10. What were the key benefits resulting from this initiative?
|
Reduction in cases of electronic fraud on the protected systems. There has been no reported system related fraud since the Biometric system has been implemented (more than 4 years). This has a direct impact on the budget. Less money is lost through criminal activity and therefore more of the allocated budget is used for the desired purpose, i.e. service delivery.
Reduction in labour related cases of electronic fraud and fast and efficient collection of accurate case information without the probability of tainting evidence through the evidence collection process. The system has a non repudiation system which forces users to use their fingerprint both when they log on to BAS or Persal and when they are about to perform sensitive transactions. This means that users finger prints are linked to specific transactions and this information is digitally stored in an electronic fault as conclusive and undisputed forensic evidence. Hence, fraudulent users cannot deny that that they committed fraudulent transactions. This effectively has reduced the number of labour disputes, disciplinary and criminal cases, saving the taxpayer time and money
Passwords are not written down, lost or stolen anymore. Finger prints are a reliable and more secure authentication mechanism. There is no risk of unauthorised users gaining access to the system. Criminal syndicates and potential employee fraudsters are deterred from pursuing their illegitimate actions.
Increased security posture of KZN Treasury with respect to strong authentication, application access control and non-repudiation of transactions. The use of digital signatures and PKI has resulted in compliance with the ECT Act. From a legal perspective, the system provides forensic evidence that is conclusive, tamper proof and instantly available. This increases the conviction rate. However, thus far there has been no reported system related fraud.
The Biometric system also protects the innocent. Employees who are falsely accused or implicated in fraudulent actions are able to prove conclusively that they are innocent as the system stores all forensic evidence together with the finger prints of the real perpetrators of the fraud. With the increased awareness of how the system works, potential fraudsters cannot implicate innocent parties. This saves innocent employees from the psychological trauma. It also prevents the reputation of innocent parties from being ruined as a result of being falsely accused
|
|
11. Did the initiative improve integrity and/or accountability in public service? (If applicable)
|
Reduction in cases of electronic fraud on the protected systems. There has been no reported system related fraud since the Biometric system has been implemented (more than 4 years). This has a direct impact on the budget. Less money is lost through criminal activity and therefore more of the allocated budget is used for the desired purpose, i.e. service delivery.
Reduction in labour related cases of electronic fraud and fast and efficient collection of accurate case information without the probability of tainting evidence through the evidence collection process. The system has a non repudiation system which forces users to use their fingerprint both when they log on to BAS or Persal and when they are about to perform sensitive transactions. This means that users finger prints are linked to specific transactions and this information is digitally stored in an electronic fault as conclusive and undisputed forensic evidence. Hence, fraudulent users cannot deny that that they committed fraudulent transactions. This effectively has reduced the number of labour disputes, disciplinary and criminal cases, saving the taxpayer time and money
Passwords are not written down, lost or stolen anymore. Finger prints are a reliable and more secure authentication mechanism. There is no risk of unauthorised users gaining access to the system. Criminal syndicates and potential employee fraudsters are deterred from pursuing their illegitimate actions.
Increased security posture of KZN Treasury with respect to strong authentication, application access control and non-repudiation of transactions. The use of digital signatures and PKI has resulted in compliance with the ECT Act. From a legal perspective, the system provides forensic evidence that is conclusive, tamper proof and instantly available. This increases the conviction rate. However,thus far there has been no reported system related fraud.
The Biometric system also protects the innocent. Employees who are falsely accused or implicated in fraudulent actions are able to prove conclusively that they are innocent as the system stores all forensic evidence together with the finger prints of the real perpetrators of the fraud. With the increased awareness of how the system works, potential fraudsters cannot implicate innocent parties. This saves innocent employees from the psychological trauma. It also prevents the reputation of innocent parties from being ruined as a result of being falsely accused.
KZN Treasury has together with the service provider formed a task team that deals with all related matters with representation from all stakeholders responsible to ensure the system is managed and maintained providing the highest level of security. KZN Treasury has outsourced the management of the system to a service provider whom implemented and now works closely with the department to ensure sustainability.
There is a comprehensive proactive Service Level Agreement in place to ensure that the system is always available so that there is minimal downtime. This ensures BAS and Persal users are able to work uninterrupted. Treasury has also implemented a full disaster recovery site. This guarantees business continuity.
A task team made up of representatives from the Office of the Premier (Persal), Provincial Treasury and the service providers meet twice a month to identify potential problems with the system, related policies and procedures and processes.
The system is under constant review in order to improve on its functionality through planned enhancements. Treasury makes provision for adequate funds to cover the support and maintenance of the system, enhancements and software licences.
A dedicated unit is being created at Treasury to manage and support the Biometric system.
There is a system development roadmap to ensure that the system is upgraded according to schedule to meet the changing technological and business requirements.
The solution is based on a Service Oriented Architecture and uses open industry standard equipment components so that the system is open to extension and re-use. The system complies with the Minimum Interoperability standards as set by SITA.
The solution is also in use at the Department of Home Affairs nationally, and for their National Population Register and Passport application which is proof that the system has been replicated and that is does work for multiple applications.
The Northern Cape Treasury has also commenced with implementing the same Biometric system at a fraction of the cost that KZN Treasury incurred. Other provinces have show similar interests.
|
|
12. Were special measures put in place to ensure that the initiative benefits women and girls and improves the situation of the poorest and most vulnerable? (If applicable)
|
Lessons Learned: Phase I
The identification, inclusion and involvement of as many stakeholders as possible in the communication process as the project progresses ensured that people are aware of the project and its impact on them. The change management model used was matured over the duration of the project. There was an extensive drive of user awareness sessions which took the form of roadshows and aimed to reach as many users as possible across the province. In addition, presentations were made to CFOs, IT managers and transversal system controllers to inform and involve them in the project.
Parallel change control processes had to be defined specifically for the project to manage the complexity of the technology and the various parties involved in its implementation and support.
The lesson learned was that aggressive structured communication channels and strong change management was crucial to the success of the project.
Lessons Learned: Phase II
The availability of users, particularly in remote areas played a major role in the length of time taken to roll out the system ultimately. The lesson that the project team took away from this was that central enrolment centres worked more effectively than individual enrolments at a user's workstation and it allowed better management of the enrolment process.
A number of client workstations did not meet the minimum specification requirement which delayed the installation process and required a number of on-site visits to remote areas to resolve the technical installations. The state of infrastructure in some areas also had an impact on the ability of the technicians to carry out their tasks and prolonged the entire rollout process. Lesson learned was that advanced audit of user PCs was important to give departments enough time to replace obsolete IT equipment.
Greater consideration for the impact of holidays, school vacations, financial year end, special system runs, etc. on the availability of people had to be taken into account during the rollout process.
|