An effort by the state of Illinois to consolidate hundreds of separate financial reporting systems has cost $150 million more than estimated.
Auditor General Frank Mautino’s audit of the Illinois Department of Innovation and Technology found that the cost of the Enterprise Resource Planning project exceeded the initial five-year, $250 million estimate by 60 percent largely because of an aggressive implementation schedule. It began by tackling 260 separate financial reporting systems.
“It’s running behind and you’ve had cost overruns because of the implementation, they pushed hard in the beginning, which caused conversion problems and implementation problems because it’s trying to do so much,” Mautino said.
The audit found that the current estimated $400 million rollout should cover the rest of the implementation, scheduled for completion early next year. But Mautino noted some of the bigger challenges remain — mega-agencies such as the Department of Human Services and the Department of Healthcare and Family Services, which handle public assistance and Medicaid health care coverage, have yet to come online.
The audit, covering a two-year period that ended in June 2018, found 30 deficiencies. They included the failure to consolidate computer services among all 38 agencies required by a 2016 executive order by former Republican Gov. Bruce Rauner, late payment of vendors resulting in $20 million in late-payment interest, shoddy control of inventory and assets, and failure to follow written policies about which personnel have the authority to make such changes as computer coding.
The full audit is here.
* From the synopsis…
Because of the significance and pervasiveness of the findings described within the report, we expressed an adverse opinion on the Department’s compliance with the assertions which comprise a State compliance examination. The Codification of Statements on Standards for Attestation Engagements (AT-C § 205.72) states a practitioner “should express an adverse opinion when the practitioner, having obtained sufficient appropriate evidence, concludes that misstatements, individually or in the aggregate, are both material and pervasive to the subject matter.”
* From the Daily Line…
The agency also failed to conduct employee performance evaluations in a timely manner, and failed to submit reports to the state about employee diversity on time, or even at all in the case of the Asian-American Employment Plan Survey for the 2017 fiscal year.
After employees were terminated, many of them kept their state cell phones for weeks, or even months. The audit found that of nine terminated employees sampled for the audit, six of them kept their cell phones for anywhere between 46 to 291 days after the termination of the employee, costing the state $1,576. One of the former employees slipped through the cracks entirely, and DoIT was not aware that the cell service for a terminated employee had been costing the state $52 per month until the auditors notified the agency.
The auditors also noted that some of DoIT’s employees and contractors “had not completed security awareness training or cybersecurity training, completed the annual acknowledgement of compliance with security policies, obtained proper authorization for access rights, or request forms were submitted late, or not properly approved; and removed access rights in a timely manner.”
Additionally, the audit found that 551 laptops and desktops were not up-to-date with the latest anti-virus product and 3,692 were not up-to-date with the latest anti-virus definitions.