMS). At the time of the agreement, seventeen government departments and agencies agreed to implement the PeopleSoft HRMS solution, including Indian and Northern Affairs Canada (INAC or "the Department").

PeopleSoft is a commercial-off-the-shelf (COTS) system, modified to meet common GC HR and legislative requirements that provides an integrated platform for the management of HR information. The system is administered by Public Works and Government Services Canada (PWGSC) through the HRMS Program Centre and the GC HRMS Cluster Group. Management of the system's operating environment, including installation, hardware, software, and data entry, is the responsibility of each member department and agency.

Indian and Northern Affairs first implemented PeopleSoft in 1995. Since that time, the system has been routinely upgraded to meet evolving GC requirements and to expand its functionality. Today, PeopleSoft is a critical system for the Department. The latest major upgrade, an upgrade from version 8.0 to version 8.9, was undertaken by the Department in 2009. Beyond the new look and feel, PeopleSoft version 8.9 added new features and reconfigured existing processes to support the eventual roll-out of e-pay, e-learning and e-staffing capabilities.

Context

A review of the PeopleSoft 8.9 upgrade was conducted by the Audit and Evaluation Sector (AES) from December 2008 to March 2009. The review concluded that insufficient controls were in place prior to the upgrade and that the integrity of PeopleSoft data during and after the upgrade could not be established conclusively. As a result of the findings from the upgrade review, a more detailed audit was conducted to examine the data entry process and management control framework related to the PeopleSoft system. PeopleSoft in this report refers to INAC's implementation of the PeopleSoft application; therefore, the results of the audit and all findings apply to the specific implementation of the application, not the tool itself.

Objective and scope

The objective of the assessment is to provide assurance that the data entry process and management control framework in support of the PeopleSoft system enables the production of reliable management reports in a consistent manner across the country.

The scope of the audit examined the adequacy and effectiveness of departmental controls in place to support an effective human resources management information system. Based on a risk-analysis, the scope was designed to focus on three main areas: data integrity issues (noted in the 2009 PeopleSoft 8.9 upgrade review), operational processes and PeopleSoft reporting. PeopleSoft was a stand-alone system at the time of the audit; therefore, no interfaces were reviewed. However, INAC's plans to interface PeopleSoft with the Regional Pay System (RPS) through the Government of Canada Pay Interface (GCPI) project were considered.

Despite considerable assistance from employees at headquarters and in the regions, the audit experienced scope constraints due to a lack of information availability. In particular, a lack of reports, definitions, and documented processes to support INAC's human resources function were observed.

Findings and conclusions

The audit found that the management control framework in place to support INAC's HR management system is not functioning as intended, leading to unreliable data and ultimately, a system that does not fully address the needs of the Department. Weaknesses in the management control framework included: inadequate documentation of PeopleSoft activities and workflows; a lack of collaboration amongst HR, IT, business units, and regions; continued data integrity issues, including data affecting accruals and cash-outs; a lack of data governance and a well-defined clean-up strategy; and limited availability of key metrics.

While progress has been made to address known PeopleSoft errors through mass clean-ups, a lack of approvals, correction sequencing, preventive controls, and data validation across all relevant systems, has limited their effectiveness. Without a consistent approach to address the root causes of unreliable data, clean-up efforts will continue to be ineffective.

At this time, the Audit and Evaluation Sector (AES) cannot provide assurance that the data entry processes and management control framework in support of the PeopleSoft system are enabling the production of reliable reports for the Department.

Based on the findings, we have concluded that:

• INAC lacks readily-available and reliable metrics to make informed management decisions.
• The Department does not have access to PeopleSoft capability that would allow it to reduce manual inefficiencies, automate complex calculations and implement a sound management control framework.
• INAC is not ready to interface PeopleSoft with the Regional Pay System as planned under the GCPI project.

Recommendations

The audit report provides a number of recommendations to address deficiencies noted with respect to the management control framework and the integrity of the PeopleSoft system. Most notably, we recommended that root causes of errors be addressed, preventive controls implemented, and data reconciled before the system interfaces are undertaken, including the planned interface with the Regional Pay System under the GCPI project.

Summary of findings and recommendations

The table below summarizes the findings and recommendations contained in the report, in the order in which they appear. The following three conclusions are supported by the seven findings.

• INAC lacks readily-available and reliable metrics to make informed management decisions.
• The Department does not have access to PeopleSoft capability that would allow it to reduce manual inefficiencies, automate complex calculations and implement a sound management control framework.
• INAC is not ready to interface PeopleSoft with the Regional Pay System as planned under the GCPI project.

1. Statement of assurance

We cannot provide assurance that the data entry process and the management control framework related to the PeopleSoft [Note 5] system enable consistent and reliable reports to be produced across INAC.

The audit was conducted in accordance with the requirements of the Treasury Board (TB) Policy on Internal Audit and followed the Institute of Internal Auditors' Standards for the Professional Practice of Internal Auditing.

Audit work was conducted according to a risk-based audit program, developed collaboratively with INAC management, based on Control Objectives for Information and related Technology, version 4.1 (COBIT 4.1) and the Project Management Institute's Project Management Body of Knowledge, version 4 (PMI PMBOK 4). It was recognized that each region has its own processes and client profiles. Therefore, the audit program incorporated work steps to test for individual regions' compliance to their own policies and procedures.

In my professional judgment as Chief Audit and Evaluation Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the conclusions reached and contained in this report. The conclusions were based on a comparison of the situations as they existed at the time of the audit and against the audit criteria. It should be noted that the conclusions are applicable only for the areas examined and the regions and sectors visited.

2. Background

In 1994, the Treasury Board of Canada Secretariat (TBS), in a move towards a more integrated, cost-effective approach for delivering government services, developed the Blueprint for Renewing Government Services Using Information Technology. As part of the Blueprint, a recommendation was made to implement, where possible, common IT solutions across departments and agencies to reduce system development, maintenance and operating costs. Shortly thereafter the Government of Canada (GC) entered into an agreement with PeopleSoft Incorporated (now Oracle) for an enterprise-wide license to the company's PeopleSoft Human Resources Management System (HRMS). At the time of ratification, 17 government departments and agencies agreed to implement the PeopleSoft HRMS solution, including Indian and Northern Affairs Canada (INAC or "the Department").

PeopleSoft is a commercial-off-the-shelf (COTS) system, modified to meet common GC HR and legislative requirements that provides an integrated platform for the management of HR information. The system is administered by Public Works and Government Services Canada (PWGSC) through the GC HRMS Program Centre and the GC HRMS Cluster Group. The Program Centre is accountable for the design, development, management, support and maintenance of the system. The Cluster Group, which is made up of all participating departments and agencies, is tasked with customizing PeopleSoft to meet the on-going needs of the government and to act as the primary contact point for departments and agencies on PeopleSoft-related issues. Management of the system's operating environment, including installation, hardware, software, and data entry, is the responsibility of each member department and agency.

Indian and Northern Affairs first implemented PeopleSoft in 1995. Since that time, the system has been routinely upgraded to meet evolving GC requirements and to expand its functionality. Today, PeopleSoft is a critical system for the Department. The PeopleSoft system, as designed and provided by Oracle Corporation, has various capabilities for the following:

• Reports for decision-making, including executive dashboards
• Employee files
• Leave reporting functions
• Classification and organization
• Recruitment and staffing of positions
• Training
• Employee development
• Management category position
• Workforce adjustment
• License certification
• Performance review
• Employee relations
• Compensation and benefits
• Occupational health and safety

At the time of the audit, the PeopleSoft system was primarily used by INAC for employee profiles, reports for decision-making, and leave management and reporting.

Data from PeopleSoft also feeds other Government of Canada databases, including the Position Classification Information System (PCIS) at the Treasury Board of Canada Secretariat.

The latest major upgrade, from version 8.0 to version 8.9, was undertaken by the Department in 2009. Beyond the new look and feel, PeopleSoft version 8.9 added new features and reconfigured existing processes to support the eventual roll-out of e-pay, e-learning and e-staffing capabilities. The Audit and Evaluation Sector (AES) conducted a review of the most recent PeopleSoft system between December 2008 and March 2009. The objective of the upgrade review was to determine if the upgrade project enforced controls to preserve the integrity of the information during and after the upgrade.

The upgrade review determined that sufficient project and process controls were not in place to safeguard the integrity of the information within the system prior to, during, and after the upgrade, and that evidence was not available to demonstrate the extent to which the project improved or maintained data integrity. As a result of these findings, it was recommended that a detailed audit of the system and the capacity to operate it was undertaken. The detailed audit was initiated in October 2009. The results of this audit are outlined in this report.

PeopleSoft in this report refers to INAC's implementation of the PeopleSoft application; therefore, the results of the audit and all findings apply to the specific implementation of the application, not the tool itself.

3. Objective and scope

3.1 Objective

The objective of the assessment is to provide assurance that the data entry process and management control framework in support of the PeopleSoft system enables the production of reliable management reports in a consistent manner across the country.

3.2 Scope

The scope of the audit examined the adequacy and effectiveness of departmental controls in place to support an effective human resources management information system. Program delivery is fundamental to INAC's mandate, and operations are the foundation upon which program delivery is based. Ultimately, the success of PeopleSoft for INAC depends on whether the system facilitates resource management for program delivery and supports operations effectively. As a result, the audit was designed to focus on aspects of PeopleSoft that supported program delivery. Based on a risk analysis, the scope included the following broad areas:

• Operational processes, including documented workflow for PeopleSoft activities, training, resources, communication, system functionality, and leave approvals.
• Data integrity, including accuracy and timeliness of information in PeopleSoft, identification and resolution of data errors, effectiveness of the data clean-up initiatives, and overall data governance.
• Key PeopleSoft reports, including dashboards, resource planning metrics, leave reports and human resource statistics across INAC.

PeopleSoft was a stand-alone system at the time of the audit; therefore, no interfaces were reviewed. However, the plans for future interfaces, including the GCPI, were considered in the audit.

Separate operating agencies were not included in the scope of the audit, including the following:

• Indian Oil and Gas Canada (IOGC) - While many of IOGC's operational functions are performed by INAC, including payroll, IOGC does not use PeopleSoft. There is a risk that the GCPI implementation will impact IOGC operations.
• Canadian Northern Economic Development Agency (CanNor) - While CanNor does use PeopleSoft, their employees were not included in our sample-based testing. It should be noted, however, that at this time CanNor employees are not easily distinguishable in the PeopleSoft system from INAC employees.

4. Unavailable information

As a result of missing information, several procedures could not be conducted. These information gaps and the resultant test constraints are further described below.

Despite considerable assistance from employees at headquarters and in the regions, several reports requested were not made available for review. In many cases, we requested information that employees were challenged in obtaining for themselves. Where reports were made available, variations made it difficult to establish the completeness of test populations. Specifically, test limitations included the following:

• Accuracy of annual leave cash-outs and accruals – At the time of the audit, there was no reliable system of record available for Leave Service Dates. See Section 6.2.1 Data quality issues and Appendix B.2. Leave, benefits and pension data for further details.
• Accuracy of data fields related to pay -  We were unable to validate the accuracy of hard copy employee files because of errors on both letters of offer and manual pay cards noted in the audit of payroll, conducted at the same time as this audit of PeopleSoft. Results are further described in Section 6.2.1 Data quality issues and Appendix B – System cross-verification test results
• Compensatory leave controls – Due to a lack of reliable employee classification histories and readily available overtime reports, we could not validate whether compensatory leave times were approved in accordance with the respective collective agreements.
• Appropriate approvals for leave – In many cases, testing could not be completed to assess whether leave was pre-approved or approved (depending on the requirement) by an authorized individual. As a result of these limitations, a sample of leave transactions was investigated. Results of this testing are detailed in Section 6.1.6 Leave approvals.
• Time differential between when an employee is hired in PeopleSoft versus when they are granted access to PeopleSoft (service delivery testing) – Completeness could not be established in reports provided. As a result, testing could not be completed.
• Time differential between when an employee departs INAC and when their access to PeopleSoft is removed (access controls) –Logs / reports to demonstrate appropriate access removals (account locking date and time) were not available. As a result, testing could not be completed.
• Licensing, maintenance and Cluster Group support agreements – Whilerequested, the number of PeopleSoft licenses and the licensing agreement was not made available for review. We reviewed two 2009-2010 Memorandums of Understanding (MOU) between INAC and Public Works and Government Services Canada (PWGSC) for Cluster Group support and Oracle system maintenance, respectively. Several gaps were identified, including the following:
  • Financial coding and contractual contact fields were not completed for the maintenance MOU.
  • Service included in the Cluster Group MOU is not specified.
  • Details to support the payment formulas are not included in the MOUs.

We understand that INAC is looking into the MOUs and associated back-up documentation to review these gaps. However, the information was not available for review within the audit timeline. We recommend that INAC investigate the 2009-2010 and the 2010-2011 MOUs to incorporate lessons learned into future agreements.

5. Methodology

This section details the audit timeline, areas of focus and audit approach.

5.1 Timeline

The assessment was conducted in three distinct phases:

• Planning Phase
• Executing Phase
• Reporting Phase

The Planning Phase was conducted from October to December 2009 using preliminary documentation reviews and interviews at headquarters and in the Ontario region (Toronto Office). Through January to May 2010, fieldwork in the Executing Phase was conducted at headquarters and in the regions. The Reporting Phase concluded the audit from May to June 2010.

5.2 Areas of focus

INAC's primary source of spending is for programs delivered through partnerships with Aboriginal communities and federal-provincial/ territorial agreements. These programs are delivered by INAC employees. The number, distribution, skill-level, knowledge and experience of these employees directly contribute to the success and achievement of the program objectives.

The PeopleSoft system should provide INAC management with the reports necessary to manage the INAC workforce and develop skills, knowledge and experience. While the PeopleSoft system does not directly facilitate the delivery of Aboriginal programs, it is central to enabling the resource planning for program delivery. The system's ability to facilitate human resource functions, support employees, and provide a central database for employee information is critical. As a result, the audit was designed to focus on issues that could potentially undermine program delivery and national operations. Our approach is detailed further below.

5.3 Audit approach

The audit fieldwork was conducted at headquarters and in a sample of regions as follows:

• Alberta (Edmonton office)
• Saskatchewan (Regina office)
• British Columbia (Vancouver office)
• Yukon (Whitehorse office)

A risk-based approach was used to scope the audit and focus on areas of greatest risk to INAC. The audit program was structured to include documentation reviews, interviews, and testing. As part of testing, data analytics were used to examine a large amount of raw data and identify patterns and anomalies with respect to leave transactions. These activities are further detailed in Appendix C – Audit approach.

6. Findings and recommendations

As indicated in Section 3.2 Scope, the scope of the audit included the following broad areas:

• Operational processes
• Data integrity
• Key PeopleSoft reports

The findings in this report are arranged according to the three areas above. The implications of the findings, however, are arranged according to areas of greatest benefit to INAC and are organized as follows:

• Improving program delivery – information in the PeopleSoft system and system generated reports were reviewed to gain assurance that PeopleSoft facilitates effective resource planning in support of INAC programs.
• Increasing operational efficiency – documented workflow for PeopleSoft activities, communication, system capability, resources, training, and leave approvals were reviewed to gain assurance that PeopleSoft facilitates efficient management of human resources for INAC.
• Improving effectiveness of controls – data integrity, system change management, system access, and functionality were reviewed to gain assurance over the information in PeopleSoft; in particular, information that affects pay or that will affect payroll after the implementation of GCPI.

The impact of the findings and conclusions of the audit are outlined according to the above areas in Section 7. Business impact of audit findings.

6.1 Operational processes

Operational processes are fundamental to the success of PeopleSoft at INAC. National operations using PeopleSoft information and the system functionalities require both well-defined and consistently implemented procedures. Without well-defined and consistently implemented procedures to manage and maintain the PeopleSoft system, PeopleSoft reports will not effectively support INAC.

The following six areas of operational processes were reviewed:

1. Documented workflow for PeopleSoft activities
2. Training
3. Resources
4. Communication
5. Tools and automated controls in PeopleSoft
6. Leave approvals

The findings in these areas are further detailed below.

6.1.1 Documented workflow for PeopleSoft activities

Documented procedures and end-to-end workflows are fundamental to maintaining alignment across business units and across headquarters and regions with respect to PeopleSoft activities. While documented business processes were requested, no centrally documented procedures were available. At the time of the audit, interviews at headquarters indicated that comprehensive business processes had not yet been documented. While some HR service standard control checklists were made available at headquarters, regional interviewees had no knowledge of these documents.

Regional interviewees described a lack of central coordination from headquarters and stated that guidance from headquarters lacks consideration for unique aspects of the regional business environment (e.g. unique employee classifications and support to special operating agencies).

The following areas highlight gaps for which the lack of documented processes may be a root cause:

• New employees start and are given a PeopleSoft account before security clearance is obtained
• Employee profiles only partially completed in PeopleSoft (multiple instances observed and confirmed in interviews)
• Ambiguity with respect to critical HR workforce definitions (e.g. Full Time Equivalent, headcount and strength)

While some regions have developed checklists and procedural documents for HR and PeopleSoft tasks, there is heavy reliance on individual knowledge. With a retiring work force, this poses a risk to INAC. This risk is amplified when the knowledge is concentrated to one individual, as observed in some regions. Ultimately, PeopleSoft processes have a strong dependency on a handful of experienced employees who are currently shouldering increased workload.

Due to the lack of documented procedures, the roles and responsibilities of business units are ambiguous in some areas. For example, interviewees indicated that it is not clear who is responsible for Oasis Salary Management System (OSMS) data accuracy and for reconciliation between PeopleSoft and OSMS on an on-going basis. Such protocols are critical to maintaining data integrity. Furthermore, a lack of clarity results in inefficiencies and labour-intensive corrective initiatives.

In general, a lack of documented processes poses the following risks to INAC:

• Loss of critical knowledge when employees leave INAC
• Lack of awareness of potential risks, control gaps and areas requiring monitoring and attention (particularly along business unit seams)
• Inefficiencies due to misalignment of workflow and operational activities that cross business units (e.g. management reports not readily available across business units)

Findings and recommendations concerning the lack of documented procedures and workflow activities are contained in Section 6.1.3 Resources. Overall, the lack of documented HR activities and end-to-end workflow is a root cause of data integrity issues and operational inefficiencies and puts INAC at risk when experienced, knowledgeable employees retire or leave the Department.

6.1.2 Training and Resources

Training for personnel managing PeopleSoft data at INAC is critical to consistency, accuracy and reliability of PeopleSoft information and a key preventive control. This training includes a definition of what each data field means, the type and format of information entered, how to run reports, and ultimately, how to leverage the system to be more productive. However, interviewees stated that there is no standard training program for PeopleSoft. Furthermore, the training differs across regions and at headquarters and, in many cases, HR personnel receive no training.

Human Resources and Workplace Services Branch (HRWSB) is responsible for process-based training in headquarters, while the technology group, Human Resources Management System (HRMS), is responsible for system-based training in the regions. This difference, coupled with an observed lack of communication and collaboration between HRWSB and HRMS in headquarters (further discussed in Section 6.1.4 Communication), results in inconsistent training. In some regions, training is provided by local System Officers on a request basis and, in other regions, no training is provided locally.

In the absence of formal training sessions, regional training is delivered primarily through the use of an online manual named the "User Productivity Kit" (UPK). However, with a lack of documented business processes and a lack of resources for UPK development across the regions, the UPK is not widely used. Interviewees stated that the UPK is a good resource for knowledgeable users, but is insufficient as a training guide.

The lack of consistent training is contributing to larger data integrity issues. In addition, without adequate training, employees lack knowledge of the reports and automated tools available to them, resulting in inefficiencies and an overall lack of business and end-user support.

Regional interviews expressed concern over a perceived lack of resources that may be contributing to the data integrity of PeopleSoft. While we observed a considerable workload for HR personnel at headquarters and in the regions, the problem is magnified by the labour-intensive processes surrounding PeopleSoft. If processes were well documented, leveraged the functionality of the PeopleSoft system and carefully planned to account for a smaller workforce, this risk could be better managed.

By improving system support of operational processes, providing adequate training, and providing clear direction, documented checklists and easy-to-understand work guides, resources could be more effective aligned. It would also free-up resources to address data integrity issues and would assist the Department in its plan to ultimately implement e-pay, e-learning and e-staffing functionality.

6.1.3 Communication

Communication between business units and between headquarters and regions is crucial to maintaining alignment and consistency. During the audit, we observed gaps in communication, as detailed below.

Lack of communication across business units
Collaboration between operational and technology teams is essential to maintaining a system that supports operational processes effectively. Furthermore, with multiple data clean-up projects underway, collaboration and alignment is critical to establishing an appropriate, well-controlled change management process. As outlined in Section 6.1.2 Training and Resources, we observed a lack of communication and collaboration between the operational team (HRWSB) and the technology team (HRMS) in headquarters. In addition to these training issues, the following issues were noted:

• Business cases were not signed off by HR for changes implemented in the PeopleSoft production system. We were informed this gap was known and was being addressed such that future business cases would be approved by the Director General (DG), HRWSB and the Chief Information Officer (CIO). However, by the conclusion of the audit work, we were yet to be provided with evidence that this issue was addressed or is being addressed.
• A lack of communication regarding the status of mass data clean-ups and the GCPI initiative was observed.
• There was a lack of HRMS involvement in an interface implementation for NAKISA (functionality to produce organizational charts in PeopleSoft).
• HRMS was not involved in the introduction of Fast Track staffing. As a result of the lack of awareness, a technological risk and impact assessment for the new workflows could not be performed.

The lack of technological involvement in HRWSB initiatives and the lack of HR operational involvement in system initiatives pose a significant risk to PeopleSoft. For initiatives to be implemented successfully, whether technological or operational, they require an assessment of both the impact on system functionality and the impact to business operations. Better communication, governance and well-defined roles and responsibilities are required to align HRWSB and HRMS, and to ensure future initiatives carefully consider all relevant technological and business aspects.

We also observed a lack of communication between HRWSB and Finance. In particular, Finance was not included on the original GCPI project charter, which involved the payroll process and system. In our preliminary interviews at headquarters, Finance representatives were not aware of the GCPI project. This lack of Finance involvement was echoed in regional interviews. While we understand this gap is being addressed, it indicates that appropriate communication protocols are not in place or are not adhered to.

Lack of communication across regions
Communication gaps were observed between headquarters and regions. Specifically, details regarding GCPI, including its impact on operations, roles and responsibilities, training, and funding, were unknown to regional management throughout the audit, despite plans for a pilot implementation to begin between March and June 2010. Overall, during our interviews, several questions remained for regional management as to the expectations and impact of the GCPI. Given the aggressive GCPI timeline, this is a significant area of risk for INAC.

Regional compensation personnel described frustration with the lack of communication regarding new PeopleSoft features, software tools and automated controls. For instance, multiple regions we visited had a leave tracking system outside of PeopleSoft for monitoring family leave taken in excess of 37.5 hours. [Note 6] However, it was found during the audit that a system control had been introduced whereby PeopleSoft prevents users from exceeding this entitlement. Several regional representatives we interviewed were unaware of the change and there was a lack of evidence available at headquarters to demonstrate that the change had been communicated. Because there was a gap in communication, regions had not redefined their tracking and monitoring process to reflect the system control. Therefore, this lack of communication meant that regions continued to perform redundant, non-value-adding activities.

Another example of a lack of communication relates to tracking employee training information in PeopleSoft. We observed inconsistent use of the training modules in PeopleSoft across regions and interviewees described a lack of guidance regarding how and when to enter training data in PeopleSoft.

6.1.4 Tools and automated controls in PeopleSoft

Tools and automated controls in PeopleSoft should support business needs and reduce the burden of having to enter the same information multiple times, thus improving consistency and minimizing manual work. To assess whether a system implementation is successful, its support of operational processes is fundamental. Controls and automated tools can also help improve data integrity by enforcing business rules and preventing and detecting data errors.

The current PeopleSoft configuration at INAC does not allow for the exchange information with the following INAC systems:

• RPS
• OSMS
• Employee hard copy file (manual pay card and Letter of Offer)
• Manual tracking sheets and dashboards (e.g. overtime)

While system interfaces would alleviate manual work, interface implementations currently present a high level of risk due to a lack of data integrity in PeopleSoft. This poses perhaps the most significant PeopleSoft challenge currently facing INAC and is further discussed in Section 6.2 Data integrity.

Several gaps between PeopleSoft capability and INAC business needs are posing operational impediments. The following key system internal controls were observed to be lacking from PeopleSoft:

• Employees can circumvent annual leave pre-approval requests (ability to enter and approve annual leave retroactively)
• System does not track overtime, unless overtime is paid out as compensatory leave.
• No mechanism to prevent employees from exceeding pre-authorized amount of overtime in regions where pre-authorization can apply to multiple Extra Duty forms.
• Leave approval can be delegated to a peer or subordinate.
• Certain employee roles, such as substitute teachers and casuals, are not well accounted for by the system. As a result, some groups are not stored in PeopleSoft.
• System does not allow corrections to be made for previous fiscal years, resulting in inaccurate employee leave histories.
• System does not calculate leave cash-outs.
• Undefined leave codes for special employee groups.
• No cap on certain types of leave, including 699 ("general" leave).
• No control to limit annual leave in future years - potential for leave balances to drop to negative values at year-end (see Appendix D – Details regarding controls for leave requests in future fiscal years).

While we were informed by HRWSB management that some of the above limitations are the result of functionality decisions made by the Government of Canada HRMS Cluster Group, the gaps have resulted in the creation of multiple external tracking mechanisms and labour-intensive monitoring for line management and HR.

In addition, the following risks to data are imposed by insufficient system internal controls:

• Leave corrections made for previous fiscal years are not reflected accurately in PeopleSoft.
• Employees exceed their annual leave entitlements.
• Leave cash-outs are not made in accordance with collective agreements.
• Leave is not approved by authorized personnel (including employees approving one another's leave). See Section 6.1.6 Leave approvals for exceptions noted.
• Inaccurate data / reports results in a misleading overview of INAC (further risks to data integrity are detailed in Section 6.2 Data integrity).

A fundamental productivity gap is the lack of system calculations for leave cash-outs. While PeopleSoft stores all leave transactions, as well as employee position details and respective collective agreement codes, the system does not convert hours to dollars for leave to be paid out. As a result, Compensation Advisors must translate the number of hours into dollars based on position and collective agreement details. Standardized tools and techniques should be provided for leave cash-out calculations to support the HR staff, especially the Compensation Advisors.

Employee training and skill-set information can be captured in PeopleSoft, but PeopleSoft is not currently used and relied on as a database for training information. In regions where training data was being entered into PeopleSoft, system errors and inadequate end-user support were observed to be causing significant inefficiencies and were preventing a large portion of critical information from being entered into the system properly. While regional resources were dedicated to entering and tracking employee training data, the reports and information were still not available in PeopleSoft. Despite communication of the problems to headquarters for over a year, the problems have persisted in a region visited.

An organization's HR management system should make skills details available to support hiring and planning decisions. INAC employee training data should also be available in support of assessing employees' Learning Plans and Employee Performance Management (EPM) agreements. The integrated EPM and Learning Plan processes are important human resources management tools to validate that the work done by employees and the way they do it are aligned with the organization's mission. Therefore, employee information related to training and learning is essential. Evidence was not available to demonstrate that PeopleSoft is capturing or managing this information effectively.

Two of the most significant control gaps with respect to resource management is that PeopleSoft does not track overtime to be paid (it does track compensatory leave – leave granted in lieu of cash payment) and compressed work weeks. This prevents managers from having a complete, readily available view of employee work schedules and overtime taken which is problematic for resource management and for tracking whether overtime is being taken in accordance with collective agreements. The regions we visited had their own manual dashboards and tracking systems for overtime and compressed work weeks, which were labour-intensive and contributed to the multiple points of data input. INAC should have a system that provides a complete view of compressed work weeks and overtime taken, including pre-approval allowances, in order to track pay and manage resource allocation.

Ultimately, the system is not adequately supporting INAC employees. While we were informed by INAC management that the Department may not have access to certain PeopleSoft capabilities as a result of Cluster Group decisions, INAC should determine how to provide national tools and reports required for an effective and efficient operating environment.

6.1.5 Leave approvals

In addition to insufficient system support for leave tracking and electronic approvals, employees were found to be deviating from the leave approval policy. We understand from interviews that leave should be pre-approved by their supervisor. In some cases, pre-approval may not be possible, as advance notice of the leave is unreasonable (e.g. unexpected sick leave).

To determine whether leave transactions were approved according to policy, data analytics were performed across all leave transactions in the sample of regions to identify anomalies. A sample of anomalies in each region was investigated with regional management to determine whether there was reason for the irregularity. Specifically, the samples were investigated to determine whether the irregularity represented errors, omissions and / or data corruption. The anomalies examined are listed in Appendix C.3 Testing.

The evidence available varied significantly across regions. In some regions, hard copy leave approval forms were readily available, whereas in others, no evidence could be provided. The instances where no evidence could be provided can generally be attributed to inadequate training and documented procedures.

In each test region, exceptions were identified. Most notably, we found that a high number of leave transactions are approved 1-12 months after the leave is taken. A summary of 2008-2009 fiscal year annual leave pre-approval information (approval lag following date leave was taken) is summarized in the table below. We noted some duplicate transactions in the raw data provided, from which the data below is derived. Due to these duplicates we cannot confirm the exact accuracy of the results generated, but we are able to identify significant trends in the data. The results that were generated are indicative of an issue with pre-approving leave. Specifically, roughly 27% of the annual leave transactions were not pre-approved in PeopleSoft, of which roughly 9% were approved 1-12 months after the leave was taken.

Table 1 – Fiscal year 2008-2009 summary of approval delays for annual leave

* Figures include "Vacation" leave (PeopleSoft code 110) and "One-Time Vacation Leave Entitlement" (code 121).
** A portion of the transactions without an approval date may represent manual corrections to employee leave balances.
*** We noted duplicate transactions in the raw data provided; therefore, we cannot confirm the accuracy of the results generated.

We were informed that all unapproved leave requests are automatically approved in the system at year-end; therefore, managers may never acknowledge that the leave was taken. We understand that Compensation Advisors may contact managers to notify them of outstanding approvals; however, due to a lack of documented processes, we could not validate whether this is done in all cases. We found that management was not consistently aware of the pre-approval policy, and that delayed approvals were systematic.

Numerous instances were also found where leave approvals were being inappropriately delegated to individuals in non-supervisory positions (an Executive Assistant in one instance).

We found varying use of a generic leave code ("Other Paid Leave") across regions, which is used generally when other leave codes are not applicable. There is, however, no automated control over the use of this code, and we did find instances where a high amount of leave was taken by an employee in a given fiscal year using this generic code, but there was no evidence to support the reason or circumstances for the leave.

In addition to the direct costs of leave, the impact of resources being unavailable, particularly simultaneously, has a significant impact on operations. Proper management of leave, including planning, appropriate approvals and consideration to the impact on operations, is an important aspect of effective resource management.

6.2 Data integrity

Data integrity is vital for the reliability of the PeopleSoft system. If data is unreliable, key reports are compromised and user acceptance is reduced. Furthermore, with the upcoming GCPI project, data integrity is of utmost importance, as PeopleSoft will directly feed the Regional Pay System (RPS). To outline the key issues and risks, this section has been broken into three parts:

1. Data quality issues
2. Data governance and clean-up initiatives
3. Data quality impact

These areas are further described below

6.2.1 Data quality issues

It was noted from interviews that many individuals do not perceive PeopleSoft as a reliable source of data at INAC. Because of this perception, users have not relied on the system's reporting functionality, nor have they placed a high level of importance on ensuring the integrity of its data. Greater attention was instead paid to maintaining data in RPS, and capturing other HR data in external tracking systems.

PeopleSoft data was cross-verified with other relevant systems containing HR data, including the Regional Pay System (RPS) and manual pay cards, and Letters of Offer (See Appendix B. System cross-verification test results).

These tests found a large number of discrepancies between PeopleSoft data and the data contained in other systems. These discrepancies included data that affects salary and leave accruals, as well as HR management data, such as classification and position number. The exception rates are based on a comparison with an employee's hard copy file, which was considered to be the most reliable record by regional Compensation personnel.

There were significant salary discrepancies noted between PeopleSoft, RPS, OSMS and the employee hard copy file. In particular, we noted a 45% exception rate with the PeopleSoft salary fields for 77 samples taken across four regions (see Appendix B.1. Salary reconciliation between PeopleSoft, RPS and OSMS for further details).

While we understand that the mass data clean-ups in anticipation for the GCPI interface aim to correct salary field errors between RPS and PeopleSoft, the reconciliation does not include OSMS. In addition, prior to initiating mass data corrections, preventive controls should be in place to address those issues that are causing the errors. This is a key success factor prior to initiating mass data corrections through waves of clean up. This may explain why the observed error rate did not decrease as the waves were completed.

Fields impacting leave accruals
We examined key fields affecting leave accruals in PeopleSoft against the employee's hard copy file for a sample of employees in each of the regions visited, with the exception of the pilot site (Ontario region). We found several instances of inconsistent data between PeopleSoft and the hard copy file. Furthermore, we found multiple instances in which both the pay card and PeopleSoft had inaccurate data, as identified by regional Compensation personnel. We also found many exceptions in which the fields on the pay card were blank. Based on follow up interviews, we understand that, in some cases, this was due to key dates having never been calculated for a given employee.

We noted a 24% exception rate for Leave Service Dates in PeopleSoft (see Appendix B.2. Leave, benefits and pension data for further details). Due to the lack of a well-defined system of record for employee history and workflow documentation, the accurate dates could not be determined as part of the audit testing. However, some of the discrepancies noted were confirmed to be PeopleSoft data errors by regional Compensation Advisors.

The Leave Service Date field directly impacts annual leave accruals and cash-outs; therefore, the errors found indicate that previous accruals were incorrect. Due to the lack of a system of record for these fields, we cannot conclude how many accruals / cash-outs were erroneously impacted. The results are further detailed in Appendix B.2. Leave, benefits and pension data.

In addition to the Leave Service Date, Continuous Employment Start Date and Pension Service Start Date were cross-examined between the regional pay card and PeopleSoft. For Pension Service Start Dates and Continuous Employment Start Dates, roughly half of the valid samples that could be compared were found to have omissions or discrepancies in PeopleSoft (53% exception rate for pension and 43% exception rate for continuous employment). Appendix B.2. Leave, benefits and pension data details the results further.

One difficulty for Compensation personnel was that the date formats (order of month and day) in PeopleSoft differ from RPS and the manual pay card. As a result, errors were noted in which the month and day were interchanged in PeopleSoft.

Based on our testing, evidence suggests that for a high number of employees, benefits data are not captured accurately and leave accruals are not calculated correctly. The key fields examined are not inherent personal details that are easily available for validation. Rather, they require calculations based on the employee's Public Service history. We were not provided evidence to demonstrate that these key fields are validated, or that a history of how they are calculated is kept on file. Based on these tests, INAC should investigate this area.

Overall, the exception rate for key fields was high, indicating that data in PeopleSoft is unreliable. The quality of data in all fields was not examined; however, the above test results indicate that the quality of important data in PeopleSoft is compromised. We recommend that these dates and other key fields for leave and benefits be tested substantively and corrected accordingly.

Other fields examined
While salary fields, leave accrual dates, and length of service dates were found to be unreliable across a high number of employee samples, discrepancies were also found in all other fields tested against other systems, including last name, classification, position number, standard work week, pay list code, and increment date.

During our testing, we noted errors in a number of PeopleSoft fields that had previously been the subject of data clean-up waves. Additionally, we noted several incidences across the regions visited of data fields reconciled in previous waves having to be corrected in subsequent waves. However, because a system log of data changes was not available, it could not be determined whether a separate clean-up / data-change had modified the these fields following the previous clean-up wave. The lack of data governance, further discussed in Section 6.2.2 Data governance and clean-up initiatives, is a primary contributor to these issues.

Table 2 below summarizes some of the notable rates. Further test results and test details are provided in Appendix B – System cross-verification test results.

Table 2 – Summary of exception rates for six fields examined

Overall, a high number of discrepancies and data errors were noted during our testing. In many cases, the correct values were not known at the time of our testing because of the lack of a well-defined system of record and field definitions. As a result, we cannot quantify the budgetary impact. Rather, we have a high exception rate supporting our conclusion that the data in PeopleSoft is unreliable and that there is a lack of a central system for finding key employee information to reconcile against.

6.2.2 Data governance and clean-up initiatives

As detailed above, the data integrity of PeopleSoft is poor and has become difficult to correct. INAC is aiming to clean PeopleSoft data in preparation for GCPI through mass data corrections, termed by the project team as "waves" of corrections. Over the course of the audit, these waves were being completed. In addition to the GCPI clean-up waves, we were informed of several other data clean-up initiatives and data corrections being conducted, including:

• Workforce Management Project (reviewing name and position data in PeopleSoft)
• HR Dashboard and Reports review
• Treasury Board Position and Classification Information System (PCIS) reconciliation for classification conversions
• Regional reconciliations between PeopleSoft and:
  
  
  • Regional organizational charts
  • RPS
  • OSMS
• Organizational chart reconciliations in preparation for NAKISA (PeopleSoft organizational chart function)
• Classification re-alignments
• Changes to pay lists

Although requested, we were not provided with a comprehensive list of all data clean-up initiatives underway, nor were we provided with a framework for data governance and data change management. Evidence was not available to demonstrate if any one of these clean-up initiatives reconciles the three computer systems (RPS, PeopleSoft and OSMS), to the hard copy employee file. In addition, it was noted in interviews, and in the GCPI clean-up dashboards, that a system of record to "reconcile against" is not defined.

In addition to the clean-up initiatives, corrections and modifications to PeopleSoft data are made regularly. During audit fieldwork, we observed many occasions of regional HR personnel making changes in real-time to data errors and omissions. Evidence was not made available to demonstrate that a well-defined authorization and approval process is in place for PeopleSoft data corrections and vacant account deletions. Interviewees indicated that approval processes were not well defined and that direction from headquarters regarding appropriate correction procedures was lacking and unclear.

Another aspect of data governance is system access. Until data ownership is defined, decisions regarding access rights cannot be made effectively. Access to PeopleSoft is granted and revoked centrally by HRMS according to regional requests. Access to various PeopleSoft modules is not well restricted. Specifically, people in different business units and geographical locations have access to modify the same employee data. There was no evidence of consistent, well-defined protocols for monitoring user access on an on-going basis. Therefore, we recommend that the current process for authorizing and monitoring access be reviewed and that controls be introduced to preserve the integrity and reliability of fields that will affect pay transactions, which will be critical post-GCPI.

Perhaps most critical to GCPI preparedness, we noted changes made to data that had already undergone waves of clean-up. The changes had been made in headquarters to regional employee accounts without notification to regional personnel. As a result, the data no longer reconciled with RPS and, in some cases, regional HR representatives became unable to access critical employee information in PeopleSoft.

We also found new data-entry errors in fields that had already undergone the waves of clean-up due to the lack of preventive controls and alignment between data modifications. In addition to inadequate workflow documentation and a lack of preventive controls, regional representatives indicated that no additional training was provided to aid with the correction process. The additional work is, therefore, a further burden on strained resources for some regions. Overall, without process changes, the introduction of preventive controls and training, the data quality problems cannot be addressed effectively.

Corrections should first be analyzed to assess the impact on key reports, system features and impact on other data fields. Correction sequencing is essential, and iterations may be required. An appropriate approval process is crucial to managing a data clean-up project, particularly given the importance of proper sequencing. At the time of the audit, there was a lack of evidence demonstrating that projects correcting PeopleSoft data were sufficiently coordinated and aligned. As well, approval protocols were unclear.

Due to a lack of evidence, we could not establish the integrity of the PeopleSoft information and effectiveness of the clean-up initiatives. Rather, audit evidence demonstrates the contrary. This problem is amplified by a lack of governance providing clarity on who owns the PeopleSoft data and how the responsibilities to maintain data integrity are assigned between business units and between regions and headquarters. This lack of governance poses a high level of risk independent of the pay interface clean-ups.

Appendix A – Recommended approach further explains these recommendations.

6.2.3 Data quality impact

A lack of data integrity is perhaps the most significant single finding with respect to PeopleSoft at INAC. In addition to a risk to leave accrual and cash-out accuracy, the data quality impact is two-fold:

• Lack of key management reports to provide an accurate overview of human resource information. Metrics as simple as the number of employees in a given area cannot be accurately generated.
• Risk to payroll when GCPI interfaces PeopleSoft with RPS.

The above two areas of impact are significant. Without key reports, INAC lacks critical information for decision-making and strategic planning. Furthermore, if PeopleSoft interfaces RPS before the issues are addressed effectively, the data quality of RPS will be impaired, affecting INAC payroll expenditures. According to leading practices and established security models, a database with a given level of integrity should not read from a database with a lower level of integrity. Similarly, a database of low integrity should not write to one with a higher level of integrity. [Note 8]

While INAC is aiming to address the data integrity gaps in PeopleSoft, there is a lack of alignment, correction sequencing, and preventive controls. Based on the above principles and the current state of the PeopleSoft system, we recommend that INAC not interface PeopleSoft with RPS at this time.

6.3 Key PeopleSoft reports

The ability for management to obtain accurate and timely workforce information plays a critical role in providing a departmental overview of employee data. With a strong knowledge of its workforce, a department can better inform its planning and decision-making processes in support of program delivery, thereby increasing the likelihood of program success. Moreover, it allows for reliable reporting to stakeholders on key metrics, including in the case of INAC, reporting on progress against its 50% Aboriginal recruitment target.

Two principal factors affecting the quality of management reports were examined:

1. Report availability
2. Report reliability

These areas are further described in the following sections.

6.3.1 Report availability

We observed gaps in the availability of key HR metrics, limited management access to system reports, and the existence of external tracking systems. These areas are further detailed below.

HR metrics

HR metrics are a key input for the development of work plans, assigning resources and reporting on performance. Throughout the course of the audit, several requests for employee statistics by region were made. In particular, we requested headcount, Full Time Equivalent (FTE) and salary expenditures by region. While some regional statistics were provided, a comprehensive overview was not made available for review. Furthermore, definitions of the main employee counts (headcount, FTE, strength) required for resource planning and reporting purposes were not available until February 2010.

The difficulty in obtaining these key HR metrics was largely a function of the ambiguity surrounding the definition of each metric. Three different definitions for headcount, FTE and strength were provided to regions in January 2010 from headquarters. Because PeopleSoft does not inherently track these metrics, the varying definitions caused inconsistent, labour-intensive reports to be generated. While the definitions were defined and approved during the course of the audit, the lack of regional coordination throughout the period of debate signals a key risk: lack of direction and awareness with respect to reporting.

This observation was further amplified by interviews, in which interviewees expressed confusion over the following: what reports are available from PeopleSoft; how to generate customized reports; what reports should be communicated/shared with headquarters to maintain an accurate departmental overview; and where to find current, accurate definitions for key HR reporting terms. As a result, we could not establish consistency between salary and HR reports provided for our review by headquarters and regions visited.

We understand that generating reports is difficult. INAC uses an implementation of "Business Objects", a PeopleSoft reporting tool, to generate reports. However, people require training and knowledge to use this reporting environment. As a result of a lack of training and experience, many regions must request reports from headquarters. These requests can be resource-intensive and are not always fulfilled.

As a result of the ambiguity surrounding the definition of key HR metrics, the lack of training and experience in producing PeopleSoft reports, and the lack of consistent business practices surrounding data entry, the Department's ability to produce timely and accurate management dashboards and HR metrics has been impaired.

Management access restrictions
Another aspect of the lack of reports available to support management decisions is access restrictions in PeopleSoft. To make key resource planning decisions, managers require a view of employee schedules and leave dates. At INAC, managers only have access to view PeopleSoft profiles for employees reporting directly to them. For example, directors will only have access to view leave dates for the managers reporting directly to them, but not the employees reporting to the managers. To resolve the issue, directors request employee details from managers, which is inefficient. To have a complete view for resource allocation and planning, and to make informed leave approval decisions, management should have read-only access to view the schedules of all employees reporting to them, directly and indirectly.

External tracking systems
External tracking systems (or "black books") operate outside the architecture of a system and pose considerable risk to the effectiveness of the system of record. Most notably, they promote costly duplicate data entry processes and expose an organization to the loss of potentially critical corporate knowledge.

Implementation of these systems almost invariably arises when the dedicated system, for one reason or another, is not meeting the needs of its users. In the case of PeopleSoft, the lack of functionality in PeopleSoft's current configuration to track overtime, compressed work week schedules, training and skill-set information, coupled with the restricted PeopleSoft views for management and the lack of clear, consistently applied definitions for HR metrics, has increased management's reliance on external tracking systems. As an example, reports of employees near retirement (for resource planning) and reports to determine length of service awards were not available to regions. Even at headquarters, reliable reports for length of service and retirement eligibility could not be generated due to a lack of definitions and integrity for key date fields (see Appendix B.2. Leave, benefits and pension data for data integrity test results).

Ultimately, key reports from INAC's PeopleSoft implementation are not generated in a timely, consistent manner across the Department. A complete and accurate dashboard of employees, detailing position and salary data should be readily available to provide a basis for key operational and strategic decisions at INAC. Until the root causes of the system that have led to the implementation of external systems are addressed, there is a risk that critical information will not be managed, made available to support decision-making, and most important, retained for future uses.

6.3.2 Report reliability

The lack of readily-available information to support management decisions is a significant short-coming of PeopleSoft environment at INAC. The problem is amplified by the lack of data integrity, discussed previous in Section 6.2 Data integrity, which makes the reports that are available unreliable.

The two issues combined indicate that the Department lacks readily-available and reliable information to effectively manage resources. Therefore, there is a significant risk of the ineffective deployment of resources. In order to remediate the problem, we recommend that INAC address both the root causes of data errors and the root causes of report unavailability. Information should be both reliable and readily-available to INAC management.

7. Business impact of audit findings

The seven individual findings detailed in the report, when combined, result in the following three conclusions:

• INAC lacks readily-available and reliable metrics to make informed management decisions.
• The Department does not have access to PeopleSoft capability that would allow it to reduce manual inefficiencies, automate complex calculations and implement a sound management control framework.
• INAC is not ready to interface PeopleSoft with the Regional Pay System as planned under the GCPI project.

The above conclusions are more significant when viewed within the context of INAC's corporate risk profile. INAC's corporate risk profile identified "Information for Decision-Making" as one of the top eight risks faced by the Department. [Note 9] INAC defines this risk as not being able to make "sufficient progress to improve access to timely, pertinent, consistent and accurate information to support planning, resources allocation and programming decisions, monitoring / oversight, and to fulfill its accountability obligation."

Due to the criticality of this risk, we provided management briefings and feedback regarding the audit findings throughout the course of the audit. We understand that some of the individual findings have recently been recognized by INAC and that some are being addressed. However, there was no evidence to demonstrate proper sequencing of corrective action and coordination across INAC. As a result, the combination of findings poses a significant risk to INAC. Figures 1-3 below demonstrate how the individual findings combine to create the three conclusions listed above.

Figure 1 - Conclusion regarding a lack of HR information with supporting individual findings

The chart demonstrates how the individual findings combine to create the first of the report's three conclusions: INAC lacks the readily-available and reliable metrics to make informed management decisions. Individual findings are grouped into two broad areas that, taken together, support the audit conclusion. The two broad areas are as follows: lack of report availability and lack of data integrity.

The lack of report availability area is supported by the following four findings:

• Finding #1 – inadequate documented processes and lack of sufficient - trained resources;
• Finding #2 – Lack of collaboration, communication and consistency – in particular, between HR and IT;
• Finding #3 – Employee training, overtime, and compressed work information currently unavailable in PeopleSoft; and,
• Finding #7 – Key reports are not readily available, ability to generate reports varies across regions examined.

The lack of data integrity area is supported by the following five findings:

• Finding #1 – inadequate documented processes and lack of sufficient trained resources;
• Finding #2 – Lack of collaboration, communication and consistency;
• Finding #3 – Insufficient system controls and functionality available in PeopleSoft;
• Finding #5 – Unreliable data; and,
• Finding #6 – Lack of data governance and a well controlled clean-up strategy.

Figure 2 - Conclusion regarding inefficiencies and insufficient controls with supporting individual findings

The chart demonstrates how the individual findings combine to create the second of the report's three conclusions: We were informed by INAC management that the Department does not have access to PeopleSoft capability that would allow it to reduce manual inefficiencies, automate complex calculations and implement a sound management control framework. Individual findings are grouped into two broad areas that, taken together, support the audit conclusion. The two broad areas are as follows: process gaps and system gaps.

The process gaps area is supported by the following five findings:

• Finding #1 – inadequate documented processes and lack of sufficient - trained resources;
• Finding #2 – Lack of collaboration, communication and consistency – in particular, between HR and IT;
• Finding #4 – High number of leave transactions not approved in accordance with policy;
• Finding #6 – Lack of data governance and a well controlled clean-up strategy; and,
• Finding #7 – Ability to generate reports varies across regions examined.

The system gaps area is supported by the following four findings:

• Finding #3 – Insufficient system controls and employee training, overtime and compressed work information currently unavailable in PeopleSoft;
• Finding #4 – High number of leave transactions not approved in accordance with policy;
• Finding #5 – Unreliable data; and,
• Finding #7 – Key reports are not readily available.

Figure 3 - Conclusion regarding lack of GCPI preparedness with supporting individual findings

The chart demonstrates how the individual findings combine to create the third of the report's three conclusions: INAC is not ready to interface PeopleSoft with the Regional Pay System as planned under the GCPI project. Individual findings are grouped into two broad areas that, taken together, support the audit conclusion. The two broad areas are as follows: root causes not address and lack of effective governance.

The root causes not addressed area is supported by the following three findings:

• Finding #1 – inadequate documented processes and lack of sufficient trained resources;
• Finding #3 – Insufficient system controls and employee training, overtime and compressed work information currently unavailable in PeopleSoft; and,
• Finding #7 – Key reports are not readily available and ability to generate reports varies across regions examined.

The lack of effective governance area is supported by the following three findings:

• Finding #2 – Lack of collaboration, communication and consistency; and,
• Finding #5 and #6 – Unreliable data coupled with a lack of data governance and a well controlled clean-up strategy.

The three conclusions impact key aspects of INAC business, program delivery and operations, as detailed in the sections below.

7.1 Improving program delivery

Without readily-available and reliable metrics to make informed management decisions (see Figure 1), resource planning for the delivery of programs is impacted. Without a view of employee availability, position, skill-set and salary data, resource planning at both a high level and a more granular level cannot be conducted effectively. Resource planning is an essential element of program management [Note 10] and is one of the nine knowledge areas of the Project Management Body of Knowledge. A lack of capability to manage, plan and allocate resources effectively puts programs and new projects at risk.

Human resource management systems, such as PeopleSoft, create value by consolidating data across many areas into one central location and providing a common, advantageous, organizational view for employee and resource information. We found a lack of evidence to demonstrate that PeopleSoft has yielded this fundamental benefit for INAC. Instead, data is still entered into multiple systems and tracking sheets and the PeopleSoft consolidated views are unreliable. Overall, as a result of the current state of business and system processes, PeopleSoft cannot effectively support human resource planning for program delivery.

7.2 Increasing operational effectiveness and improving effectiveness of controls

The PeopleSoft environment impacts INAC operations in two ways: it contributes to inefficient manual processes and it lacks key controls to safeguard HR data, serve employees and support payroll. The impact in each area is summarized below.

Efficiency / cost-effectiveness

As a result of manual-intensive calculations, multiple systems of record and insufficient trained resources, PeopleSoft is not facilitating efficient processes. An effective human resources management system should reduce overhead and manual labour by:

• Consolidating data in one database
• Automating required complex calculations
• Providing a single, customizable view of an organization's human resources

Instead of reducing overhead through the functions above, evidence suggests that PeopleSoft is currently adding to manual labour and operational inefficiencies at INAC. There is heavy reliance on the hard work and diligence of a handful of employees, which is not a sustainable model. The system should have controls and functionality that reduces workload.

Key controls to support operations

We observed a lack of effective controls around data input, data change management, leave cash-out calculations in support of payroll, and leave approvals. The lack of a sound management control framework for PeopleSoft is hindering business operations for INAC. While a pay interface is a method of potentially alleviating current manual work, if PeopleSoft were to interface RPS at this time, the payroll data could be compromised, further increasing the overall impact to operations. The lack of functionally, controls and data integrity is hindering service to employees (for example, their leave, benefits and length of service awards) and is compromising critical INAC data.

8. Conclusion

The objectives of this engagement were to provide assurance that the data entry process and management control framework related to the PeopleSoft system enable the production of reliable management reports in a consistent manner across the country.

The audit identified a number of gaps in the management control framework in place to support INAC's HR management system, including: inadequate documentation of PeopleSoft activities and workflows; a lack of collaboration amongst HR, IT, business units, and regions; continued data integrity issues, including data affecting accruals and cash-outs; a lack of data governance and a well-defined clean-up strategy; and limited availability of key metrics. When taking together, these weaknesses have negatively impacted the reliability of system data and have impaired its ability to fully address the needs of the Department.

While progress has been made to address known PeopleSoft errors through mass clean-ups, a lack of approvals, correction sequencing, preventive controls, and data validation across all relevant systems, has limited their effectiveness. Without a consistent approach to address the root causes of unreliable data, the lack of documentation, training, communication, and data governance, clean-up efforts will continue to be ineffective.

In addition to short-comings in reporting and data integrity, the system does not effectively support the operational needs of INAC; instead, it is heavily dependent on manual, labour-intensive processes that put a further strain on resources. The inefficiencies caused by a lack of system functionality, key controls, training, and documented processes are resulting in costly manual labour.

Due to the lack of data integrity and the gaps observed in the system's management control framework, we cannot provide assurance that PeopleSoft enables the production of timely, reliable management reports consistently across INAC. The inability for the Department to generate accurate, timely reports, especially as it relates to the number of employees, workforce demographics, and salary expenditures, is impeding its ability to make informed resource-related decisions. Therefore, there is a significant risk of ineffective deployment of resources, which may ultimately impact program delivery.

While the GCPI could eliminate the need for multiple points of data entry, thus alleviating some manual work and allowing for the re-alignment of resources, efficiency will only be gained if the interface implementation is successful. During the course of the audit, several data clean-up initiatives were underway. We observed a lack of approvals, correction sequencing, preventive controls, and consideration to all relevant systems. This is a significant risk to payroll data that would nullify any gain in data input efficiency, and that may introduce new problems. Evidence was not available to demonstrate that key aspects of the implementation have been considered, including how compensation and staffing roles will change, the necessary training involved or how data and access to data will be governed. Given the aggressive GCPI timeline, the project is high-risk and lacks a complete departmental overview of the implications.

Overall, we conclude that the findings are negatively impacting resource planning for program delivery and business operations, in addition to contributing to costly inefficiencies. Based on the current state of the PeopleSoft system, we recommend that INAC not implement the GCPI interface at this time. In particular, we recommend that the root causes of data errors be addressed prior to mass clean-ups. Once the root causes are addressed and preventive controls are in place, we recommend that a single, coordinated, controlled and consistent reconciliation process be performed across all systems. Only then should interfaces to other key systems be considered for implementation; without this sequencing of actions, critical INAC data will be jeopardized.

9. Acknowledgements

We would like to acknowledge the efforts of those who provided input to the audit, with particular thanks to personnel engaged in the maintenance of PeopleSoft data and responsible for the administration of pay and benefits.

10. Management Action Plan

Subsequent to the preparation of the Management Action Plan, the Human Resources and Workplace Services Branch (HRWSB) has undertaken a number of the mitigating actions, as outlined below, to address the deficiencies noted with the PeopleSoft system and the Government of Canada Pay Interface (GCPI) project. To date, significant progress has been made by the Branch to improve the issues noted with respect to system governance and data integrity, and GCPI as of Dec. 31, 2010, has been successfully implemented across the eleven regions within the timeframe and the budget allocated. Over the next few quarters the Branch will work towards the completion of its management action plan, providing periodic updates to the Audit and Evaluation Sector and the Audit Committee.

Appendix A - Recommended approach

The data integrity issues in PeopleSoft present a challenge that should not be underestimated. Cleaning the database will require a coordinated, systematic approach, a significant invest in time, and an appropriate alignment of resources. However, significant returns on investment can be achieved if PeopleSoft can then be leveraged to manage HR information effectively and reduce operational workload.

The root causes of data errors should be identified and resolved before introducing data correction initiatives. These root causes include the following broad areas:

• Training – Training should be provided for people entering data into the system, maintaining the system, and using the system to view or generate management reports.
• Resources – Resources refer to both employees and investmentsin tools, advisory services and funding. Resources include people in the right areas (alignment), with the right skills (training) and experience to:
  • Enter data into PeopleSoft,
  • Maintain and improve data integrity,
  • Refine PeopleSoft functionality, automating routine tasks,
  • Deliver training and end-user support,
  • Monitor and enforce adherence to policies, and
  • Implement and monitor controls, including system access controls.
• Access controls – Access controls include key preventive and detective controls to validate that only authorized people modify data.
• Communication – Communication includes implementing procedures, policies and central guidance from headquarters across all regions.
• Automated controls – Automated controls include preventive, detective and monitoring controls, which help improve operational effectiveness and efficiency, in addition to improving data quality.
• Data governance – Data governance includes defining data ownership and employing access controls to validate that data changes are authorized, approved and tracked.
• Documented workflow – Documented workflows should be in place for end-to-end HR processes and activities. Prior to automation, business operations and HR workflow should be documented so that the right processes are automated.
• HR and IT alignment – Alignment includes coordination between business units so that people using and maintaining PeopleSoft are working towards the same objectives.

The diagram below represents how we recommend addressing the data quality issues. Specifically, we recommend that the root causes of data errors be identified and addressed and that there is alignment, coordination and communication across all stakeholder business units and regions. With the system contained and protected from the generation of new errors, a single, coordinated error-correction process across all systems should be conducted.

Preventive controls and measures

In order to promote data integrity in a system, there must be a single, coordinated error-correction process supported by a host of preventive controls and measures. The diagram depicts the eight board areas for which preventive controls and measures should be developed such that, taken together, they support a single, coordinated error-correction process and ultimately, improve the data integrity of the system. The eight broad areas are as follows:

• Training;
• Access controls;
• Automated controls;
• Documented workflow;
• Resources;
• Communication;
• Data governance; and,
• HR and IT alignment.

Appendix B - System cross-verification test results

To determine the degree of data reliability for some key fields in PeopleSoft, we performed a cross-verification of HR fields, including last name, Personal Record Identifier (PRI), position number, classification, and salary that affect employee profiles, pay, benefits, and management reports across multiple relevant systems as follows:

• PeopleSoft System – Customized for INAC and part of the PeopleSoft cluster, it has historically been used for employee leave management and is assumed to contain the most complete database of INAC employee information.
• Regional Pay System (RPS) – RPS is used for payroll at INAC. The system is housed in PWGSC, but INAC Compensation Advisors access the system for data input through a Compensation Web Application (CWA).
• Oasis Salary Management System (OSMS) – OSMS is used for salary forecasting and reporting.
• Pay Card – Manual pay cards are used to track an employee's pay history at INAC. The Pay Card stays on file at the office from which the employee is paid.
• Letter of Offer – An employee's Letter of Offer serves as the authorization for pay and defines the employee start date, classification, salary range, and position number.
• Organizational chart – The majority of the regions visited were using an organizational chart generated from an external system. [Note 16]
• Compensation Advisors – Through inquiry, we leveraged experience and skills in calculating key information.

We also cross-referenced the following fields for a sample of employees, which impact leave accruals, benefits pay and pension.

• Standard work week
• Leave start date
• Continuous employment start date
• Pension start date
• Pay list code
• Next increment date*

* We found that the Next Increment Date fields were not entered into PeopleSoft in the majority of files examined. Therefore, this was not included in the test results below. However, next increment dates have an impact on pay. We understand that the next increment date field will not be included in GCPI waves of clean-up. Therefore, we recommend that these dates be reviewed for accuracy and consistency across systems.

Finally, we reviewed the benefits program code and salary amount for consistency with the classification and respective collective agreement.

Our sample was chosen using a risk-based approach. [Note 17] A sample of the minimum between 10% and 25 employees (based on approximate numbers since population completeness could not be established) was chosen in each region. From the sample population, not all fields were applicable to each sample employee. As a result, the number of employees considered in the system cross-verification varied slightly for each field.

The results of our testing are summarized in the sections below. The exception rates are based on a comparison with an employee's hard copy file, which was considered to be the most reliable system of record by regional Compensation personnel. The reliability of the employee hard copy files could not be established, as outlined in Section 4. Unavailable information. Therefore, we cannot provide assurance over the benchmark used for testing.

B.1. Salary reconciliation between PeopleSoft, RPS and OSMS

For cases where the employee hard copy file was incomplete and the datain PeopleSoft could not be compared, the samples were removed from the results below. The results include exceptions with respect to PeopleSoft data omissions and discrepancies between fields in PeopleSoft and the hard copy file (but not data omissions in the hard copy file).

The table below summarizes salary testing results. Some samples selected for testing were inconclusive due to unusual circumstances whereby the employee was not captured in the systems tested (e.g. substitute teachers, [Note 18] secondments).

In addition, we found instances where the hourly compensation rate in PeopleSoft was not extracted properly onto reports because a salary field had not been overwritten in PeopleSoft. This overwrite is not normally required if parameters are set correctly under the Payroll module; however, regions have been instructed to enter hourly compensation as salaried under the Payroll module, which requires overwriting the resultant salary under the Compensation module. This is of particular relevance for student employees. Regional representatives indicated that requests had been made to headquarters to change this policy; however, the requests were not met.

Overall, salary information does not reconcile between the three systems and the manual pay card. Not only did PeopleSoft not reconcile with RPS and OSMS, but OSMS and RPS did not reconcile with each other.

We understand that the GCPI waves of corrections aim to address this issue for PeopleSoft and RPS; however, we have not been provided evidence to demonstrate how OSMS will be taken into account, nor how the waves will be conducted to confirm the following:

• The right corrections are made according to a well-defined system of record
• Settings in PeopleSoft are appropriate (e.g. salary versus hourly compensation rate)
• An appropriate approval process for data changes is in place
• Sequencing of corrections is carefully planned

While our testing began prior to the wave for salary data clean-up ("Wave 3"), the error rate for salary data remained consistent for regions tested after Wave 3 had been completed. While regional variances exist, the results suggest that the waves of clean-up may not be effective without the implementation of other measures, including preventive controls. This observation was consistent with regional interviews.

B.2. Leave, benefits and pension data

Key date fields that impact leave, pension and benefits were examined for consistency between PeopleSoft and manual pay card records. The same samples used for the salary cross-verification test (discussed above) were selected. However, in cases where we were informed by Compensation that the date fields were not applicable to the classification per the collective agreement, they were omitted from the testing.

A high exception rate for all dates was observed, as further detailed below. One difficulty for Compensation personnel was that the date formats in PeopleSoft differ from RPS and the manual pay card. As a result, errors were noted in which the month and day were interchanged in PeopleSoft.

While the exception rate is high, a greater risk is associated with the lack of a reliable system of record. For each of the fields examined (Pension Service Start Date, Continuous Employment Start Date, and Leave Service Date), it was not clear where the system of record was. More importantly, no formula or documented guideline was available to allow the accuracy of these fields to be tested. In many cases, knowledgeable Compensation personnel had to spend a significant amount of time tracing through an employee's Public Service history to calculate these dates.

Pension Service Start Dates

We tested the Pension Service Start Dates in PeopleSoft for consistency with the manual pay card based on interviews that noted the pay card to be the system of record. In some regions, we found the Pension Service Start Date to be omitted from PeopleSoft completely, and in many cases, from the pay card as well. While this date is tracked in a separate contributions system, it is not clear where the system of record is.

Pension start dates have an impact on pension and follow the employee through transfers to other departments via their pay card. While testing of pension pay was not within the scope of the audit due to involvement from other government departments, discrepancies observed represent a risk to INAC, which should be further investigated. Below summarizes our test observations with respect to Pension Service Start Dates. The total exception rate is calculated based on the number of files examined with an exception noted (if two exceptions were noted in one employee file, the entire file is included as one exception under the total rate). The "Exception rate where PeopleSoft data was inconsistent or blank (%)" excludes samples with pay card data omission. Therefore, the sample size for this total is smaller than for that of the total exception rate.

Leave Service Dates

Leave service start dates are a critical field for leave accruals and cash-outs and are mandatory fields in PeopleSoft. The system of record for these dates is PeopleSoft. The date is also kept on the employee pay card, which follows an employee if they transfer departments. Some leave accruals and allowances depend on the Leave Service Date. Therefore, this date has a financial impact; specifically, leave cash-outs at year end and the cost associated with a worker being away from the office while continuing to be paid.

The following summarizes the exceptions noted with respect to Leave Service Dates. The total exception rate is calculated based on the number of files examined with an exception noted. The "Exception rate where PeopleSoft data was inconsistent (%)" excludes samples with pay card data omission. Therefore, the sample size for this total is smaller than for that of the total exception rate.

The primary risk associated with the Leave Service Dates was not the inconsistencies noted between PeopleSoft and the pay cards, but rather with the complex history required to determine the accuracy of the dates. We observed that Compensation personnel had difficulty confirming the accuracy of Leave Service Dates because an entire employee history had to be reconstructed and calculated manually in accordance with the collective agreement. While a tool in PeopleSoft assists in the calculation, knowledge of all collective agreements and what time can be counted is required. As a result of the lack of formulas and documented business processes for PeopleSoft, the accuracy of these dates could not be tested further and resulted in scope constraints. In several instances, we confirmed that the Leave Service Date in PeopleSoft was inaccurate; however, the accurate date could not be tested for each exception noted.

Continuous Employment Start Dates

In addition to the pension and leave dates discussed above, we found discrepancies with respect to the Continuous Employment Start Dates, which also affect employee benefits. A summary of our findings is displayed in the table below. The total exception rate is calculated based on the number of files examined with an exception noted (if two exceptions were noted in one employee file, one exception is included under the total rate). The "Exception rate where PeopleSoft data was inconsistent or blank (%)" excludes samples with pay card data omission. Therefore, the sample size for this total is smaller than for that of the total exception rate.

Summary

Overall, the observed exception rates are high. The table below summarizes the exceptions in PeopleSoft that can impact accruals, leave cash-outs and benefits pay. These totals are based on errors or discrepancies in PeopleSoft only. They do not include pay card omissions. Therefore, the sample sizes vary based on the number of pay card omissions for the given field found in the sample selection. (See the right-most column in the tables of the sections above.)

Leave and benefit date fields test results

B.3. Classification and position numbers

We found discrepancies with respect to position numbers and classification. In particular, principals working for federal schools do not have a well-defined classification number. The classification differs between RPS (EDEST07) and PeopleSoft (EDEST04). Regional management explained that this is an on-going issue for GCPI because both classifications are valid as a result of two different sources of data.

Student position numbers were also found to differ between RPS and PeopleSoft. In PeopleSoft, students do not have a position number, whereas in RPS, students do have a position number. This is a problem currently known to INAC management; however, interviewees were not aware of how the issue will be resolved for GCPI. Regional interviewees indicated that solution suggestions to date (at the time of interviews) were impractical, such as terminating and rehiring the student employees.

In several regions, casual employees were allocated a shared position code. Therefore, these position numbers are not unique and the positions cannot be distinguished in an organizational chart.

In addition to systematic discrepancies for special cases (students, school principals), inconsistencies were noted across systems (PeopleSoft, OSMS, RPS, and pay card and letter of offer) for classification and position fields. While the exception rate was lower for classification and position data than for salary, it was still high in several regions. More importantly, discrepancies continued to be noted after the waves of clean-up had been completed for classification and position data.

A summary of these exceptions is illustrated in the table below (these results exclude systematic inconsistencies observed for students and school principals). Of particular concern is that the observed exception rate was higher after waves of clean-up. While this may be due to regional variances in integrity, it signals that the waves may be ineffective. In particular, we noted position number discrepancies that had been introduced after a GCPI wave by a separate classification clean-up performed in headquarters. Regional representatives had not been informed of the change and were unfamiliar with the details of the classification clean-up. There was no evidence to demonstrate that the multiple clean-up initiatives and corrections were coordinated.

The table below illustrates the errors observed in PeopleSoft for a sample size of 85 employee records taken across four representative regions. Further errors were observed in OSMS and regional organizational charts. Overall, the exception rate is high for these critical fields.

B.4. Other PeopleSoft fields

In addition to salary, benefits dates, and position and classification, other fields were examined and discrepancies were noted between systems. We found some exceptions with the following:

• Employee names
• Pay List codes
• Standard Work Week

For these fields, the exception rate was lower than for fields discussed in B.1, B.2, and B.3. However, the errors noted in the fields listed above were observed following the waves of clean-up that aimed to correct them.

Following Wave 3 of GCPI clean-up, we noted a case where an employee's acting position had not been entered into PeopleSoft. Because the employee was acting under a new classification type, the collective agreement governing their classification had changed; therefore, the benefits program code in PeopleSoft was incorrect. Timely data entry for acting positions is important to maintaining accurate benefits; therefore, the workflow associated with new acting positions should be examined more closely. This is perhaps more critical with the new process for Fast Track hiring.

Appendix C - Audit approach

The audit fieldwork was conducted at headquarters and in the following sample of regions:

• Ontario (Toronto office)
• Alberta (Edmonton office)
• Saskatchewan (Regina office)
• British Columbia (Vancouver office)
• Yukon (Whitehorse office)

The five regions were chosen through criteria including number of employees, level of annual program funding, number of sites in the region, other organizations serviced in the region (e.g. Indian Oil and Gas Canada), and unique human resource circumstances (e.g. federal teachers). The Ontario regional office in Toronto was used as a pilot site to gain an understanding of the business and system processes and associated risks, as well as regional differences.

We used a risk-based approach to scope the audit and focus on areas of greatest risk to INAC. We assessed the effectiveness of controls in place for:

• Delivering the HR functions that are supported by PeopleSoft
• Managing employee information
• Managing leave, including requests, approvals, monitoring and accruals

We recognize the importance of timely feedback and provided management briefings and feedback routinely throughout the course of the audit. This approach allowed management to consider the audit feedback in a timely manner and begin addressing some of the more critical findings identified in this report.

The audit program was structured to include interviews, documentation reviews and testing. These activities are further detailed below.

C.1 Interviews

Interviews were an integral component of the audit program and were conducted at headquarters and in all the regions visited. Interviews were conducted across all levels of HR (directors, managers and officers) and gave us an understanding of PeopleSoft processes, as well as differences across the regions visited. The interviews were important because they provided an understanding of the regional HR processes supported by PeopleSoft, how people were coping with gaps in system functionality and the organizational risks being managed across INAC.

C.2 Documentation reviews

Documentation reviews were performed throughout the audit. A preliminary documentation request was used to develop a risk-based audit program. Documentation in the regions was then reviewed to understand the regional differences and identify areas of further risk. A final documentation review was performed to follow-up on issues that arose during the audit and gain a deeper understanding of the controls and associated risks. We also reviewed management actions plans and corrective initiatives undertaken during the course of the audit. A list of documents reviewed is provided in Appendix E – Documents reviewed.

C.3 Testing

Both the interviews and documentation reviews served to identify areas of risk requiring testing. A risk-based test plan was designed to investigate the design of controls as well as operating effectiveness of these controls. The following tests were performed to identify PeopleSoft data anomalies and validate information gathered through our interviews.

Tests for new hires within the PeopleSoft process

To assess process and workflow controls for new hires, we validated that security clearance at the Enhanced Reliability level was awarded prior to PeopleSoft hire date for a sample of employees.

Tests for leave approvals

To determine whether leave transactions were approved according to policy, we performed data analytics across all leave transactions to identify anomalies. We used data analytics to examine a large amount of raw data and identify patterns and anomalies. This method aided a risk-based audit approach by identifying variances and irregularities to investigate further. Using data analytics, entire populations can be examined, instead of just a sample from the population. Therefore, we considered the entire population of leave transactions for a given year to test for the anomalies listed above.

Based on the results of data analytics, a sample of irregularities in each region was followed up on with regional management to determine whether there was reason for the anomaly. Specifically, the samples were investigated to determine whether the irregularity represented errors, omissions and / or data corruption. The anomalies tested are listed in the table below with examples of follow-up evidence requested.

Tests to validate information in fields impacting benefits, leave cash-outs and leave accruals

The accuracy of PeopleSoft fields that affect leave payments and accruals was examined using a sample-based test. Samples were chosen using a risk-based judgement approach from multiple system sources. Random sampling was not possible because a complete population of INAC employees could not be established.

The following fields were compared with the manual pay cards. Inconsistencies were investigated.

• Leave Service Date
• Continuous Employment Start Date
• Next Increment Date
• Pension Service Start Date

For the sample employees selected, we examined the salary and Benefits Program field in PeopleSoft for alignment with classification and the respective collective agreement.

Tests to validate data consistency across systems

Because INAC does not have one defined system of record for all employee personal and pay-related data, several systems were examined. We requested that each region identify their system of record for the various employee records. There was a lack of consistency in these answers across all regions visited. Employee information was reviewed in each of the following systems to establish the integrity and consistency of employee records:

• PeopleSoft System – Customized for INAC and part of the PeopleSoft cluster, it has historically been used for employee leave management and is assumed to contain the most complete database of INAC employee information.
• Regional Pay System (RPS) – RPS is used for payroll at INAC. The system is housed in PWGSC, but INAC Compensation Advisors access the system for data input through a Compensation Web Application (CWA).
• Oasis Salary Management System (OSMS) – OSMS is used for salary forecasting and reporting.
• Pay Card – Manual pay cards are used to track an employee's pay history at INAC. The Pay Card stays on file at the office from which the employee is paid.
• Letter of Offer – An employee's Letter of Offer serves as the authorization for pay and defines the employee start date, classification, salary range, and position number.
• Organizational chart – The majority of the regions visited were using an organizational chart generated from an external system.
• Compensation Advisors – Through inquiry, we leveraged experience and skills in calculating key information.

While employee records should be consistent across all systems, discrepancies were identified as a result of both data input errors and system differences (for example, the name initials were captured/reported differently in RPS than PeopleSoft). To determine the degree of error in key fields across the multiple systems, a system cross-verification was performed on a sample of employees in each region visited. Samples were chosen using a risk-based judgement approach. Random sampling was not possible because a complete population of INAC employees could not be established.

Cross-verification testing was detailed in Section 6.2.1 Data quality issues and Appendix B.1 Salary reconciliation between PeopleSoft RPS and OSMS.

Appendix D - Details regarding controls for leave requests in future fiscal years

PeopleSoft does not have an effective method of controlling vacation leave requests if they are dated in future fiscal years. While vacation leave is capped according to the employee's entitlements for current year requests, excessive future year requests are permitted without updating the employee's leave balance. The system displays an alert informing that the transaction will not update the balance (see below).

Details regarding controls for leave requests in future fiscal years

The image is a screen shot of the Leave Request tab in the PeopleSoft system. Under the current configuration of PeopleSoft, the system displays a warning message when the transaction requested does not fall into the current fiscal year. The warning message displayed in the screen shot notes that the "Transaction does not fall within current fiscal year." and that the "Entry is permitted but (leave) balances will not be updated."

As a result, at Fiscal Year End (FYE), employee vacation leave balance may become negative if leave requests exceed entitlement. We were informed that once leave balances become negative, Pay and Benefits investigates the case. While the investigation is on-going, the employee cannot submit any leave transactions.

This type of leave request does not require any additional review or approval; therefore, managers could easily overlook potential implications. The end result is that manual tracking and investigations are required to reconcile leave balances following FYE.

Appendix E - Documents reviewed

The following is a list of documents reviewed as part of the audit. This list is not comprehensive; other materials were reviewed during the course of the audit.

• BRD_NAKISA[1].doc
• BUNDLE_4Plus_5_master_GFT_AUGUST_14(1).xls
• BUSINESS CASE - HRMS - 2009_001 COMPENSATION DATA FIX.doc
• BUSINESS CASE - HRMS - 2009_003 WORKFORCE ADMIN NAME INITIAL.doc
• BUSINESS CASE - HRMS - 2009_004 LEAVE ANOMALY REPORTS.doc
• BUSINESS CASE - HRMS - 2009_005 EMPLOYEE LEAVE DATA DATA FIX.doc
• BUSINESS CASE - HRMS - 2009_006 WORFORCE ADMIN ACTION_REASON.doc
• BUSINESS CASE - HRMS - 2009_007 COMP RATE CODE FOR ADD ASSIG.doc
• BUSINESS CASE - HRMS - 2009_008 ONE-TIME VAC ENTITL DATA FIX.doc
• BUSINESS CASE - HRMS - 2009_009 ORPHANED APPLICANTS.doc
• BUSINESS CASE - HRMS - 2009_011 WORKFORCE ADMIN POSITION OVE.doc
• BUSINESS CASE - HRMS - 2009_012 POSITION ACTION REASON.doc
• CHECKLIST FOR PS DATA INTEGRITY SEPT 2008.doc
• CONFIGURATION FILE - HRMS.txt
• Data Cleanup for Pay Interface.doc
• Data Integrity Kickoff v2.ppt
• Departure Clearance Certificate.doc
• Directive on terms of empl.PDF
• E-MAIL TEMPLATE - HRMS - SCHEDULED E-MAIL PS_PACKAGE_DAILY_.wpd
• EC_CONVERSION_DASHBOARD_JUNE_2009.xls
• EC_CONVERSION_LOG_OCT_14,_2009.xls
• EC_CONVERSION_STATISTICS_JUNE_2009.doc
• EDMONTON-#789041-v1-OT_-_2009___2010.XLS
• EDMONTON-#832121-v1-LEAVE_CODE_CHART_-_SUMMARY.XLS
• EDMONTON-#847023-v1-EMPLOYEE_POSITION_COUNT_AS_DEFINED_IN_ORG_CHART.XLS
• EDMONTON-_703943-v3-2009-10_-_CS_TRAINING_SPREADSHEET.XLS
• EDMONTON-_832121-v1-LEAVE_CODE_CHART_-_SUMMARY.XLS
• EXEC_PREA_REVIEW_MEETING.DOC
• HRMS VERSION 8[1].9 - BUNDLE 4 PLUS AND BUNDLE 5 RELEASE NOTES.doc
• GUIDE - HRMS USER ACCESS AND SECURITY.doc
• GUIDE - HRMS - ONLINE PERFORMANCE CONFIGURATION GUIDELINES F.pdf
• GUIDE - HRMS - PSPING WHITE PAPER.doc
• HCMGC_8.9_Nov_7.vsd
• hr dashboard - hrcpy - alb (270000) - q4 - 2010-04-06.pdf
• hr dashboard - hrcpy - atl (220000) - q4 - 2010-04-06.pdf
• hr dashboard - hrcpy - brc (290000) - q4 - 2010-04-06.pdf
• hr dashboard - hrcpy - man (250000) - q4 - 2010-04-06.pdf
• hr dashboard - hrcpy - national - q4 - 2010-04-01.pdf
• hr dashboard - hrcpy - ncr (110100) - q4 - 2010-04-06.pdf
• hr dashboard - hrcpy - nun (350100) - q4 - 2010-04-07.pdf
• hr dashboard - hrcpy - nwt (330000) - q4 - 2010-04-06.pdf
• hr dashboard - hrcpy - ont (240000) - q4 - 2010-04-06.pdf
• hr dashboard - hrcpy - que (230000) - q4 - 2010-04-06.pdf
• hr dashboard - hrcpy - sas (260000) - q4 - 2010-04-06.pdf
• hr dashboard - hrcpy - yuk (280000) - q4 - 2010-04-06.pdf
• hr dashboard fr - hrcpy - alb (270000) - q4 - 2010-04-06.pdf
• hr dashboard fr - hrcpy - atl (220000) - q4 - 2010-04-06.pdf
• hr dashboard fr - hrcpy - brc (290000) - q4 - 2010-04-06.pdf
• hr dashboard fr - hrcpy - man (250000) - q4 - 2010-04-06.pdf
• hr dashboard fr - hrcpy - ncr (110100) - q4 - 2010-04-06.pdf
• hr dashboard fr - hrcpy - nun (350100) - q4 - 2010-04-07.pdf
• hr dashboard fr - hrcpy - nwt (330000) - q4 - 2010-04-06.pdf
• hr dashboard fr - hrcpy - ont (240000) - q4 - 2010-04-06.pdf
• hr dashboard fr - hrcpy - que (230000) - q4 - 2010-04-06.pdf
• hr dashboard fr - hrcpy - sas (260000) - q4 - 2010-04-06.pdf
• hr dashboard fr - hrcpy - yuk (280000) - q4 - 2010-04-06.pdf
• HR org chart.pdf
• HRA Desk Procedures.pdf
• HRIS Leave Codes.xls
• HRMS - BUSINESS CASE 2009_013 - SET TERMINATED OR RETIRED EM.doc
• HRMS - LOG DEMANDE DE RAPPORTS(1).xls
• HRMS PSADMIN PRODUCTION CONFIGURATION.doc
• HRMS_RE-ALIGNMENT_PROJECT_-_PROJECT_CHARTER_TEMPLATE.doc
• HRPM HRMS TEAM WORK SCOPE[1].doc
• HRPMDB_HRWSB_OPERATIONAL_DASHBOARD_PROJECT_CHARTER.doc
• HRPMQ-QUARTERLYREPORT2009-Q2[1].5.doc
• HRPMSS_-_STAFFING_EGS_ACTING_OVER_4_MONTHS.mpp
• HRPMSS_-_STAFFING_EGS_CASUAL.mpp
• HRPMSS_-_STAFFING_EGS_ENA.mpp
• HRPMSS_-_STAFFING_EGS_IA.mpp
• HRPMSS_-_STAFFING_EGS_INA.mpp
• HRPMSS_-_STAFFING_EGS_INTERCHANGE.mpp
• HRPMSS_-_STAFFING_EGS_NONADVERTISED_DEPLOYMENT.mpp
• HRPMSS_-_STAFFING_EGS_RECLASSIFICATION.mpp
• HRPMSS_-_STAFFING_EGS_SPECIAL_DEPLOYMENT.mpp
• HRPMSS_-_STAFFING_GUIDE.doc
• HRPMSS_-_STAFFING_NCR_ACTING_OVER_4_MONTHS.mpp
• HRPMSS_-_STAFFING_NCR_ASSIGNMENT.mpp
• HRPMSS_-_STAFFING_NCR_CHECKLIST.doc
• HRPMSS_-_STAFFING_NCR_COOP.mpp
• HRPMSS_-_STAFFING_NCR_ENA.mpp
• HRPMSS_-_STAFFING_NCR_FSWEP.mpp
• HRPMSS_-_STAFFING_NCR_IA.mpp
• HRPMSS_-_STAFFING_NCR_INA.mpp
• HRPMSS_-_STAFFING_NCR_INTERCHANGE.mpp
• HRPMSS_-_STAFFING_NCR_RECLASSIFICATION.mpp
• HRPMSS_-_STAFFING_NCR_SAPP.mpp
• HRSDC Deployment Letter.PDF
• HRWBS HRMS SERVICE_STANDARD (DRAFT)(1).xls
• HRWSB_DASHBOARD_Q2_2009.xls
• MANUAL - UPK MANUAL.doc
• Model ILA- English 2010-2011.doc
• Modele ILA- Francais-2010-2011.doc
• NCR-#1358166-v1-HRPMEC_-_PEOPLESOFT_REPORT_EC_CONVERSION_APRIL_21__2008.XLS
• PCIS_REPORT_APRIL_23__2008.XLS
• NCR-#1365521-v2-HRPMEC_-_DATACUBE_REPORT_APRIL_24__2008.XLS
• NCR-#2108680-v2-REVIEW_OF_THE_PEOPLESOFT_SYSTEM_-_MANAGEMENT_ACTION_PLAN_-_CLIENT_VERSION.DOC
• NCR-#2115692-v1-REVIEW_OF_PEOPLESOFT_-_FINAL_REPORT_-_CLIENT_VERSION_(FOR_DAEC).DOC
• NCR-#2544712-v6-PEOPLESOFT_PAY_INTERFACE_AND_EPAY_CARD_PROJECT_TIMELINE.MPP
• NCR-#2611466-v1-PEOPLESOFT_PAY_INTERFACE_AND_EPAY_CARD_-_MINUTES_DATA_CLEANUP_-_PAY_INTERFACE.DOC
• NCR-#2635862-v1-ACTION_PLAN_UPDATE_-_PS_AUDIT.DOC
• NCR-#2642094-v1-PEOPLESOFT_PAY_INTERFACE_AND_EPAY_CARD_REGIONAL_KICK_OFF.PPT
• NCR-#2665861-v1-AMENDED_WORKFORCE_MANAGEMENT_PROJECT_CHARTER_-_FORMER_CIDM_-_2279747.DOC
• HR_-_OSMS_SITUATION_CODE_DESCRIPTIONS_AND_COUNT_INDICATORS.XLS
• NCR-#2745658-v3-WORKFORCE_MANAGEMENT_PROJECT_-_FINAL_PRESENTATION_-_E.PPT
• NCR-#2776083-v1-HRPMDI_-_BLANK_DATE_OF_BIRTH__JAN_14__2010.XLS
• NCR-#2786455-v1-HRPMDI_-_GENDER_UNKNOWN_JAN_18__2010.XLS
• NCR-#2786530-v1-HRPMDI_-_BLANK_DATE_OF_BIRTH__JAN_10__2010.XLS
• NCR-#2788072-v1-HRPMDI_-_OPERATIONAL_DASHBOARD_FOR_PAY_INTERFACE_DATA_INTEGRITY_Q3__JAN_20__2010.XLS
• RPS_AND_NOT_IN_PEOPLESOFT.XLS
• NCR-#2825859-v1-HRPMDI_-_PAY_INTERFACE_RECONCILATION_BY_REGION.XLS
• NCR-#2825859-v6-HRPMDI_-_PAY_INTERFACE_RECONCILATION_BY_REGION.XLS
• NCR-#2825981-v1-HRPMDI_-_HRWSB_OPERATIONAL_DASHBOARD_-_STAFFING_-_DATA_AUDIT_-_Q3.XLS
• NCR-#2826328-v1-HRPMDI_-_MISSING_HOME_ADDRESSES_-_JAN_12_2010.XLS
• NCR-#2834765-v1-HRPMPS_-_NAME_INITIAL_UPDATE_PROCEDURES_FOR_INPUT_INTO_UPK_HRMS.DOC
• NCR-#2839693-v1-HRPMDI_-_PAY_INTERFACE_MONITOR_-_JAN_12__2010.XLS
• NCR-#2839693-v8-HRPMDI_-_PAY_INTERFACE_MONITOR_-_FEB_9__2010.XLS
• NCR-#2842751-v1-HRPMEC_-_FWD__FINAL_ABOLISHING_TALLY.MLM
• NCR-#2853238-v3-HRPMDI_-_PAY_INTERFACE_MONTHLY_AGENDA_-_FEB_18__2010_MINUTES_ENG_FR.DOC
• NCR-#2853963-v1-HRPMDI_-_MISSING_DOB_FEB_9__2010.XLS
• NCR-#2853965-v1-HRPMDI_-_GENDER_UNKNOWN_-_FEB_9__2010.XLS
• NCR-#2862133-v1-PEOPLESOFT_DATA_RECONCILIATION_-_WAVE_2_-_PAY_OFFICE_08_-_FEBRUARY_2010.pdf
• NCR-#2862137-v1-PEOPLESOFT_DATA_RECONCILIATION_-_WAVE_2_-_PAY_OFFICE_25_-_FEBRUARY_2010.pdf
• NCR-#2862140-v1-PEOPLESOFT_DATA_RECONCILIATION_-_WAVE_2_-_PAY_OFFICE_34_-_FEBRUARY_2010.pdf
• NCR-#2862143-v1-PEOPLESOFT_DATA_RECONCILIATION_-_WAVE_2_-_PAY_OFFICE_36_-_FEBRUARY_2010.pdf
• NCR-#2862150-v1-PEOPLESOFT_DATA_RECONCILIATION_-_WAVE_2_-_PAY_OFFICE_62_-_FEBRUARY_2010.pdf
• NCR-#2862157-v1-PEOPLESOFT_DATA_RECONCILIATION_-_WAVE_2_-_PAY_OFFICE_66_-_FEBRUARY_2010.pdf
• RPS_AND_NOT_IN_PEOPLESOFT_-_FEB_9__2010.XLS
• NCR-#2864781-v1-HRPMDI_-_MISSING_HOME_ADDRESS_-_FEB_9__2010.XLS
• NCR-#2872985-v1-MOU_-_HRMS_CLUSTER_-_SERVICE_AND_MAINTENANCE_MOUS.TIF
• NCR-#2953019-v2-HRPMDI_-_OVERALL_DATA_INTEGRITY_MONITOR_-_MARCH_2010.xls
• NCR-#2974255-v1-WORKFORCE_MANAGEMENT_-_INAC_OSMS_PROFILE.XLS
• NCR-#2982016-v1-Workforce_Management_-_INAC_Workforce_Summary_-_Financial.XLS
• NCR-#2986866-v1-HRMS_Steering_Committee_-_April_9__2010.PPT
• NCR-#458067-v1-LIST_-_TACHES_FI-02_-_(NEW_2009_-_OSMS).DOC
• NCR-_2353240-v1-PEOPLESOFT_-_BUNDLE_5_-_APPLY_BUNDLE_5_-_POST_STEPS[1].doc
• NCR-_2509054-v1-PEOPLESOFT_-_BUNDLE_5_GO-LIVE(1).xls
• PEOPLESOFT_PAY_INTERFACE_AND_EPAY_CARD_PROJECT_CHARTER.doc
• Position and Classification Information System (PCIS) - Departmental Guide - Part 4 of 4 Treasury Board of Canada Secretariat.mht
• PRESENTATION - HRMS VERSION 8[1].9 OVERVIEW .ppt
• PRESENTATION - INAC.ppt
• PRESENTATION - HRMS VERSION 89 - SEPTEMBER2006.ppt
• PRESENTATION - HRMS - PPT COMP(4).ppt
• PRESENTATION - HRMS - PPT EL(5).ppt
• PRESENTATION - HRMS - PPT INTRO(1).ppt
• PRESENTATION - HRMS - PPT PM(2).ppt
• PRESENTATION - HRMS - PPT REC(3).ppt
• PRESENTATION - INAC.ppt
• PRESENTATION - HRMS - UAT .ppt
• PRESENTATION_-_DATA_INTEGRITY_KICK_OFF_-_OCTOBER_29_2009.ppt
• Process for granting access to PeopleSoft.doc
• PROCESS_CYCLE_-_HR_REVIEWS.DOC
• PROCESS_CYCLE_FOR_EXEC_PREA_REVIEW_MEETING.DOC
• PROJECT CHARTER - INAC DATA QUALITY .doc
• PROJECT_CHARTER_-_INAC_DATA_QUALITY_.doc
• PS COMPONENTS REVIEWED SEPT 2008.doc
• PS DATA INTEGRITY DASHBOARD DEC 2008.xls
• PS DATA INTEGRITY NAO DEC 11 2008.xls
• PS DATA INTEGRITY NAO DEC 19 2008.xls
• PS DATA INTEGRITY NAO JAN 13 2009.xls
• PS DATA INTEGRITY STEPS TO 8[1].9 SEPT 2008.doc
• PS_DATA_INTEGRITY_DASHBOARD_DEC_2008.xls
• RELEASE NOTES - HRMS 8.9 MP1 .pdf
• RELEASE NOTES - HRMS 88 .pdf
• RELEASE NOTES - HRMS .doc
• SSIS_EXTRACT_SPECIFICATION_-_HRMS.xls
• STAFFING_APPROVAL_PROCESS_CYCLE.DOC
• STATEMENT OF WORK - NAKISA - ORGCHART AND ORG MODELER IMPLEMENTATIONS.doc
• STATEMENT_OF_WORK_-_NAKISA_-_ORGCHART_AND_ORG_MODELER_IMPLEMENTATIONS.doc
• SYSTEM BUSINESS PROCESS - CASUAL STUDENT[1].ppt
• TORONTO-#245538-v1A-2008-09_NON_TEACHERS_SALARYCODINGCHANGE_RCM450.XLS
• TORONTO-#275515-v2-ROCS_APRIL_7__2009_PRESENTATION.PPT
• TRAINING DOCUMENT - HRMS - COVER PAGE COMP(4).doc
• TRAINING DOCUMENT - HRMS - COVER PAGE EL(5).doc
• TRAINING DOCUMENT - HRMS - COVER PAGE INTRO (1).doc
• TRAINING DOCUMENT - HRMS - COVER PAGE PM (2).doc
• TRAINING DOCUMENT - HRMS - COVER PAGE REC(3).doc
• TRAINING DOCUMENT - HRMS - COVER PAGE TRAINING GUIDE.doc
• TRAINING DOCUMENT - HRMS - EN SIGN IN SHEET.doc
• TRAINING DOCUMENTS - HRMS - IMPLEMENTATION TRAINING .doc
• TRAINING DOCUMENTS - HRMS - IMPLEMENTATION TRAINING.doc
• TRAINING STRATEGY - PS 8[1].9 - HRMS.doc
• USER AWARENESS AND TRAINING PROGRAMS - HRMS[1].doc
• WORK AUTHORIZATION FORM - ROLES AND RESPONSIBILITIES - CORPO.doc
• WORKFORCE MANAGEMENT - OSMS report.pdf
• WORKFORCE MANAGEMENT PROJECT .pdf
• Workforce Management Project Charter.pdf
• WORKFORCE_MANAGEMENT_HRWSB_-_28_OCT.pdf

Footnotes:

1. Also referred to as "the Department" (return to source paragraph)
2. University of Birmingham, Internal Audit - Audit Glossary (return to source paragraph)
3. Certified Information Systems Auditor (CISA) Review Manual 2010, Page 47 (return to source paragraph)
4. Our recommended approach is further described in Appendix A - Recommended approach. (return to source paragraph)
5. PeopleSoft in this context refers to INAC's implementation of the PeopleSoft application - not the tool itself. (return to source paragraph)
6. Under the majority of applicable Collective Agreements, employees were entitled to an annual 37.5 hours of family-related leave.(return to source paragraph)
7. Our recommended approach is further described in Appendix A - Recommended approach. (return to source paragraph)
8. R.L. Krutz, R.D, Vines, The CISSP Prep Guide, Wiley Publishing Inc 2003, Pages 277-278, "Biba Integrity Model" (return to source paragraph)
9. Indian and Northern Affairs Canada, Corporate Risk Profile, Page 12 (return to source paragraph)
10. PMP Project Management Professional Study Guide, Second Edition, Jospeh Phillips, Page 345, All in One PgMP, Program Management Professional, Jospeh Phillips, Page 185, 321 (return to source paragraph)
11. A key enabler for Public Service renewal, the Common Human Resource Business Process (CHRBP) is the result of more than two years of extensive collaboration between hundreds of Subject Matter Experts, across the Public Service, who have defined a common way of delivering human resources services across the Government of Canada. (return to source paragraph)
12. The numbers represented reflects the discrepancies identified in either RPS or PeopleSoft. (return to source paragraph)
13. See recommendation 2 for action plan. (return to source paragraph)
14. In 2009, the Cluster departments approved the strategic direction to reduce the number of different version of PeopleSoft within the Cluster by working collaboratively on the development of a Common configuration for the Government of Canada. The Deputy of INAC supports this initiative and has given direction that all COTS should not be customized.
    
    The business processes requires employees being able to identify their manager when submitting a leave request therefore the current configuration is not an INAC customization but the delivered Government of Canada COTS received from the PeopleSoft cluster / Program Centre. Proper business processes and training should be used to address this example. (return to source paragraph)
15. Our recommended approach is further described in Appendix A - Recommended approach. (return to source paragraph)
16. INAC implemented a "NAKISA" application in April 2010 to provide functionality in PeopleSoft to generate organizational charts. During our fifth site visit, the organizational chart was produced by NAKISA using PeopleSoft data, as opposed to being generated by an external system. (return to source paragraph)
17. A random sampling approach could not be taken because we could not establish completeness over the employee populations we were provided. (return to source paragraph)
18. A sub-sample of employees selected for testing were substitute teachers. Substitute teachers are not stored in PeopleSoft; therefore, these samples are omitted from the test results below. (return to source paragraph)