Final Report – Payroll Assurance: Controller and Accountant General’s Department by KPMG

8/10/2019 Final Report Payroll Assurance: Controller and Accountant Generals Department by KPMG

1/199

Final Report Payroll Assurance

Controller and Accountant

General

s Department

November 2012 Advisory


2/199

ABCD Controller and A ccountant Generals Department

Final Report - Payroll Assurance November 2012

Contents

1 Executive Summary 4

2 Introduction 112.1 Basis of Information 112.2 Report Presentation 122.3 Acknowledgement 122.4 Scope and Objective 122.5 Our Methodology 13

3 Detailed Findings 143.1 Finance 163.2 Security 223.3 Input/output Validations in IPPD2 313.4 Performance 363.5 Process 413.6 Configuration 493.7 General IT Controls 52

4 Integrating IPPD2 with GIFMIS E-Business Suite 564.1 Potential issues in IPPD2 to be addressed before integration 564.2 Integration Options 614.2.1 Re-implement IPPD2 on existing GIFMIS (r12) platform 614.2.2 Upgrade IPPD2 and interface with GIFMIS 624.2.3 Interface IPPD2 As-Is (r11) with GIFMS 63

5 Payroll Processes and Process Flow Diagrams 645.1 Process Flow Narratives 645.2 Current Payroll Process Flow with Control Points 695.2.1 New Entrants/Re-engagement Process 695.2.2 Promotion/Change of Grade Process 715.2.3 Posting/Transfer Process 735.2.4 Absence Recording Process - Study Leave 755.2.5 Changes to Standing Data Process 765.2.6 Termination Process 775.2.7 Payroll Process 785.3 Current Payroll Process Flow with Identified Gaps 795.3.1 New Entrant/Re-engagement Process 795.3.2 Promotion/Change of Grade Process 815.3.3 Posting/Transfer Process 825.3.4 Termination Process 83

5.3.5 Changes to Standing Data 845.3.6 Absence Recording Process 85


3/199



5.3.7 Payroll Process Flow 865.4 Payroll Process Flow with Recommendations 87

6 Appendices 886.1 Appendix A: List of People Interviewed 886.2 Appendix B: Selected Key Payrolls Reviewed in IPPD2 886.3 Appendix C: List of Elements Reviewed 896.4 Appendix D: Invalid/Duplicate Bank Account Numbers in IPPD2 936.5 Appendix E: List of Potential Ghost Employees 1136.6 Appendix F: List of Super User Accounts in IPPD2 1326.7 Appendix G: Employees with Invalid Names in IPPD2 1336.8 Appendix H: Employees Receiving Unearned Salaries 1556.9 Appendix I: Active Employees with Inappropriate Dates of Birth in

IPPD2 (Below 18 years) 1566.10 Appendix J: Active Employees with Inappropriate Dates of Birth in

IPPD2 (Above 65 years) 1706.11 Appendix K: Employees without Dates of Birth in IPPD2 1776.12 Appendix L: Employees without Payment Methods in IPPD2 1826.13 Appendix M: Summary CAGD Management Responses 194


4/199



Disclaimer

This report is made by KPMG in Ghana, a member firm of the KPMG network ofindependent firms affiliated with KPMG International Cooperative (KPMG International), a Swiss entity. KPMG International provides no client services. Nomember firm has any authority to obligate or bind KPMG International or any othermember firm vis--vis third parties, nor does KPMG International have any such authorityto obligate or bind any member firm.

This report is strictly confidential and contains materials proprietary to KPMG. The

materials, ideas, and concepts contained herein are provided solely for Controller andAccountant General s Department (CAGD) and should not be copied, quoted or referred toin whole or in part without our prior written consent.

KPMG would not accept responsibility to any other party to whom this report may beshown or who may acquire a copy of this report.


5/199



List of Acronyms

NO. ABBREVIATION MEANING

1 API Application Programming Interface

2 BCP Business Continuity Plan

3 BoG Bank of Ghana

4 CAGD Controller and Accountant General s Department

5 CobiT Control Objectives for IT

6 CSS Computer Services Section

7 DRP Disaster Recovery Plan

8 FMS Financial Management Services

9 GES Ghana Education Service

10 GIFMIS Ghana Integrated Financial Management and Information System

11 GoG Government of Ghana

12 IPPD2 Integrated Personnel and Payroll Database

13 ISO International Organization for Standardization

11 ITIL Information Technology Infrastructure Library

12 MDA Ministries, Departments and Agencies

13 MMDA Metropolitan, Municipal and Districts Assemblies

14 OHCS Office of Head of Civil Service

15 PPD Payroll Processing Department

16 PPS Personnel Processing Section

18 PV Payment Vouchers


6/199



19 SIT Special Information Types

20 SOP Standard Operating Procedures


7/199



1 Executive Summary

KPMG conducted a review of the Integrated Payroll and Personnel Database (IPPD2) of theCAGD; an Oracle Human Resource Management software implemented to manage the payrolland personnel information for both active and retired Government of Ghana (GoG) employees.The overall objective of the engagement was to determine whether adequate procedures andcontrols exist over input, processing and output of data. The payroll review was conducted inaccordance with the International Standards for the Professional practice of Internal Auditing.The engagement was carried out over a period of three (3) months by KPMG professionals.

This report presents our findings and recommendations resulting from the review of IPPD2and its control environment under the following broad impact areas: Finance, Security,Input/output validations, Performance, Configuration and General IT controls. It also reports onthe outcome of our review of the existing payroll processes, identifies gaps, and presentsrecommendations for improvement. Furthermore, high-level recommendations on integratingthe current IPPD2 system with the release 12 of GIFMIS E-Business Suite were also discussedin this report. The summary of key findings is illustrated in the chart below.

12

10

8

6 12

74

6 2

10

7

6 2

4 2

12

1 1

High Impact Medium Impact Low Impact


8/199



Highlights of the major findings grouped under the respective categories are as follows:

Findings with direct financial impact:

i. The IPPD2 processes salar ies for employees on unpaid leave .

Currently, there are instances of salaries being processed for employees on leave without pay, study leave without pay and unauthorized leave. We recommend that the system beconfigured to exclude employees on unpaid leave before processing of payments. Processingof unearned salaries for employees on unpaid leave in the system should be stopped withimmediate effect in order to avoid further financial loss to the State. In addition, adequaterecovery measures should be in place to ensure unearned salaries are retrieved accordingly.

ii. Doubl e payment of salari es when employees move from old salary to new salary str ucture .

IPPD2 processes double payments when employees move from old salary structure to thenew one. The new salary element gets attached to the employee while the old salary does notget terminated in the IPPD2. This is primarily due to the existing manual process ofterminating old salary structure and assigning the new structure to employees. This current

practice must be stopped and the old salary structure elements be terminated in the systemautomatically when an employee moves from the old structure to a new structure. Addedcontrols should be incorporated within IPPD2 to validate or check the salary structure theemployee is on prior to calculating the monthly salary.

iii. Payment of I ncome Tax can be avoided in I PPD2.

Income Tax computation logic built in IPPD2 can be bypassed by users and any amountentered is processed by IPPD2 as income tax. Access to modify/bypass income taxcomputations built in IPPD2 is a major risk and should be disabled with immediate effect.

iv. Payment of salari es to potenti al Ghost Employees

There are 3,288 potential duplicate employees that have been identified in IPPD2 havingidentical first name, last name, national identifier, date of birth and joining date. This could potentially cause a major loss of revenue to GoG. As a matter of urgency, duplicate checks onemployee first name, last name, date of birth and other key parameters if applicable should

be introduced into IPPD2. Data entered during hire should be validated and rejected/notifiedin case of potential duplicates.

v. Dupl icate/I nvalid Bank Accounts in I PPD2

There are 2,498 invalid/duplicate Bank Accounts being used by 55,219 employees in IPPD2.This is a major gap in IPPD2 as duplicate accounts could be used to perpetuate fraudThe validation of account numbers during input is very critical to mitigating the risk of fraud

in payroll processing.


9/199



Security issues

i. Unsecured custom tables continue to be used for bank f il e generation i n I PPD2 .

The use of custom tables to capture processed payroll data is not a recommended practice.What is processed may not be what is paid out. This is a major risk considering the accuracyof the data that is being moved into the custom tables. There is also a huge security risk asdata can be tampered in the custom tables without leaving any audit trail in IPPD2, as theaudit feature on the custom tables is currently turned off.

ii. Data E ntr y staff have access to modify all owances.

The new entrant responsibilities assigned to data entry staff have access to element entrieswhich enable addition or modification of allowances in IPPD2. Each user should be givenaccess to system functions that are relevant to their roles. Granting user access to IPPD2functionalities which is more than required is a serious breach of security and access controlrights. A clear responsibility matrix should be defined as soon as possible to specify accesslevels of different users in the IPPD2 system.

iii. View only responsibil ity/access ri ght to I PPD2 can ru n payroll

The view only responsibility granted to the technical and reporting team members andsectional heads of PPS in the IPPD2 has access to run rollback or retry payrolls. View only responsibilities having payroll run/rollback access is a major security issue and a risk toaccurate payroll processing. All view only responsibilities should not be provided with theaccess to run payroll and should be addressed immediately

iv. H igh number of users with Super User Access to I PPD2

This is also a major security issue since the super user responsibility has access to critical payroll processing functionality and data There is a need to review all users having superuser responsibilities and check for unauthorized access. Ideally, one should limit the numbersof users having super user responsibility as this would ensure better control, accountabilityand smooth payroll processing.

Input/output Validation issues

i. No validation i n I PPD2 duri ng the salary structure change of an employee

The lack of validation during salary structure change is a major gap in the system and canraise questions on the accuracy and reliability of payroll processed in IPPD2. The absence ofvalidation in IPPD2 could cause double payment of salaries. Controls should beincorporated into IPPD2 to validate the grade of employee during salary structure change.The IPPD2 should not allow changes to salary structure if an employee is still associated

with the old grade structure.


10/199



ii. No vali dation on employee bank account numbers

In the current IPPD2, multiple employees can have similar banks and account numbers.Validations on account numbers entered during input are highly critical to avert fraud ensureghost employees are not processed in IPPD2. Validations must trigger prior to or at the timeof input and should not accept multiple employees with same bank account numbers and

branch.

iii. No validation on allowances input i nto I PPD2

Currently, there are no measures in IPPD2 to track and validate allowance inputs into IPPD2.Most of the allowances are entered into the system manually and there are no exceptionreports or validations in place in IPPD2 to track allowances. The process of manuallyentering allowances against employees is not a recommended practice and should bereviewed. Considering that there are no validations in the system on the amounts entered,any amount keyed into IPPD2 by a user as allowance would be accepted and processed bythe payroll system.

iv. Employees getti ng paid post-r eti rement age

Processing regular payments to employees in active service post their scheduled retirementages is a major risk and has a severe cost impact. Employee actual dates of birth need to becaptured in the system and defaults should not be accepted. The IPPD2 should be configuredto manage the transition from active employee to retirement in a timely manner in order toavoid incorrect payments to employees above age (or below age).

Findings that impact on IPPD2 Performance

i. There are over 400 mil li on obsolete records in a database table impacting on I PPD2performance

This row count is unacceptably high, with Oracle recommending storage size of around two(2) million for optimal performance within the application. The high count is primarily due

to a high number of obsolete data found in the IPPD2. This has a huge impact on the performance of IPPD2 resulting in slowing down of the system during transactions and payroll processing. It is highly recommended that the system be purged of obsolete links inthe table in order to improve performance.

ii. Use of ol d Ghana cedi (di scontin ued) i n I PPD2 causin g unn ecessary cur rency conversionoverheads .

The currency conversion computation (converting from old Ghana Cedi to new Ghana Cedi)still exists in IPPD2 even though the usage of the former has been discontinued. Currently,all elements created after the introduction of the new Ghana Cedi (GHS) are made to gothrough a redundant process of currency conversion resulting in a huge performance

overhead on the payroll processing. It is recommended that all elements created after the


11/199



introduction of the new Ghana Cedi be created with the same input and output currencies(i.e. new Ghana Cedi-GHS).

iii. I nvali d database object count too high

There are 1,228 invalid objects observed in the IPPD2 database. The existence of such ahuge number of invalid objects creates system integrity issues and restricts the system from

performing to its fullest. Invalid objects should be re-compiled and made valid in the system.The status of all objects in the system should be monitored periodically and ensure respectiveteams are informed in cases of invalid objects.

Process issues

i. Delayed entr y of New Entr ants

Time taken (6-24months) for new entrants to receive their first salary especially for GhanaEducation Service employees etc, is unacceptable and causes great inconvenience to theemployee. Processes need to be streamlined in order to ensure new starters input files reachPPS/PPD as early as possible to avoid delay in salaries and retro processing. These processissues contribute significantly to the huge performance overhead in processing salariesretrospectively.

ii. There are over 2,400 dupli cate/invali d bank account numbers in I PPD2

A total of 2,498 invalid Account Numbers or duplicate bank account numbers were detectedin IPPD2. Further drilldown on this finding revealed that the majority of the cases occurredwith the rural banks, who do not necessarily credit salaries based on account numbers. The

process of rural banks crediting salaries based on the employee names is a huge risk andthere can be chances of amounts getting credited to wrong or "ghost" accounts. It isrecommended the IPPD2 is configured such that capturing of valid account numbers is mademandatory in the system.

iii. I nadequate time for D ata Entr y and Validation on I PPD2

The current window available to PPS for data entry within a month is too short. CurrentlyPPD requires 18-20 days to process payroll for all employees on the IPPD2 system, about 3-4 days allocated to data entry validations, and the rest for data entry by the PPS. Thiswindow is too short for the PPS to complete and validate activities such as new starters,

promotions and termination transactions, which often results in inaccurate entry. There is anurgent need to review the entire payroll process and system performance metrics, with theobjective of streamlining the documented processes to reduce operational time in order toincrease the data entry window.

iv. About 3,000 records of A ctive Employees have out-of- range Ages

There are a number of incorrectly captured Dates of Birth in IPPD2 leading to establishedstaff employees falling under or way beyond (in some instances, above 200 years) expected


12/199



age ranges. The process of terminating employees when they are due for retirement should be streamlined and terminations should be initiated in the system.

Configuration issues within IPPD2

i. Redundant setups in I PPD2

The team observed that a high number of elements had been created but were not being usedin the IPPD2 application. The high number of element setups is a huge overhead on payroll

processing and is not a recommended practice. It is advised that similar elements by payroll be grouped together and a single element can be created in the system.

ii. Payment pr ocessin g computation l ogic can be bypassed by users

Contrary to expected security considerations, the processing logic built into the currentIPPD2 system can be bypassed by the user during payroll processing. Access tomodify/bypass computations built in the system is a major risk and can have severeconsequences. The amounts calculated by the system can be overridden with the currentconfiguration which can result in overpayment of salaries to employees. This demandsimmediate attention to ensure that access to bypass/modify processing logic in the system isdisabled.

iii. Obsolete and Redundant El ement L inks

The design of Element Links in IPPD2 has a lot of redundant and obsolete setups. This is asignificant contributor to the noted performance lags on the current IPPD2 system.Unnecessary element links should be purged as soon as possible to improve the performanceof the current system.

Issues with General IT Controls

i.

A number of key domains not covered in I nf ormation Securi ty Policy

It was noted that the current Information Security Policy does not cover all relevant domainsto adequately protect CAGD s information assets. Further, there is no documented IT

procedures manual that clearly provides guidelines on how each policy should be put intoaction to protect CAGD s information assets. Management should take the needed steps toupdate CAGD's information security policy and develop IT procedures manual that could

provide both the current and future IT security requirements of CAGD. The security policyshould aim at complying with the internationally recognized security standards.

ii. There is no Disaster Recovery and Busin ess Conti nuity Str ategy

There is currently no existing Disaster Recovery/ Business Continuity Strategy in place toensure recovery of critical systems and prompt resumption of business operations in the


13/199



event of a disaster. Management should expedite the current ongoing exercise of developingand implementing a disaster recovery plan that will ensure prompt resumption of businessoperations in the event of a disaster.

iii. Backup and recovery str ategy not documented and tested.

A detailed and comprehensive backup and recovery strategy for the IPPD2 has not beendocumented. CAGD needs to develop a comprehensive backup and recovery strategy toensure timely and accurate recovery of CAGD s critical data. At a minimum, this planshould consider a detailed backup plan of the IPPD2 database, including hot backups toimprove database availability; logging of backups; testing of backups; and offsite storage ofthe backups. Backups taken should be tested and stored in a distant offsite storage facilityand not at the CAGD premises.

iv. No Payroll Procedures M anual

Currently CAGD has no documented Payroll Procedures Manual to guide its staff in carryingout their respective duties. This could facilitate inconsistent execution of responsibilitiesrelating to payroll activities. It also makes it difficult to take disciplinary action whereactivities performed are in contravention of CAGD Procedures and processes. Managementshould have a Standard Operating Procedure (SOP) in place for use by staff in the variousdepartments.


14/199



2 Introduction

The Integrated Personnel and Payroll Database (IPPD2) system is a centralised computer basedsystem intended to manage payroll and personnel information for both active and retired GoGemployees. The wage bill of Government employees constitutes a significant percentage of totalGoG expenditure and therefore requires robust control systems to prevent and detect theoccurrence of error and irregularities that may be associated with the payroll system.

As the centralised system for the administration and processing of payroll for civil servants,IPPD2 is seen as an essential tool for managing both public sector finances and personnel

deployment. The integrity and effectiveness of the system and its processes are therefore key toachieving accountable and sound financial management.

The IPPD2 system is expected to be integrated with version 12 of the Oracle HRMS andGeneral Ledger modules of Oracle E-Business suite, which is currently being implementedunder the Ghana Integrated Financial Management Information System (GIFMIS) project. This

project is aimed at implementing full Oracle E-Business Suite to improve the management andallocation of resources to enhance the effectiveness of service delivery.

This report has been issued in accordance with the deliverables outlined in the contract. Thereport describes our findings, including risks and specific control weaknesses within the IPPD2setup, together with our recommendations to address the weaknesses.

2.1 Basis of Information

The findings in this report were based on the following:

A review of documentation, including IPPD2 setup document, business rule, previous auditreports and other documents made available to us by CAGD;

Interviews were conducted with key process and system owners both in CAGD and MDAs;

Thorough review of IPPD2 setups; Observations and assessments of some payroll processes currently in use at CAGD andMDAs;

Controls over input, processing and output of IPPD2 were reviewed, and e ach controlwas evaluated by assessing its capability, the consistency of application of the control andthe management processes surrounding the control.


15/199



2.2 Report Presentation

The report describes our findings, including risks and specific control weaknesses within theIPPD2 setup, together with our recommendations to address such weaknesses. The report also

presents the approach and methodology used in arriving at the findings that we have made.

It should be noted that control weaknesses relate not only to operating controls within theIPPD2 system, but also to the procedural and monitoring controls that fall outside the payrollsystem.

2.3 Acknowledgement

We wish to express our appreciation for the cooperation and assistance extended to us by staff and management of CAGD, Ministry of Health, Ghana Education Service, Office ofCivil Service, Judiciary and Fire Service.

2.4 Scope and Objective

The objective of this assignment was to assist the management of CAGD to determine whetherthe IPPD2 production environment incorporates adequate and effective controls to ensure thatany systems amendments, customerisation, manual workarounds or other configurations do notinvalidate these controls.

The scope of work was to determine whether the following key control areas were in existanceand operating effectively:

Each payroll transaction is authorised, complete, accurate, timely and input once and onlyonce;

An appropriate level of control is maintained during processing to ensure completeness andaccuracy of data;

Controls exist to ensure the accuracy, completeness, confidentiality and timeliness of outputreports and interfaces;

A complete, robust and unalterable audit trail is maintained in real-time by the IPPD2application which allows an item to be traced from input thru to its final resting place, andfinal results to be broken down to its constituent parts; and

Arrangements exist for creating back-up copies of data and programs, storing and retainingthem securely, and recovering applications in the event of failure

It should be noted that while we have assisted management of CAGD in the review andidentification of risks and control weaknesses together with our recommendations, the

responsibility for ensuring that the control gaps are sufficiently addressed and recommendations


16/199


17/199



3 Detailed Findings


18/199

ABCD Controller and Accountant Generals Department


15 2012 KPMG Ghana . All rights reserved.

LEGEND

High Impact represents potentially major deficiencies in controls that should be given a high priority for resolution.

Medium Impact represents significant weaknesses or improvements that are less urgent, but should also be addressed on a priority basis.

Low Impact refers to additional control enhancements that are less critical, but nevertheless represent potential improvements.


19/199




3.1 Finance

No. Particulars - As Is Issues/ Gaps Impact Recommendation Management Response Payroll Financial Impact

3.1.1 Salaries paid to employees on leave without pay

Currently there are instances ofsalaries being processed foremployees on leave without pay,study leave without pay andunauthorized leave.

Following are the count of employeescurrently getting paid through thesystem who are on unpaid leave. Leave Without Pay - 20 employees Study Leave Without Pay -3

employees Unauthorized Leave - 1 employee

See Appendix for detail s

This is a major gap in IPPD2 as thesystem should not process salariesto employees on Leave without

pay. Some leave entries ofemployees date back to 2005-2006and salaries have been processedtill date. This causes a major costimpact and loss of revenue to GoG.Measures should be initiated torecover unearned salaries.

Processing of payments should be addressed with immediateeffect for all employees whenon Leave without pay.All element formulas shouldhave Leave without pay checkincorporated.

Adequate recovery measuresshould be in place to ensureunearned salaries arerecovered appropriately.

The current setting on thesystem does not permitemployees on LeaveWithout Pay, Study LeaveWithout Pay, UnauthorizedLeave etc to receive salary.

Newly created allowanceelements that areindependent of the salaryelement and that also do notinclude the normalvalidation check couldhowever cause only theaffected allowance elementto be processed.

A review of the elementformula creation processwill be undertaken with theassistance of the PayrollConsultant.


20/199





3.1.2 Double Payment of Salaries when Employees move from old salary tonew Salary Structure

Currently double payments are processed when employees movefrom an old salary structure to thenew one. The new salary elementgets attached to the employee whilethe old salary does not get terminatedin the IPPD2.

There is no validation in the systemto check the salary structure theemployee is associated with during

payroll.

Currently the PPD manuallyterminates the old salary structure ofall employees who move to the newsalary structure. During the month ofAugust there were double paymentsreported for a number of employeeswhich was identified later andcorrected.

Double payment of salaries is amajor gap and can raise questionson the accuracy of salaries

processed through IPPD2.

Employee moving from old salarystructure to the new one, continueto receive the old salary as well.The old salary does not getterminated in the system during themove resulting in double paymentswhich causes a major cost impactand loss of revenue to GoG. Thereare frequent updates to the newsalary structure as there is amandate from GoG to move allemployees to the new Single SpineSalary Structure which is currentlydone in batches and started in 1 st

January 2010. The current processof PPD manually terminating theold salary structure is a timeconsuming and cumbersome

exercise and any error can causedouble payments.

There are many employees still onthe old salary structure(13066) whowill be moved to the Single SpineSalary Structure in the near term

Manual process of PPDterminating old salarystructure should be scrappedand the old salary structureelement should be terminatedin the system automaticallywhen an employee movesfrom old structure to the newstructure. The element link setup for the old salary elementshould be fixed immediately toterminate the allowancesautomatically when employeemoves from the old to the newstructure. Validation to beincluded in the formulas tocheck the salary structure theemployee is on prior tocalculating the monthly salary.Since the employee can belongto a single structure at any

point of time, this validationcan ensure employees are not

getting paid twice.

In general, the systemconfiguration does not allowan employee to have morethan one salary element ofthe same type during thesame month. Thus, anemployee cannot qualify formore than one salaryelement at the same time.

This particular issue pertainsonly to the Health SectorPayroll. It emerged afterPharmacists were migratedonto the Single Spine SalaryStructure, but had to revertonto the old structure whichwas then reactivated.

The logic behind the oldsalary formula will bemodified to address thisanomaly.


21/199




H


and potentially receive double payments. No validations in placeto check the salary structure of theemployee during payroll

processing, thereby causing double payment of salaries.

3.1.3 Payment of salaries to pot ential Ghost Employees

There are 3288 potential duplicateemployees that have been identifiedin IPPD2 having identical first name,last name ,national identifier, date of

birth and joining date.

The absence of duplicate checks inthe system can lead to sameemployees being entered multipletimes in IPPD2. The employeenumber which is generatedautomatically by the IPPD2 willgenerate multiple employeenumbers resulting in ghostemployees. This causes a majorcost impact and loss of revenue toGoG. Measures should be initiatedto recover unearned salaries.

Duplicate checks on employeefirst name, last name, date of

birth and other key parametersif applicable should beintroduced into IPPD2 as soonas possible. Data enteredduring hiring should bevalidated and rejected/notifiedin case of potential duplicates.

New starts report providingthe list of new hires in a

payroll month should beavailable in the system whichcan also help assist duplicates.The list of potential duplicatesto be provided to the sectional

heads of respective MDAs toidentify and eliminate "ghost"names.

A duplicate check alreadyexists during data captureof new entrants. In addition,standard and customexception reports are alsoavailable to users. It must

be noted however that thereis a real possibility to havemany employees withsimilar details.

Currently, the only way toavoid multiplemechanization of anemployee is by the SocialSecurity Number.

Unfortunately not allemployees on the systemhave Social Security

Numbers. Some are notmandated to pay SocialSecurity Contribution,Others are yet to be


22/199




H


assigned numbers bySSNIT or have wrongnumbers on their records.

Management is in the processof using the recent biometricdata obtained for all PublicSector employees, andeventually the NationalIdentification Number as a

preferable option since itapplies to all employees.

3.1.4 Income Tax Deduction

Income Tax computation logic builtin the system can be bypassed by theIPPD2 user and any amount enteredwill be processed by IPPD2 asincome tax. Income tax to bededucted can even be set to 0 whichwill then bypass tax computationlogic built in the system and will notdeduct tax. Access to modify entriesis available to unauthorized users andwhose details have been shared.

Access to modify/bypass incometax computations built in the systemis a major risk and can have severeconsequences. The income taxcalculated by the system can beoverridden with the currentconfiguration which can result inemployees not taxed during theirentire service.Evasion of income tax can alsohave severe legal implications.

Access to bypass/modifyincome tax computations inthe system should be disabledwith immediate effect.Input Value 'Pay Value'should not be available forupdate. This should be a noneditable input value.

The Income Tax field had been made non user enterableas a result of thisrecommendation.

3.1.5 Mid Month Changes to Employee Compensation (Basic Salary).

The current payroll system does notcater for mid month changes toemployee compensation in cases of

The current payroll system does notcater for mid monthly salary orallowances during annual

Formulas associated withelements should include prorata logic. The following

Annual increment and promotions are alwayseffective on the first of the


23/199




No. Particulars - As Is Issues/ Gaps Impact Recommendation Management Response Payroll Financial Impact annual increment or promotions. Thesystem does not payout a proratedamount. This occurrence is verycommon as annualincrements/promotions always do nottake place effective first day of amonth. There is an impact onallowances too as most of theallowances are based on percentagesof monthly salary.

increments of promotions.E.g.: Single Spine Monthly Salarywhich is associated with allemployees pays out the latest salaryfor the entire month in case of midmonth changes and not the proratedamount. An employee with monthlysalary 1000 Cedis gets anincrement/promotion effective 21-Jun-2012 to 1200 Cedis, the system

pays out 1200 Cedis for the entiremonth and not a prorated amount.

calculation logic can beincluded to overcome theissue.E.g.: Employee with salary1000 Cedis receives anincrement to 1200 Cediseffective 21 st June 2012. Themonthly salary should then becalculated at rate 1000 Cedisfor the first 20 days and at therate 1200 Cedis for the next 10days.

month. This is the policy ofthe Civil Service and thegeneral public sector thatinformed the rules and

procedures that were built intothe system. Mid-month

proration of salaries applies toonly new entrants and thesystem does the proration.

3.1.6 Allowances paid to employees on leave without pay

Employees on Leave without pay canstill be paid out allowances. E.g.:Fuel Allowance, Domestic StewardAllowance, Stipend for foreigndoctors.

There is no validation in the systemcurrently that checks if anemployee has availed Leavewithout pay during processing ofallowances. This result inemployees getting paid allowancesin the month even when on Leavewithout pay or Study Leave without

pay.

This causes a major cost impact,loss of revenue to GoG andmeasures should be initiated torecover unearned salaries.

Leave without pay validationto be included in the systemwhile processing allowances.

Formulas behind allallowances will be reviewedwith the assistance of PayrollConsultants.

The system does not allowallowances which are based ona percentage of monthly salaryto be paid. However,allowances that are absoluteamounts may be paid, if therequired formulas aredisregarded when creatingthem on the system.


24/199




M


3.1.7 Allowances not calculated on prorated basis

Allowances that are not based on theemploy ees monthly salary arecurrently not being paid out on a prorata basis. E.g.: Fuel Allowance,Domestic Steward Allowance,Stipend for foreign doctors. Thesystem always pays out the fullamount to the employee irrespectiveof actual number of days theemployee is eligible for the month.

This results in overpayment ofallowances to the employees.Allowances are not calculated inthe system on a prorated basistaking into consideration thenumber of days eligible for themonth.

All allowances to be processedon a pro rata basis.

Proration is done only for basic pay and basic payrelated allowances.

3.1.8 Employees terminated during the month are paid full month salary

Employees who are terminatedduring the month can be paidallowances for the full month. E.g.:Fuel Allowance, Domestic StewardAllowance and Stipend for foreigndoctors.

There is no logic in the system thatcurrently checks for terminationsduring the month while processingof allowances. Employeesterminated during the month can be

paid allowances for the full month.

Termination check logicshould be included in theIPPD2 to process allowanceson pro rata basis

Please refer to the response to4.1.7.

Proration is done only for basic pay and basic pay based allowances.


25/199




3.2 Security

No. Particulars - As Is Issues/ Gaps Impact Recommendation Management Response Payroll Security Issues

3.2.1 Custom tables used for bank file generation

Currently custom tables are beingused for payment file generation tothe bank and not standard Oracle

tables that capture payroll results.

The use of custom tables to capture processed payroll data is not arecommended practice. What is

processed may not be what is paidout. This a major risk consideringthe accuracy of the data that is

being moved into the custom tables.

There may be occurrences wheredata being processed in IPPD2 maynot be accurately captured in thecustom tables, leading to incorrectsalaries paid out to employees.

There is also a huge security risk asdata can be tampered in the customtables without leaving any audittrail.

Using materialised view ishighly recommended byOracle where snapshot of data

is maintained and the view can be refreshed on a periodic basis or on demand. The bankfile can be generated from thematerialized view instead ofcustom tables. Hence, ensuringdata security, accuracy without

performance impact on thestandard Oracle tables.

The custom tables were useddue to resource constraints.Management will explore the

impact on resources whenmaterial view is used.

We are considering twooptions in line with theGIFMIS integration with the

payroll:1. RAC system

implementationwith a separateReports server

2. Registration ofthe custom tablecreation asconcurrent

programs on thesystem.


26/199





3.2.2 Bank File Generated Externally using 3 r party tool

Currently the process of filegeneration to the bank is manual andis done outside IPPD2. After the datais moved into the custom tables, the

bank file is generated using adhocscripts and printed out forverification. Post verification hardcopies are sent to the bank for

payment of employee salaries.

The process of sending outhardcopies of payment file to the

bank is not a recommended practice. This is a huge security riskconsidering data in the hardcopy isnot encrypted and can be easilytampered. Since the bank file isgenerated outside the IPPD2 fromcustom tables, salary entries can betampered and file can be generatedaccordingly leaving no audit trail inthe system.

Encrypted soft copy of the payment file should always besent to the banks for salary

payment. The process of filegeneration should always liewithin IPPD2 and should not

be generated with the use ofadhoc scripts. Only relevant orauthorized users should haveaccess to the programs thatgenerate the bank files.

Most banks already receive asoft copy of the relevant

payment file.

Encryptions of files arecurrently being done on pilot

basis.

3.2.3 Adhoc scripts are executed on 3 rd party tool to generate bank file

Currently adhoc scripts are beingexecuted by the Technical Team togenerate the bank file every month.These scripts are not even registeredas programs in the IPPD2 and are

being run in the database everymonth to generate files.

The responsibility of bank filegeneration should never bedelegated to the Technical Team.The use of adhoc scripts running onthe database to generate bank filesis strictly not a recommended

practice. Possibility of theTechnical Team tampering withsensitive payroll data is a majorsecurity threat as there is no audittrail on the payment files.

The ownership of bank filegeneration should alwaysremain with the business. Thefiles should be generated fromthe IPPD2, encrypted anddirectly sent to the bank online(i.e. email). The adhoc scriptsshould be registered as'Concurrent Program' andshould be run by the businessusers.

The registration oftransactional and bank reportsas standard reports on theApplication has already beeninitiated with support from thePayroll Consultants (PROVision).

The file generation proceduresare not adhoc, they arestandard scripts.


27/199





3.2.4 High number of users with Super User Access

Currently 17 users have super userresponsibility that provides fullaccess to IPPD2. This responsibilityhas access to create new starters,transfers, element entries, payrollrun, core payroll set up etc.

17 users having super usercapability needs to be reviewedsince the number is on the higherside. The responsibility has accessto a variety of critical payrollfunctions like element entries, runresults, payroll run.

Unauthorized access can result ininaccurate payroll processing andmajor security issues.

Review all users who havesuper user responsibilities andcheck for unauthorized access.Ideally, one should limit thenumbers of users having superuser responsibility as thiswould ensure better control,accountability and smooth

payroll processing.

All of the 17 users identifiedhad been ended long beforethis assurance exercise.

Nevertheless a review of theresponsibility / user profilematrix is to be carried out bythe Director of Payroll to meetcurrent needs.

3.2.5 Database Access Controls

Separate database usernames have been created for most of the membersin the reports and technical team.Database user names are created as

per employee names which haveresulted in 28 database user nameswith varied access.

The creation of database usernamesfor each employee in the team isnot a recommended practice.Database user names should becreated in the system as per thedifferent access levels required andshared with the team members.Change of passwords in case ofsecurity issues can be verycumbersome and requires change in

passwords of all user accounts.

The creation of database usernames based on employee namesresults in redundant accounts andtracking them can be very

Teams with similar accesslevels should use commonuser accounts. Databaseaccounts should be created

based on the level of accessrequired by the teams andcommon account should beused by each of the teams.This will reduce the burden ofmaintaining too many useraccounts.

The sharing of usernames atthe database level is not thestandard practice andshould not be encouraged

because of its securityimplications.


28/199





cumbersome. Database accounts ofemployees leaving the organizationshould be deactivated on time.Failing to do so can facilitatemisuse of the system.

3.2.6 Outdated Responsibility Matrix

The responsibility matrix provided isoutdated and none of theresponsibilities provided in thematrix currently exist in IPPD2.

There has been no documentation onthe responsibilities that have beencreated (For the past 4 years) andverification of segregation of dutiesis a challenge.

Responsibility matrix is one of thekey documents that outline the rolesand responsibilities that can be

performed by employees.Access levels provided toemployees are impossible to trackwithout the updated version of aresponsibility matrix.

Unauthorised access cannot bedetected and can cause a severeimpact on payroll processing.Further, unauthorised access canresult in modification ofemploy ees salary and allowances,modification of bank accountnumbers etc, which are majorsecurity issues that affect the

accuracy of payroll processing inIPPD2.

Responsibility matrix is one ofthe key documents that need to

be updated on a regular basis.

It is highly recommended thatthe existing responsibilitymatrix is updated with allresponsibilities configured inthe system. The matrix shouldalways be in sync with theconfigurations in IPPD2 inorder to help determineunauthorized access.

No responsibilities should becreated in IPPD2 withoutappropriate documentation.Any ongoing changes made tothe responsibilities should bedocumented in theresponsibility matrix.

Management has tasked theHead of Payroll and CSS toreview the responsibilityassignment matrix.

.


29/199





3.2.7 Unauthorized access to Element Entries

Due to the absence of an updatedresponsibility matrix, we requestedfor and were provided with a list ofresponsibilities used by PPS and PPDfor payroll processing. The findings

below are gaps in the responsibilities provided.

Responsibilities like 'Subvented NewEntrants' or 'HSS New Entrants' usedto create new entrants have additionalaccess than required. The newentrant responsibilities have accessto element entries which enableaddition or modification ofallowances.

Access to functions more thanrequired in IPPD2 is a serious

breach of security and accesscontrol. Unauthorized accessespecially to payroll sensitive datacan have serious cost implications.

Unauthorized access can result inmodification of employ ees salaryand allowances, modification of

bank account numbers etc.For instance, the followingresponsibilities were identified ashaving more than requiredfunctions:

1) Subvented New Entrants:Employees with this responsibilitycan run payroll for subventedemployees.36 users currently have access tothis responsibility.2) HSS New Entrants: Theemployees with this responsibility

can modify/ or delete allowancesand deductions, add overtime andrun payroll for HSS employees.12 users currently have access tothis responsibility.

The absence of theresponsibility matrix is the

primary reason for theseconflicting responsibilities.

All new entrantresponsibilities should nothave access to elemententries/quick pay and thisaccess needs to be revokedimmediately. It isrecommended that newentrant responsibilities bereviewed to check forunauthorized access to elemententries and quick pays.

Restricting all new entrantsresponsibilities from elemententries is not practicable sincesome MDAs allow theaddition of certain elements

based on employees attributesand qualification.

The current element restrictioncriteria must be reviewed toreflect the current transactional

processes, and also documenta process for updating it.



30/199





3.2.8 View Only responsibilities have access to run payroll

The view only responsibility Ghana HRMS Manager VO currentlyconfigured in the IPPD2 has access torun, rollback or retry payrolls.

Currently technical and reportingteam members have been providedwith this responsibility.

View only responsibilities having payroll run/rollback access is amajor security issue and a risk toaccurate payroll processing.

Unauthorized payroll run access toother departments can seriouslyhamper the processing of payroll byPPD. Payrolls can be rerun postvalidation of the results by PPD andthere are chances of it not beingtracked.

All view only responsibilities should not be

provided with the access to run payroll. This access rightshould be revokedimmediately. The issue here iswith the request group assigned to the responsibility.Programs related to payroll

processing like Payroll run,Rollback, Retry, Reversal,Pre-Payments etc should beexcluded from the requestgroup.

The Ghana HRMS ManagerVO responsibility wascreated for a special purposeduring implementation, butnot for a general use, henceits existing capabilities.


3.2.9 Unauthorized Payroll Processing access with Sectional Heads

The sectional heads having theresponsibility called IPPD2 PayrollProcess Results enable them to run,rollback or retry payrolls. Thesectional heads should ideally haveview only access to payroll results.

Unauthorized access to run payrollis a major security issue asadjustments can be made to alreadyvalidated payroll results and rerunonce again. Payments that have

been validated by the PPD can bemodified by sectional heads andreprocessed leading to incorrectsalaries getting paid.

Payroll access provided tounauthorized users of otherdepartments can seriously hamper

Sectional head responsibilitiesshould not be provided withaccess to payroll functions like

payroll run, rollbacks,reversals, prepayments etc.Sectional heads can be

provided with Payroll Process Results function whereemployee payroll results can

be viewed by payroll and noton an individual basis.

This is a legitimateresponsibility assigned to thesectional heads in consonancewith their current functions.

However Management hastasked the Head of Payroll andCSS to review the functions ofSectional Heads and theresponsibility assignmentmatrix.


31/199





the processing of payroll.Sectional heads currently haveaccess to view payroll results onemployee basis. This can be a timeconsuming process with this levelof access.

3.2.10 Subvented Data Entry Operators have access to payroll Run

Users having access to subvented new entrant responsibilities haveunauthorized access to elemententries and quick pay function.

Unauthorized access to elemententries can result inaddition/modification ofallowances. Statutory deductionslike income tax and other loandeductions can be excluded from

payroll processing, which mayresults in inaccurate payroll

processing.

Unauthorized access to runquickpay is a major security issueas adjustments can be made toalready validated payroll results bythe PPD.

Subvented new entrants responsibility should not be

provided with access to payroll functions like elemententries and quickpay. Theaccess to functions likeelement entries and quickpayshould be revokedimmediately.

The new entrant responsibility should ideallyhave access to People andAssignment functions only.



32/199





3.2.11 Application Users not tagged to Employee profile

Application user names created in theIPPD2 do not have correspondingemployee names tagged.

The process of creating applicationuser names is incomplete withouttagging employees to user names,which is very critical in trackingtransactions. In the event ofintroducing Oracle Self Service(onlineabsences/approvals/employee info),it is mandatory that usernames betagged with employees as thesystem pulls out information of theconcerned employee based on thisassociation. Without employeetagging to the user record, it will beimpossible to track if applicationaccounts of ex-employees have

been deactivated. This can result in breach of system security as ex-employees can still access thesystem and tamper with highlysensitive payroll data.

All application users should beassociated with respectiveemploy ees profile. Thismandatory association should

be done as soon as possible.Post association, validity ofuser accounts of all terminatedemployees should be verifiedand deactivated if the accountsare still active.

The process to link the varioususer names to the relevantemployee profiles hascommenced. The various PPSshave been asked to reviewtheir user lists and submit andsubmit same for action.

3.2.12 Patch Application

Patches have not been applied in thesystem on regular basis.

As per DBA they are not aware ofany patches applied in the systemsince upgrade. No documentationof any patching activity is available.Without applying patches the latest

bug fixes, enhancements to current

Patches should be applied periodically as and whenreleased by Oracle to keep theapplication up to the required

patch set level. ServiceRequests should be raised with

The Database was upgraded to11g in May 2012 with thecurrent patches appliedawaiting the next release of

patches from Oracle.


33/199





functionality would not be madeavailable in the system whichresults in missing out on bug fixesand enhancements that are provided

by Oracle.

Oracle to get the current patches and the same should be applied to the system.Whenever there is a bugencountered in the system, aservice request should beraised with Oracle to get the

bug fix which maybe in theform of a patch. Once the

patch is released it should befirst applied in test instance,verified and then migrated to

production.


34/199




3.3 Input/output Validations in IPPD2

No. Particulars - As Is Issues/ Gaps Impact Recommendation Management Responses Input/output Validations

3.3.1 No Validation during Salary Structure changes

Currently there is no validation inIPPD2 during the salary structurechange of an employee. The salary

structure which is captured in thepeople group Flexfield can bemodified with the employee stillassociated with a grade belonging tothe old salary structure. This resultsin double payment of salary

The absence of validation on salarystructure change facilitates double

payment of salaries. This is a major

gap in IPPD2 and can raisequestions on the accuracy of payroll processing in IPPD2.

Employees migrated from oldsalary structure to the salarystructure continue to receive the oldsalary as well. The old salary whichshould automatically get terminatedin IPPD2 during migration doesnot, resulting in double payments.

Controls should beincorporated in IPPD2 tovalidate the grade of the

employee during salarystructure change. The systemshould not allow changes tosalary structure if anemployee is still associatedwith the old grade structure.This will prevent double

payment of salaries andensure that employee datacaptured in the system isconsistent and accurate.

Additionally, validationsshould be built in IPPD2during payroll processing to

prevent payment of salaries toemployees with inconsistentsalary structures and grades.

Salary structures arevalidated and approved

by management before

implementation. The issueis peculiar to Health SectorPayroll. It emerged afterPharmacists migrated ontothe Single Spine SalaryStructure had to bereverted onto the oldstructure. The logic behindthe old salary formula is

being modified to addressthis anomaly .


35/199





3.3.2 No Validation on Account Numbers

There are no validations in IPPD2 tocheck duplicate and invalid entries ofemploy ees bank account numbers inthe payroll system

The validation of account numbersduring input is very critical to errorfree payroll processing. With novalidation in IPPD2 currently,employees can have similaraccount numbers which will lead to

payments processed for ghostemployees.

Users who have access to paymentdetails can potentially update bankaccount numbers and affect

payment processing.

Validations on accountnumbers entered during inputare highly critical to ensureghost employees are not

processed in IPPD2.

Validations must trigger at thetime of input and should notaccept multiple employeeswith same bank accountnumbers and branch.

Unique bank accountnumber validation has not

been implemented becausesome rural and commercial

banks have not as yet provided their clients withunique account numbers butrather have their owninternal structures ofdisbursing salaries intoindividual accounts.

Management has asked all banks to henceforthmaintain separate bankaccounts for all individualson the payroll.

3.3.3 No Validation on Allowances in IPPD2

Currently, there are no measures totrack and validate allowances inputinto IPPD2. Most of the allowancesare entered into the system manuallyand there are no exception reports orvalidations in place in IPPD2 to trackallowances like Fuel, Car, and Lunchetc. Amounts are manually enteredagainst each employee and are

processed in IPPD2 without any

The process of manually enteringallowances against employees isnot a recommended practice.Considering there are noconfigured validations onallowances in IPPD2, any amountentered by the user as allowancewill be processed by the system.The absence of pre-payroll reportsto track allowance entries during

Manual entry of allowancesshould not be encouraged.Allowances should bedefaulted to employee basedon configurations. Eligibilitymatrix should be designed tocapture eligibility ofallowances by grade/jobwhich can then be replicatedin the system based on

Elements that have clearlydefined eligibility criteriahave always been createdon those criteria.

However, in cases wherethese conditions cannot beclearly defined or the costof creating the element linkcriteria outweighs the


36/199




No. Particulars - As Is Issues/ Gaps Impact Recommendation Management Responses Input/output Validations validations. Overtime hours/amountentered in the system are notvalidated during payroll processing.

the month can lead to overpaymentof allowances without any audittrail.

Overtime hours are not validatedduring payroll processing. It meansthat the IPPD2 can accept and

process hours greater than theactual working hours in a monthwhich may lead to overpayment.

standard element links withdefault values.

benefit then thatresponsibility is extendedto the PPSs.

Note that there are exceptionreports to check newallowances, etc. Also, notethat as a business rule, thereare no standard upper limitsfor overtime hours.

3.3.4 Inadequate Duplicate Employee Validation

Currently there is no duplicateemployee check feature configured inthe system to reject users of potentialduplicates in IPPD2 while enteringnew hires information. There are3288 potential duplicate employeesthat have been identified in IPPD2

based on employee first name, lastname, national identifier, date of birthand joining date.There is no new entrants reportavailable in IPPD2 that providesinformation on all employees hired

during a payroll period.

The absence of duplicate checks inIPPD2 can lead to multiple entriesof employee data into the system.This will subsequently result inmultiple payments to the affectemployees in IPPD2. The newentrant s report which providesinformation of all new hires in a

particular month can be used forvalidating the actual number ofnew hires with the input files.Absence of both the duplicateemployee check and new entrant s

report can lead to ghost employeesgetting created, processed and paid

by IPPD2.

Duplicate checks on employeefirst name, last name, date of

birth and other key parametersif applicable, should beintroduced in IPPD2. Dataentered during hiring should

be validated andrejected/notified in case of

potential duplicates. Newentrant s report providing thelist of new hires during themonth should be available inIPPD2 in order to facilitate

duplicate checks.

The list of potential duplicatesshould also be provided to thesectional heads of respectivedepartments on regular basisto indentify "ghost" names.

A duplicate check alreadyexists during data captureof new entrants. Inadditions standard andcustom exception reportsare also available to users.

Currently, the only uniqueway of identifyingemployees is the SocialSecurity Number but notall employees on thesystem are mandated to paySocial SecurityContribution. Hence not allemployees have SocialSecurity Numbers. Also,some employees havewrong numbers.


37/199





We considering the use of National Identification Number as a preferableoption since it applies to allemployees.

3.3.5 No Leave without Pay Validation while processing Allowances andOvertime

Employees on leave without pay can benefit from overtime and allowancesas the IPPD2 does not have anyvalidation during payroll processing.

The current system does not haveany validations during payroll

processing to ensure employeeswho have availed leave without payare not eligible for overtime andallowances. Any amount enteredinto the system as overtime iscurrently being paid out to theemployee on leave without pay.

Overtime / allowanceelements should containvalidations/check foremployees on leave without

pay during payroll processing.

In general, the system doesnot pay employees on unpaidabsences if the transactionsare done correctly. These

particular cases have to beverified to confirm whetherthe system is processing theseemployees due to arrearsowed them or not. Also, notall benefits are excluded fromemployees on unpaidabsences

3.3.6 No validations on Monthly Salary Arrears

Monthly Salary Arrears can beattached to employees and anyamount entered in IPPD2 will be

processed and paid out by the systemwithout validation.

Arrear elements calculations are processed by the standard retro process and the systemautomatically calculates the amountthat needs to be paid/recovered.

The input value when configured asuser enterable enables users to

All elements must beconfigured with user enterablecheck box unchecked forinput value called Pay Value. This will ensure thatamounts calculated by thesystem are not overriddenwith amounts entered by the

Salary arrears are not userenterable. The systemcalculates from the backend,so there is no humanintervention. There ishowever Salary Arrears Pre-

production which caters foremployees who have arrears


38/199





modify system calculated amountswhich can thereby result inincorrect payments.Due to this configuration, thesystem allows adhoc arrear entriesto be associated with employeesand processed in payroll.

user. prior to their migration ontothe GOG Payroll system.


39/199




3.4 Performance

No. Particulars - As Is Issues/ Gaps Impact Recommendation Management Responses Payroll Impact on Performance

3.4.1 Obsolete Data in IPPD2

There are over 400 million records(447697124) in a database table thatstores employ ees eligibility against

elements. Patches available fromOracle that purge obsolete records inthe table have not been applied.Based on our interactions with the ITteam, service requests regarding

performance issues have not beenraised with Oracle.

The current IPPD2 Performancecould be greatly improved by

purging obsolete links in the

database tables. This is one of thereasons for the degraded system performance during transactionsand payroll processing. Periodicchecks are not in place to monitordata inpay_assignment_link_usages_fwhich stores these obsolete links.Service requests with Oracle havenot been raised to address thecurrent performance issues.

It is recommended thatnecessary available patches beapplied to purge obsolete

links in the system as soon as possible.

Service request should beraised with Oracle relating to

performance issues in IPPD2.

The payroll technical teamand consultants have beenasked to review the elements

and purge any recordsestablished to be obsolete .

3.4.2 Currency Conversion causing a huge performance overhead in IPPD2

All elements created after theintroduction (1 st -July-2007) of thenew Ghana Cedi (GHS) are stillhaving the old Ghana Cedi (GHC) asinput for payroll processing. Theelements have been set up in thesystem with input currency as GHCand output currency as GHS. Thecurrency conversion factor has beendefined as 1:1 in daily exchange

The use of the old Ghana Cedi(GHC) is not recommended as it nolonger exists . For elements createdafter the introduction of the newGhana Cedi (GHS), the input andoutput currencies being differentcan cause a huge performanceoverhead for payroll processing.

During payroll run, every element

All elements created after theintroduction of the new GhanaCedi should be created withthe same input and outputcurrencies (GHS).

The convention at the time ofimplementation was to createall elements effective 01-JAN- 1951 with the input andoutput currency in GHC inorder to cater for retroactivetransactions.

However, after theredenomination of the Ghana


40/199




No. Particulars - As Is Issues/ Gaps Impact Recommendation Management Responses Payroll Impact on Performance rates. There are over 5000 elementscreated after the introduction of thenew Ghana Cedi with different inputand output currency.

or transaction goes through the process of conversion where theconversion factor has been definedas 1:1 making the processredundant.

Cedi, the process of creatingnew elements changed, usingGHC as the input currencyand GHS as the outputcurrency in order to take ofthe currency conversion.

The creation base year is to be reviewed from 01 -JAN-1951 to 01 -JUL- 2007 andthus maintain GHS as inputand output currency sincenew elements created are notlikely to go beyond 01-JUL-2007 even if retroactivetransactions exist.

3.4.3 Too Many Segments in People Group in IPPD2

Currently the People Group flexfield set up in IPPD2 consists of12 segments with some redundantsegments. The segments are GOGMinistry, Department, Divisions,Educational Units, Regions, Districts,Circuits, Occupational Group,

Employee Type, Organization Group,Employee Status and SalaryStructure.

The total number of segmentscreated in the People Group isnot a recommended approach.There are standard Oracle fields tocapture most of the informationlike Organizations, Organizationhierarchies, Employee status and

type. Data entry into segmentsduring new hire/transfer is a verycumbersome and time consumingactivity and error prone. There isalso a huge impact on payroll

processing as element links have been defined in the system based

All organisation relatedsegments like Ministry,Department, Divisions, andSectional Units should becaptured in standard Oracle

provided Organization andOrganization Hierarchies

screens. Further, there arestandard Oracle provided

placeholders to captureinformation like employeetype and status.

The People Group structurewas carefully created forvarious purposes. There isno redundancy. They aremainly used for creatingeligibility criteria forelements when there is no

other way.

The structuresrecommended for storingthese data items cannot beused for element linking.


41/199


42/199




No. Particulars - As Is Issues/ Gaps Impact Recommendation Management Responses Payroll Impact on Performance

3.4.6 Duplicate Capture of Payroll data

Presently Pay History is maintainedin flexfield structures called specialinformation types (SIT) in IPPD2

Pay History is maintained in SITeven though it is automaticallyavailable in Payroll. Over6,234,131 records are maintained inthis SIT which is a huge overkill onthe system. This is a bigcontributing factor to the slownessof the system. This also results indata storage issues as unnecessarydata is stored in the system whichwould otherwise be free. Thisaccounts for a huge data size in thesystem as well.

It is highly recommended that pay history should not becaptured in SIT as there areavailable standard Oracletables to hold this data. This

pay history should be deletedfrom the SIT through the useof Oracle providedApplication ProgrammingInterfaces (APIs). The SITstructure should be disabledafterwards.

Statement of Earnings Reportwas not available duringimplementation for globallocalization and as customsolution uploaded employees net salary into SIT for easyreference by users.

Statement of Earnings Reportis now available on theupgraded version (11.5.10.2).Hence salary data sitting inSIT can be deleted. Note thatwhat is being referred to is old

pay history data during theR11.0.3 implementationassistance is being soughtfrom the payroll consultantsto purge the SIT..

3.4.7 Unused Work Structures in IPPD2

Work structures like Organisation,Grades and Locations have been

created in IPPD2 but not assigned toemployees resulting in redundantdata. Currently there are 6,921 unused organizations 9,299 unused jobs 2,568 unused grades

Unused work structures in IPPD2can result in data storage issues and

can contribute to the overallslowness of the system.

There is an overhead in displayingunused jobs, organizations, gradesand locations during new hires andtransfers.

It is recommended that allunused work structures be

cleared in IPPD2.This wouldresult in substantial systemspace and may increasesystem performance. Dataentry will be a lot simplerafter removing the unusedwork structures in IPPD2

The IPPD2 has been usedsince 2006 and during this

period, there have beenseveral changes inorganizations, jobs, grades,etc.

It will be erroneous to concludethat there are unused work


43/199




No. Particulars - As Is Issues/ Gaps Impact Recommendation Management Responses Payroll Impact on Performance 296 unused locations The presence of unused work

structures in the system can lead todata entry errors during new hiresand promotions.

structures since some workstructures may not be in usetoday but was used in the pastand history data still referencesthem.


44/199




3.5 Process

No. Particulars - As Is Issues/ Gaps Impact Recommendation Management Responses Payroll Process Issues

3.5.1 Entry of new starters in IPPD2

Currently the new entrant s profile issometimes captured in IPPD2 as lateas 24 months after the employee had

joined the organization (Ex. GES).

The new entrant s data is provided tothe PPS in the form of input formswhich in some instances reach PPDoffices between 6-24 months after theemployee had already reported towork. Some of the new employees donot get paid till their information isentered into in IPPD2 before theycould receive their first salaries.

The time taken i.e. 6-24 months forsome of the new hires to receivetheir first salary is totally

unacceptable and causes greatinconvenience to them. The PPSwhich is currently based in Accra

processes applications for allemployees across all regions ofGhana. New hires input files for

people working in rural areas insome cases reach PPS 6-24 monthsafter the employee had alreadyreported to work. This causes ahuge delay in salary processing.Due to the above process issues,there is a huge overhead in

processing salaries retrospectively.A lot of time is also spent invalidating data in case ofretrospective payments.

Processes need to bestreamlined in order to ensurenew hires input files reach

PPS/PPD as early as possibleto avoid delay in salaries andretrospective processing.There is a need for thedecentralization of PPS byregions for effectivemanagement of IPPD2.

One of the main reasonsfor setting up the PPSs inthe MDAs was to

overcome this challenge.MDAs have been empoweredto capture their new hire datathemselves. Any bottleneckswith regards to late data entrylie primarily with the HR andadministrative systems in

place at the MDA level.

3.5.2 Invalid Account Numbers in IPPD2

Account numbers are not captured inIPPD2 for all employees. There arealso invalid account numbers like'+','-', '0', '00', '000', '1' captured in the

Capture of valid account numbersin the system is mandatory toensure accurate payout of salaries

processed by IPPD2. The process

Capture of valid accountnumbers should be mademandatory in IPPD2 and it ishighly recommended that

Each bank has its ownaccount number structure.Some of the supposed invalidaccount numbers may notnecessarily be invalid.


45/199




No. Particulars - As Is Issues/ Gaps Impact Recommendation Management Responses Payroll Process Issues system. For instance 8182 employeeshave account numbers as '0', 1427employees have '-' as accountnumbers.

On analysis of how payments are processed for the above accountnumbers, it was found that certainrural banks do not credit salaries

based on account numbers. Theyseem to be aware of the employeeswho have accounts with their banksand credit salaries with employeename as reference.

of rural banks crediting salaries based on the employee names is ahuge risk and there can be chancesof amounts getting credited towrong or "ghost" accounts. Thereis no report/validation in place inIPPD2 to check account numbersof new hires before running

payroll.

account numbers are sent outin the payment files to the

bank.

Report needs to be availablein IPPD2 which details the

bank, branch and accountnumber information for newhires in a month.

Unfortunately some rural banks do not provide theirclients with account numbers

but rather have their owninternal structures ofdisbursing salaries intoindividual accounts. Howeveras the bank account field ismandatory and a value must

be entered some of theseentries end up as invalid.

Management has requestedthat all banks shouldhenceforth have separate bankaccounts opened for allindividuals on the payroll.

3.5.3 Duration of Payroll Processing

Currently PPD requires 18-20 days to process payroll for all employees ofGoG. Post payroll processing 3-4days are being spent on manualreconciliation, bank file and

employee pay slip generation. Inview of the above activities, thewindow i.e. 3-4 days per month

provided to the PPS for data entryand corrections is too short andlimited.

The window for data entry is tooshort. This is a major contributor toinaccurate payroll processing inIPPD2. The PPS and CAGDsectional heads are always under

pressure as the system access isunavailable post the short window.The PPS need to complete newhires, promotions and terminationtransactions during this windowwhich often results in inaccurateentry.

The payroll process needs to be streamlined to reduceoperational time in order toincrease the data entrywindow.

Currently, during payroll processing the entire systemaccess is blocked for furtherdata entry. Selective accesscan be provided to data entryoperators by payroll to enable

With the implementation ofsingle spine pay policy, andthe re

Final Report – Payroll Assurance: Controller and Accountant General’s Department by KPMG

Documents

Transcript of Final Report – Payroll Assurance: Controller and Accountant General’s Department by KPMG