NYC Comptroller's Office Bureau of Audits

The City of New York Office of the Comptroller Bureau of Financial Audit
EDP Audit Division

Follow-up Audit Report of the Development of the Comprehensive Justice Information System

7F02-173
June 25, 2002

SUMMARY OF FINDINGS AND CONCLUSIONS

Download the complete audit (Size: 245KB)

This is a follow-up audit to determine whether the Department of Information Technology and Telecommunications (DoITT), the Law Department (Law), the Department of Probation (DOP), and the Department of Juvenile Justice (DJJ) implemented the recommendations made in a previous audit, Audit Report on the Development of the Comprehensive Justice Information System (Audit No.7A01-098, issued June 29, 2001). The earlier audit evaluated whether the system as a finished product meets user needs, permits future enhancements and upgrades, and satisfies specific user requirements. In our current audit, we discuss the recommendations we made earlier as well as the implementation status of those recommendations. We also discuss new findings and recommendations based on our current review.

In our previous audit, we made four recommendations to DoITT, Law, DOP, and DJJ, of which one was implemented, two were partially implemented, and one was not implemented. The details of those recommendations and their current implementation status are as follows:

DoITT, in conjunction with Law, DOP, and DJJ, should:

Hire and train additional personnel and form a project team to address system problems, since there is only one business analyst performing this function.

The project team should then:

Ensure that all system problems identified in this report are corrected. Implemented

Meet with users of the system to identify any additional problems/concerns about the system. Implemented

Work with programmers and develop modifications to address all of the users’ concerns. Implemented

Hire and train additional programmers to resolve system problems (DoITT has only one programmer assigned to the project.) Not Implemented

Overall status of Recommendation #1: PARTIALLY IMPLEMENTED

Eliminate all duplicate records on the system. PARTIALLY IMPLEMENTED
Require that programmers document all changes on the CJIS source code. IMPLEMENTED
Assemble a project team consisting of user and technical personnel, headed by a full-time project manager who will ensure that all necessary system requirements are identified and implemented. Not Implemented

The team should then retain an external quality assurance consultant to monitor testing of all new system functions. Not Implemented

Overall status of Recommendation #4: NOT IMPLEMENTED

To address the issues that still exist, we now recommend that DoITT, in conjunction with Law, DOP, and DJJ, should:

Hire or train a second programmer to resolve system problems.
Test and implement programs to merge duplicate respondent records in order to eliminate duplicate records.
Assemble a project team consisting of user and technical personnel, headed by a full-time project manager who will ensure that all necessary system requirements are identified and implemented, and then retain an external quality assurance consultant to monitor testing of all new system functions.

NEW FINDING AND RECOMMENDATION

The CJIS database does not contain all the data fields required to generate reports for the agencies that use CJIS. For instance, DOP cannot generate reports pertaining to "Persons In Need of Supervision" (PINS), such as PINS case reports by school or PINS case reports by precinct, which DOP could use to track juveniles who are in its probation programs. Similarly, DJJ cannot generate reports about juveniles in detention because the CJIS database lacks fields that contain the locations of detention facilities where juveniles are housed; the database also lacks the fields that contain court activity information, such as docket numbers and indictment numbers. The CJIS database should contain all the information its user agencies require to meet their mandated responsibilities.

To address this new issue, we recommend that DoITT:

Meet with user agencies to gather their report requirements and then upgrade the CJIS database to include all information CJIS agencies need to ensure that they can meet their mandated responsibilities.

Agency Response

The matters covered in this report were discussed with officials from DoITT, Law, DJJ, and DOP during and at the conclusion of this audit. A preliminary draft report was sent to DoITT, Law, DJJ, and DOP officials and discussed at an exit conference on May 30, 2002. On May 31, 2002, we submitted a draft report to DoITT, Law, DJJ, and DOP officials with a request for comments. We received written responses from DoITT, Law, and DOP on June 14, 2002. We received DJJ's written response on May 30, 2002.

In its response, DoITT agreed to implement three of the four recommendations. DoITT did not agree with our recommendation to hire and train a second programmer to resolve system problems. DOP responded that it agreed that DoITT should hire a Quality Assurance Specialist to assist with further development efforts and that the CJIS database needs upgrading to meet users' needs. Law generally agreed with the audit's findings and recommendations. DJJ did not specifically respond to the audit's findings and recommendations; however, it stated that including additional fields in the database "would significantly improve [the agency’s] ability to match court activities and scheduled event records."