Follow-up Audit Report on the Development and Implementation of the Legal Tracking System by the Administration for Children’s Services
AUDIT REPORT IN BRIEF
This follow-up audit determined whether the Administration for Children’s Services (ACS) has implemented the nine recommendations made in a previous audit entitled Audit Report on the Development and Implementation of the Legal Tracking System by the Administration for Children’s Services (Audit No. 7A05-085, issued May 23, 2006).
The prior audit evaluated whether the development of the Legal Tracking System (LTS) followed a formal system development methodology, met the initial business and operational requirements, was designed to allow for future enhancements and upgrades, was secure from unauthorized access, and contained accurate information in the database. The previous audit also examined whether LTS was procured in accordance with City Charter provisions and Procurement Policy Board Rules, and whether it has been incorporated into the ACS disaster recovery plan.
The prior audit found that LTS generally functions reliably and contains accurate current information; however, access controls need improvement, and data converted from a prior system were often found to be inaccurate and incomplete. ACS had also not incorporated LTS into its disaster recovery plan. Finally, the survey of LTS users conducted during the last audit disclosed that 33 percent of the users who responded to the survey were happy with LTS, while 67 percent were somewhat satisfied with LTS but would like to see changes made to the system, to enhance user screens, and to improve the accuracy of the data.
Audit Findings and Conclusions
The current follow-up audit disclosed that ACS has implemented eight recommendations and did not implement one of the nine recommendations made in the previous audit. ACS has completed primary functionalities of LTS Phase III (i.e., adequately defined the business and system requirements) and has assigned a Client Relation Manager from the Management Information System (MIS) to the Division of Family Court Legal Services (FCLS) to serve as the project manager for LTS. It provided documentation to confirm that it plans to hire an outside Quality Assurance (QA) consultant for a future system project. ACS provided a copy of its disaster recovery plan, which includes LTS. It also provided documentation showing that ACS MIS conducted tests in December 2010 on its recovery plan. Based on our survey, we found that LTS users are generally satisfied with the system’s availability, training, layout, accuracy, and ease of use. Finally, ACS has provided a written procedure for terminating its users. However, our review of LTS user accounts found that 24 user names could not be found in the City’s Payroll Management System (PMS) while an additional 58 user names appear in PMS as inactive. This is of concern because LTS contains personal and private information regarding ACS clients.
Audit Recommendation
To address the outstanding issue from the previous audit that still exists, we recommend that ACS officials should periodically review and track system users and terminate inactive User IDs.
Agency Response
ACS generally agreed with the findings and the recommendation of this audit. The full text of the ACS response is included as an addendum to the report.