Performance audit, Department of Administration, Financial Services Division |
Previous | 1 of 7 | Next |
|
This page
All
Subset |
Performance Audit
Department of
Administration–
Financial Services Division
Performance Audit Division
Debra K. Davenport
Auditor General
JUNE • 2005
REPORT NO. 05 –02
A REPORT
TO THE
ARIZONA LEGISLATURE
The Auditor General is appointed by the Joint Legislative Audit Committee, a bipartisan committee composed of five senators
and five representatives. Her mission is to provide independent and impartial information and specific recommendations to
improve the operations of state and local government entities. To this end, she provides financial audits and accounting services
to the State and political subdivisions, investigates possible misuse of public monies, and conducts performance audits of
school districts, state agencies, and the programs they administer.
The Joint Legislative Audit Committee
Senator Robert Blendu, Chair Representative Laura Knaperek, Vice Chair
Senator Carolyn Allen Representative Tom Boone
Senator Gabrielle Giffords Representative Ted Downing
Senator John Huppenthal Representative Pete Rios
Senator Harry Mitchell Representative Steve Yarbrough
Senator Ken Bennett (ex-officio) Representative Jim Weiers (ex-officio)
Audit Staff
Melanie Chesney, Director
Dale Chapman, Manager and Contact Person
Allan Friedman
Elizabeth Shoemaker
Copies of the Auditor General’s reports are free.
You may request them by contacting us at:
Office of the Auditor General
2910 N. 44th Street, Suite 410 • Phoenix, AZ 85018 • (602) 553-0333
Additionally, many of our reports can be found in electronic format at:
www.auditorgen.state.az.us
2910 NORTH 44th STREET • SUITE 410 • PHOENIX, ARIZONA 85018 • (602) 553-0333 • FAX (602) 553-0051
DEBRA K. DAVENPORT, CPA
AUDITOR GENERAL
STATE OF ARIZONA
OFFICE OF THE
AUDITOR GENERAL
WILLIAM THOMSON
DEPUTY AUDITOR GENERAL
June 13, 2005
Members of the Arizona Legislature
The Honorable Janet Napolitano, Governor
Ms. Betsey Bayless, Director
Arizona Department of Administration
Transmitted herewith is a report of the Auditor General, A Performance Audit of the Department of
Administration—Financial Services Division. This report is in response to a November 20, 2002,
resolution of the Joint Legislative Audit Committee. The performance audit was conducted as
part of the sunset review process prescribed in Arizona Revised Statutes §41-2951 et seq. I am
also transmitting with this report a copy of the Report Highlights for this audit to provide a quick
summary for your convenience.
As outlined in its response, the Department of Administration agrees with all of the findings and
plans to implement or implement in a different manner all of the recommendations.
My staff and I will be pleased to discuss or clarify items in the report.
This report will be released to the public on June 14, 2005.
Sincerely,
Debbie Davenport
Auditor General
Enclosure
Services:
The General Accounting Office, one of three programs within the Department of Administration's
Financial Services Division, provides a variety of services and fulfills several responsibilities through
the following units:
Central Services Bureau—Provides a variety of
budget preparation and monitoring, bookkeep-ing,
and reporting and consulting services to
small- and medium-sized state agencies on a
fee-for-service basis.
Federal—Negotiates and monitors federal issues
affecting the State, including developing federal
reporting policies and procedures, coordinating
the State-wide Single Audit, and preparing the
State-wide Cost Allocation Plan.
Appropriations—Administers state-wide appro-priation
and allotment transactions, prepares
and distributes the state cash basis Annual
Financial Report, and approves and monitors
agency revolving funds.
Financial Accounting—Prepares the audited
State-wide Comprehensive Annual Financial
Report (CAFR) and provides technical assis-tance
to state agencies regarding accounting
issues pertaining to financial statement reporting
and for the processing of fixed assets on the
state-wide accounting system.
Audit, Policy, and Compliance—Coordinates the
development and distribution of state-wide
accounting policies and procedures; maintains
security for the state-wide accounting system
(AFIS); and performs procedural, compliance,
and special reviews of state agencies.
Central Payroll and State’s Retiree Accumulated
Sick Leave (RASL)—Coordinates payroll for state
employees, jointly administers the Human
Resource Solution (HRIS) system with the
Human Resource Division, and administers,
reports, and accounts for the RASL program,
which provides an incentive for state employees
who retire from state service with 500 hours or
more of accumulated sick leave.
Support Services—Provides logistical and
administrative support to GAO units, and signs
and distributes state payments.
PROGRAM FACT SHEET
Arizona Department of Administration—Financial Services Division
General Accounting Office (GAO)
Office of the Auditor General
Program revenue:
$16.32 million (fiscal year 2005, estimated)
Program staffing:
68 positions with 10 vacancies as of March 1, 2005
$0.00
$2.00
$4.00
$6.00
$8.00
$10.00
$12.00
$14.00
$16.00
$18.00
FY 2003 FY 2004 FY 2005 (estimated)
Millions of Dollars
State General Fund Charges for Services Miscellaneous
Arizona Financial
Information System—16
(3 vacancies)
Federal, Appropriations, Central
Services Bureau—12
(3 vacancies)
Central Payroll and RASL—11
(2 vacancies)
Audit, Policy, and
Compliance—10
(1 vacancy)
Support Services—7
(0 vacancies)
Administration—6
(1 vacancy)
Financial Reporting—6
(0 vacancies)
Arizona Financial Information System—Maintains AFIS, including assisting state agen-cies
in AFIS understanding and problem resolutions, coordinating AFIS enhancements,
maintaining the State’s vendor file, and performing various system reconciliations.
Facilities and equipment:
GAO occupies 22,049 square feet of office space in the Department’s building at 100 North 15th
Avenue in Phoenix. The Department leases this building under the PLTO (private lease-to-own)
program and during fiscal year 2005, was scheduled to pay approximately $2.6 million in rent for
the entire building. This amount increases annually until fiscal year 2027, when the Department
is scheduled to make rent payments of $4.46 million for this building. GAO’s equipment includes
typical office equipment.
Mission:
To provide state and federal agencies, the general public, and other interested public and private
entities with accurate, timely financial services, management information, technical assistance
while assuring compliance with related statutes and rules; to maintain and improve the statewide
automated financial systems; and to provide for the safeguarding of state assets.
Program goals:
1. To deliver customer service second to none.
2. To attract and retain a high-performance team of employees.
3. To aggressively pursue innovative solutions and/or opportunities.
Adequacy of goals and performance measures:
GAO has delivered a variety of performance measures that are generally in line with its goals,
including output, outcome, and efficiency measures. However, it could benefit from additional
goals and performance measures that would provide more information on its many activities. For
example, GAO should consider establishing specific goals that reflect the numerous services it
provides to state agencies and the various functions it performs. These might include goals
regarding the financial and accounting services it provides to state agencies, its responsibilities
for financial reporting, and its responsibilities for processing state employee payroll and state pay-ments.
Once it establishes these goals, GAO could develop additional measures, such as the
number of requests its receives and fulfills for financial and accounting services, to better reflect
its many activities.
Additionally, the Department should consider establishing a goal and associated performance
measures to report information related to the number and types of reviews or audits of state
agencies it conducts each year and whether agencies implement the recommendations made
as part of these audits.
Source: Auditor General staff compilation of unaudited information obtained from the Arizona Financial Information System (AFIS)
for the years ended June 30, 2003 and 2004; Master List of State Government Programs; and other information provided
by the Department, including financial estimates for the year ending June 30, 2005.
State of Arizona
Services:
Enterprise Procurement Services (EPS) was created in January 2005 as a new program within the
Department of Administration’s Financial Services Division. In addition to providing several new
functions, EPS performs the functions previously provided by the State Procurement Office. These
various functions are performed through the following units:
Communications—Coordinates communications on procurement contracts and status,
procurement policies and best practices, emerging
issues, public information, and other data to procure-ment
officers, customers, political subdivisions, and
citizens.
Compliance—Conducts delegation reviews and
oversight of procurement authority delegated to state
agencies, conducts agency procurement perform-ance
reviews, identifies and educates state agencies
regarding procurement best practices, and prepares
policies and procedures.
Enterprise Systems—Works with state agencies and
political subdivisions to provide access to the EPS
Web site and automated procurement systems.
MRO and Construction—Coordinates and conducts
strategic sourcing for building maintenance, repair,
and operations (MRO); contracts in coordination with
state agencies; and contracts for building construc-tion
contracting services.
Procurement Service Center—Conducts strategic
sourcing and procurement functions for agencies not
designated as strategic contracting centers.
Strategic Contracts—Provides centralized procure-ment
services for specific state-wide contracts such
as office supplies, furniture, and information technol-ogy.
Training—Provides procurement training and over-sight
of professional certification programs, and pro-vides
procurement standards to enable political sub-divisions
to award and administer state-wide con-tracts.
Facilities and equipment:
Enterprise Procurement Services occupies 8,914 square
feet of office space in the Department’s building at 100 North
15th Avenue in Phoenix. The Department leases this build-
PROGRAM FACT SHEET
Arizona Department of Administration—Financial Services Division
Enterprise Procurement Services
Administration—9
(1 vacancy)
Strategic Contracts—6
(1 vacancy)
Enterprise Systems—5
(0 vacancies)
Procurement Service
Center—5
(2 vacancies)
MRO and Construction—4
(1 vacancy)
Compliance—2
(0 vacancies)
Training—2
(0 vacancies)
Communications—1
(1 vacancy)
Program revenue:
$2.02 million (fiscal year 2005, estimated)
Program staffing:
34 positions with 6 vacancies as of March 1, 2005
Office of the Auditor General
$0.00
$0.50
$1.00
$1.50
$2.00
$2.50
FY 2003 FY 2004 FY 2005 (estimated)
Millions of Dollars
State General Fund Charges for Services Miscellaneous
ing under the PLTO (private lease-to-own) program and during fiscal year 2005 was scheduled
to pay approximately $2.6 million in rent for the entire building. This amount increases annually
until fiscal year 2027, when the Department is scheduled to make rent payments of $4.46 million
for this building. Enterprise Procurement Service’s equipment includes typical office equipment.
Mission:
One procurement community, consistently seeking best value procurement solutions for cus-tomers
through innovation.
Program goals:
1. To deliver customer service second to none.
2. To aggressively pursue innovative solutions and/or opportunities.
Adequacy of goals and performance measures:
The following discussion of performance measures pertains to the measures that were used by
the State Procurement Office (SPO). At the time of this audit, EPS had not revised or expanded
these performance measures. SPO’s performance measures included measures that reflect the
timeliness of procurement services and customer (state agency management) satisfaction with
the procurement services provided by its staff. However, EPS could develop a more compre-hensive
set of measures of its activities by adding input and output measures, such as the num-ber
of agency-specific procurements conducted and the number of state-wide procurements
awarded by EPS staff.
Additionally, as EPS broadens its policy and oversight role, it should develop measures to reflect
these activities. For example, it might report the number of policies and/or procedures issued,
the number of agency reviews conducted, the outcomes of these reviews, and whether state
agencies implement the recommendations made as part of these reviews. Further, when EPS
determines and implements mechanisms to capture and report data on state-wide procurement
activity, it should develop performance measures to report such data. For example, it could
develop measures to report the annual number and estimated dollar volume of contract awards,
the dollars spent under contract, the percentage of total procurements awarded by strategic con-tracting
centers, and other measures reflecting the procurement activity and outcomes for the
State as a whole.
Source: Auditor General staff compilation of unaudited information obtained from the Arizona Financial Information System (AFIS)
for the years ended June 30, 2003 and 2004; Master List of State Government Programs; and other information provided
by the Department, including financial estimates for the year ending June 30, 2005.
State of Arizona
Services:
Risk Management, one of three programs within the
Department of Administration’s Financial Services Division,
provides a variety of services and fulfills several responsibili-ties
through the following units:
Workers’ Compensation—Processes workers’ com-pensation
claims on behalf of state employees
injured in the course and scope of their employment
and determines wage, medical, surgical, and hospi-tal
disability benefits as provided by law under the
Arizona Workers’ Compensation Act.
Property and Liability Claims—Investigates, evalu-ates,
negotiates, and settles claims against the
State, including third-party general liability, third-party
auto liability, personal injury, third-party bodily injury,
and property claims.
Loss Prevention—Works with state agencies to
reduce or eliminate their exposure to risk by provid-ing
advice and assistance in a variety of areas,
including property, liability, environmental, and work-er
protections.
Finance/Insurance—Provides financial and account-ing
services, purchases excess and catastrophic
insurance to supplement state-funded self-insurance,
calculates state agency insurance charges, and pro-vides
agency support and customer service related
to insurance matters.
Occupational Health Services—Provides physical
examinations to potential state employees after an
offer of employment has been extended, including
scheduling, evaluating, and paying for these exami-nations
for various state agencies.
Facilities and equipment:
Risk Management occupies 15,048 square feet of office
space in the Department’s building at 100 North 15th
Avenue in Phoenix. The Department leases this building
under the PLTO (private lease-to-own) program and during
PROGRAM FACT SHEET
Arizona Department of Administration—Financial Services Division
Risk Management
Workers' Compe
and Property an
Claims—47
(4 vacancies)
Financial/Insurance—13
(0 vacancies)
Administration and
Information Services—12
(3 vacancies)
Occupational Health
Services—5
(0 vacancies)
Office of the Auditor General
Program staffing:
97 positions with 11 vacancies as of March 1, 2005
Workers' Compensation
and Property and Liability
Claims—47
(4 vacancies)
Loss Prevention—20
(4 vacancies)
Financial/Insurance—13
(0 vacancies)
Administration and
Information Services—12
(3 vacancies)
Occupational Health
Services—5
(0 vacancies)
Program revenues, expenditures,
losses, and premiums:
1 Consists of insurance charges assessed to state agencies.
2 Consists of property claims, settlements, payments to workers' compensation beneficiaries,
and related legal and other costs.
$0.00
$10.00
$20.00
$30.00
$40.00
$50.00
$60.00
$70.00
$80.00
$90.00
$100.00
1 2 3 4 5 6 7 8
Millions of Dollars
Revenues Operating Expenditures Losses, Premiums, and 1 Related Expenditures
2003 2004 2005
Fiscal Year
fiscal year 2005, was scheduled to pay approximately $2.6 million in rent for the entire building.
This amount increases annually until fiscal year 2027, when the Department is scheduled to
make rent payments of $4.46 million for this building. Risk Management’s equipment includes
typical office equipment.
Mission:
To provide timely, high-quality, and cost-effective services to agency customers and the public
for the State’s property and liability exposures, and to our state employee customers who have
work-related injuries.
Program goals:
1. To deliver customer service second to none.
2. To aggressively pursue innovative solutions and/or opportunities.
Adequacy of goals and performance measures:
Risk Management has developed performance measures that are generally in line with its goals,
and include input, outcome, efficiency, and quality measures. However, Risk Management could
benefit from additional goals and performance measures that would provide more information
on its activities. For example, while it does have some measures that report on activities related
to property and liability, and workers’ compensation claims, it has not established any measures
to reflect its handling of these claims, such as the ratio of open-to-closed property and liability
and workers’ compensation claims, whether these claims are approved or denied, whether
these claims are processed in a timely manner, and the percentage of claims with attorney
involvement.
Likewise, Risk Management does not have a goal or performance measures regarding its work
with agencies on loss prevention activities. A loss prevention goal and associated performance
measures might focus on the number of new programs implemented to limit the State’s future
liability and the number of state agency consultations performed. Establishing a broader array of
goals and performance measures would better reflect the variety of functions that Risk
Management performs and better inform stakeholders, including the Legislature, of these activ-ities
and their outcomes.
Source: Auditor General staff compilation of unaudited information obtained from the Arizona Financial Information System (AFIS)
for the years ended June 30, 2003 and 2004; Master List of State Government Programs; and other information provided
by the Department, including financial estimates for the year ending June 30, 2005.
State of Arizona
The Office of the Auditor General has conducted a performance audit and sunset
review of the Arizona Department of Administration, Financial Services Division
pursuant to a November 20, 2002, resolution of the Joint Legislative Audit
Committee. This audit was conducted as part of the sunset review process
prescribed in Arizona Revised Statutes (A.R.S.) §41-2951 et seq and is the first in a
series of four reports on the Department of Administration (Department). This report
focused on the development and implementation of the Human Resources
Information Solution (HRIS), the State’s new human resources system; procurement;
and the workers’ compensation claims process. The second report will focus on
functions performed by the Human Resources Division, and the third report will focus
on functions performed by the Information Technology Services Division. The final
report will be an analysis of the 12 statutory sunset factors.
The Financial Services Division (Division) provides a variety of services to state
agencies, including developing state-wide accounting policies and procedures;
providing bookkeeping, reporting, and consulting services; preparing financial
reports and performing internal audits; conducting state-wide and individual agency
procurements; providing insurance coverage to state agencies and employees for
property, liability, and workers’ compensation losses; and settling property and
liability claims against the State. Additionally, the Division has assisted in the
development and implementation of a new state payroll and human resource
system.
DOA needs comprehensive plan to ensure completion of
HRIS system (see pages 9 through 19)
The Department should develop a plan for completing the Human Resources
Information Solution (HRIS) system and ensure adequate user participation in the
plan’s development and the system’s completion. HRIS is replacing the State’s
Human Resources Management System, Benefits Information Tracking System, and
other applications with a single integrated system to administer payroll, personnel,
employee benefits, and other related functions. Phase 1 of the system was
Office of the Auditor General
SUMMARY
page i
implemented in December 2003. This phase of the system processes state
employee payroll and tracks and processes various employee-related actions, such
as hires, transfers, and promotions. Phase 2 functions of the system, which were in
various stages of implementation as of April 2005, are expected to provide the major
benefits of this new system. These functions include a hiring gateway, which assists
in the hiring approval and candidate screening process, and an employee/manager
self-service component, which would allow a state employee to input his/her own
information, such as an address change, into the system. According to department
estimates, HRIS should produce more than $100 million in cost savings over the next
10 years by automating functions previously performed by administrative staff and
reducing turnover due to increased employee satisfaction.
The Department did not meet the system’s original and some of its revised
implementation dates and has exhausted most of the project budget. Specifically:
Implementation time frames missed—According to the initial contract awarded
to the system vendor, the entire system was to be completed in 18 months. The
Department expected to implement Phase 1 by April 2003 and Phase 2 by July
2003. However, amendments to the contract revised these dates. The
implementation of Phase 1 was rescheduled for July 2003, and then to
December 2003. Phase 2 implementation was rescheduled for May 2004. While
Phase 1 was implemented in December 2003, as of April 2005, Phase 2
components were in various stages of development and implementation. These
delays have occurred because of the extensive modifications needed to adapt
the system’s primary software to the unique business practices of each state
agency and the limited funding available for continuing work on the system.
Project budget mostly exhausted—The Department received approximately
$42.5 million in project funding. The Legislature appropriated $7.5 million from
the Personnel Division Fund, and the Department issued certificates of
participation for the remaining funding.1 This funding was originally intended to
pay for the entire system. However, as of June 30, 2004, the Department
reported that the project had consumed almost all of this funding.2 The
personnel costs for the continued development and implementation of HRIS, as
well as its operations, are now funded out of the Department’s Human
Resources Division budget at approximately $2 million for fiscal year 2005. While
the Department has not determined the amount of additional monies needed to
complete Phase 2 of HRIS and address any needed user requirements,
according to a department official, ongoing development and maintenance of
the system will continue as monies are made available from the Human
Resources Division budget.
1 Certificates of participation function similarly to a lease-purchase agreement, in that these securities are backed by the
assets funded by the certificate proceeds, and nonpayment of the lease payments can result in the State’s returning
possession of the assets to the trustee.
2 According to the Department, over $2.3 million remains from the certificates of participation funding and has been
reserved to pay for a planned upgrade to the HRIS system in fiscal year 2006 or 2007.
State of Arizona
page ii
According to interviews with several state agency users, Phase 1 of the HRIS system
does not provide all of the functionality they required or expected. The new features
in Phase 2, which are expected to provide the major benefits to users, have yet to be
fully implemented. As a result, some agencies report relying on in-house systems or
manual processes to ensure that they have the necessary personnel information and
processing capabilities. Although expected during a major system implementation,
the Department has also been slow to address some of the user requests for Phase
1 modifications, some of which are needed to correct programs that do not function
properly.
The Department should develop a plan for completing the system. This plan should
specify the remaining functions to be implemented, identify the project budget and
funding sources, outline the staff resources needed, and establish a timeline to fully
implement the system. The plan should also address user requirements and
requests for system changes. In January 2005, the Department began a strategic
planning effort to address the future direction of HRIS. While the effort includes
determining organizational capabilities and identifying the remaining work needed to
complete HRIS, a comprehensive plan is still needed.
Additionally, the Department should enhance user participation on the project.
Literature on information technology project development strongly recommends user
involvement in all phases and at all levels of system development. While the
Department has included users in several facets of the project, it should also ensure
that users have input or are involved in overall project policy and direction, evaluating
and prioritizing requests for system functions or changes, and at all levels of system
design and system testing and acceptance.
Planned changes should improve procurement oversight,
but more can be done (see pages 21 through 29)
The Department’s planned changes to state procurement practices provide a good
foundation for improving oversight, but they can be further enhanced. Although
department officials estimate that the State spends billions annually in state, federal,
and other monies on the purchase of goods and services, the Department performs
little oversight of state agency procurement activities. The Department’s State
Procurement Office (SPO) primarily functioned as a state-wide contracting center,
conducting procurement of state-wide goods and services, and agency-specific
procurement for smaller state agencies.1 However, many of the State’s large
agencies conduct procurement under authority delegated by the Department.2
1 In January 2005, the Department created a new program, Enterprise Procurement Services, which, in addition to several
new functions, performs the activities formerly performed by the State Procurement Office.
2 Statute designates the department director as the central procurement officer for the State, responsible for procuring or
supervising the procurement of all materials, services, and construction needed by the State. Statute also authorizes the
department director to delegate procurement authority to state agencies.
Office of the Auditor General
page iii
Several of these agencies have received little or no oversight because they have had
unlimited delegated authority since the current procurement code was adopted in
1985. Fourteen state agencies have this unlimited authority and can enter into multi-million
dollar contracts without outside review or approval.
The changes underway include the following:
State’s procurement approach changing—In response to a Governor’s
Efficiency Review team recommendation, the Department is making significant
changes to the way the State conducts its procurements. Instead of many
individual agencies contracting for the same goods or services—such as
janitorial supplies or financial services—one state agency will serve as the
strategic procurement and contracting center for a specific good or service. All
state agencies needing this good or service will then rely on the contract. For
example, the Arizona Department of Transportation (ADOT) will serve as the
contracting center for automotive parts, and agencies needing these parts will
use the contract developed by ADOT. The State should then benefit from the
discounts that result from higher-volume purchases.
This new approach to procurement should also improve oversight. Because the
number of contracts used by multiple state agencies will increase, the
procurement process will be more visible, which can help ensure that
procurement and contracting best practices are used.
New oversight unit established—In conjunction with this effort, the Department
has reorganized its procurement organization. In January 2005, the Department
established the Enterprise Procurement Services program that includes a new
oversight group. This group plans to issue a policy and procedure manual to
guide procurement activities and conduct regular reviews of the procurement
practices of agencies with high levels of delegated procurement authority. There
are several opportunities to enhance these efforts beyond what is currently
planned. These include expanding the proposed policy and procedure manual
to include polices for administering contracts once they are in place, developing
ways to gather and analyze state contracting data, and annually reviewing a
random sample of individual procurements.
Department can improve its workers’ compensation
claims process (see pages 31 through 38)
The Department can improve its workers’ compensation claims process to help
ensure that state employees who are injured while at work promptly receive benefits.
The State provides workers’ compensation coverage through self-insurance, and the
Department’s workers’ compensation unit in Risk Management administers the
State of Arizona
page iv
claims. Claims are administered according to rules and regulations established by
the Industrial Commission of Arizona (Commission). For example, Risk Management
must accept or deny all claims within 21 days after the Commission notifies it of a
claim. According to statute, injured state employees are responsible for filing a claim
with the Commission. However, injured employees often inform Risk Management of
the injury before they file a claim with the Commission, and Risk Management does
not have to wait for formal notification from the Commission to begin processing a
claim.
While Risk Management meets the 21-day requirement for processing claims, since
some claims are not promptly filed with the Commission, it may take much longer—
weeks or even months—for the injured employee to know if the claim has been
approved or denied. Although responsible for filing a claim with the Commission,
state employees may be unaware of this requirement, or some may rely on their
physicians to file an injury report with the Commission. Auditors reviewed a random
sample of 43 workers’ compensation claims submitted to Risk Management during
fiscal year 2004 and determined that the Commission formally notified Risk
Management of 35 of these claims. Risk Management approved or denied each
claim within 21 days of notification.1 However, Risk Management was aware of all 35
claims prior to receiving formal notification and for 17 of these claims, was aware of
the injury and potential for a claim more than 3 weeks prior to the Commission’s
formal notification. While Risk Management actually reviewed and approved 6 of
these 17 claims prior to receiving notification from the Commission, it took between
32 and 145 days for Risk Management to either approve or deny the other 11 claims
from the date they were initially made aware of the injury.
Risk management can prevent unnecessary benefit delays by improving
communication with injured employees. For example, although Risk Management
has established an automated phone system and Web site to facilitate the reporting
of work-related injuries to state employees, neither the phone system nor Web site
adequately explains how to proceed with a claim or the need to report claims to the
Commission. Adding this information could help injured employees receive benefits
sooner.
Enhanced policies and procedures would also help Risk Management process
claims more quickly. While Risk Management adopted policies and procedures for
its workers’ compensation claims process in April 2005, it should establish additional
procedures to promptly identify injured employees who have missed more than 7
work days and explore options for obtaining needed information on injured
employees from state agencies in a timely manner. Risk Management should also
monitor its recently revised supervisory review procedures to ensure claims are
reviewed as scheduled.
1 Risk Management processed an additional eight claims without receiving commission notification.
Office of the Auditor General
page v
Other Pertinent Information (see pages 39 through 41)
As part of the audit, auditors gathered information regarding the certificates of
participation (certificates) that the State issued to help fund the development and
implementation of HRIS. In April 2002, the State, through the Department, issued
$63.27 million in certificates to finance a portion of the construction costs for the new
state health laboratory and to help fund HRIS. The certificates function similarly to a
lease-purchase agreement, in that these securities are backed by the assets funded
by the certificate proceeds and nonpayment of the debt can result in the State
returning possession of the assets to the trustee.
The sale of these certificates generated over $65.7 million. The HRIS project received
approximately $35 million of this amount, and the state health lab received the
remaining monies. The debt service schedule, which requires the Department to pay
$45.84 million over 11 years for the HRIS portion of the certificates, requires
increasing payments annually. State agency charges for personnel administration
services have been designated to service this debt.1 However, beginning in fiscal
year 2005, the Department shows a Human Resources Division budget deficit of
$180,000 and this deficit continues as the payment amounts increase. As a result, in
its fiscal year 2006 budget submission, the Department has requested an increase
in state agency charges for personnel administration services from 1.04 to 1.08
percent.
1 Only state agencies covered by the State’s personnel merit system, which requires these agencies to adhere to state
personnel rules and regulations, are assessed this charge.
State of Arizona
page vi
Office of the Auditor General
TABLE OF CONTENTS
continued
1
9
9
15
19
21
21
23
24
27
29
31
31
32
34
38
39
39
Introduction & Background
Finding 1: DOA needs comprehensive plan to ensure
completion of HRIS system
Implementation delays have exhausted most funding and some
users are dissatisfied
Department needs new plan for project’s completion
Recommendations
Finding 2: Planned changes should improve
procurement oversight, but more can be done
Department’s procurement oversight has been insufficient
Procurement reforms will help improve oversight
Reorganization will increase oversight
Additional oversight mechanisms can benefit state procurement
Recommendations
Finding 3: Department can improve its workers’
compensation claims process
Workers’ compensation claims process
Risk Management could better communicate claim requirements
Enhanced policies and procedures should aid claims processing
Recommendations
Other Pertinent Information
Certificates of Participation
page vii
State of Arizona
TABLE OF CONTENTS
Agency Response
Tables:
1 Risk Management Fund Cash Balance, in Millions
For the Years Ended June 30, 2001 through 2004
2 Schedule of Receipts and Disbursements by Program,
in Thousands
Years Ended or Ending June 30, 2003 through 2005
(Unaudited)
3 Status of Human Resources Information Solution (HRIS)
Component Modules
As of April 2005
4 Examples of Planned Procurements
As of April 2005
5 Workers’ Compensation Claims and Payments
For the Year Ended June 30, 2004
6 Human Resources Division
Projected Budget Shortfall, in Millions
Years Ending June 30, 2005 through 2007
Figure:
1 Human Resources Information Solution (HRIS)
Scheduled Certificate of Participation Payments, in Millions
Eleven Years Ending May 1, 2013
4
5
11
24
31
41
40
concluded
page viii
The Office of the Auditor General has conducted a performance audit and sunset
review of the Arizona Department of Administration, Financial Services Division
pursuant to a November 20, 2002, resolution of the Joint Legislative Audit
Committee. This audit was conducted as part of the sunset review process
prescribed in Arizona Revised Statutes (A.R.S.) §41-2951 et seq and is the first in a
series of four reports on the Department of Administration (Department). This report
focused on the development and implementation of the Human Resources
Information Solution (HRIS), the State’s new human resources system; procurement;
and the workers’ compensation claims process. The second report will focus on
functions performed by the Human Resources Division, and the third report will focus
on functions performed by the Information Technology Services Division. The final
report will be an analysis of the 12 statutory sunset factors.
Financial Services Division
The Department was formed in 1972 and consists of seven divisions, including the
Financial Services Division (Division). The Division’s mission is “to provide effective
and efficient support services to enable government agencies, state employees and
the public to achieve their goal.” To help fulfill its mission, as of March 1, 2005, the
Division reported a total of 199 positions, with 27 vacancies. These staff provide a
variety of services to state agencies through three programs described below.
Additionally, the Division has assisted in the development and implementation of the
State’s new human resources system.
General Accounting Office (68 positions; 10 vacancies)—The General
Accounting Office (GAO) provides financial information to state and federal
government agencies, financial institutions, and other interested public or
private entities. Specifically, GAO operates the state-wide accounting system
(AFIS) and the state-wide payroll portion of the Human Resources Information
Solution (HRIS). GAO also provides state-wide accounting policies and
procedures to state agencies; distributes and reconciles all state warrants;
provides a variety of data input, bookkeeping, reporting, and consulting services
Office of the Auditor General
INTRODUCTION
& BACKGROUND
page 1
to state agencies; prepares financial reports; performs internal audits, reviews,
and investigations of state agencies; and provides various types of technical
assistance on government accounting and financial matters.
Enterprise Procurement Services (34 positions; 6 vacancies)—Enterprise
Procurement Services (EPS) was created in January 2005 as a new program
within the Division. EPS replaces the State Procurement Office (SPO) as the
central procurement authority for the State. EPS conducts strategic state-wide
contracting for specific goods and services, conducts procurements for
individual agencies when the value of the procurement exceeds the agency’s
delegated procurement authority or upon request, establishes and administers
procurement policies and procedures, establishes standards and manages
procurement authority delegated to agencies, disseminates procurement
information to customers, and administers bid protests and claims appeals.1
According to procurement system reports, as of December 2004, SPO staff
served as the primary procurement administrators for 142 state agency-specific
procurements and 139 state-wide procurements.
Risk Management (97 positions; 11 vacancies)—Risk Management manages
the property, liability, and workers’ compensation claims and losses for the
State. Specifically, Risk Management provides insurance coverage to state
agencies and employees for property, liability, and workers’ compensation
losses through self-insurance and purchased insurance policies; investigates,
mitigates, and settles all property and liability claims against the State; recovers
monies from third parties who have injured the State; and assists agencies in the
development and administration of loss prevention programs. Also, Risk
1 Statute designates the department director as the central procurement officer for the State, responsible for procuring or
supervising the procurement of all materials, services, and construction needed by the State. Statute also authorizes the
department director to delegate procurement authority to state agencies.
State of Arizona
page 2
GAO Mission:
To provide state and federal agencies, the general public, and other interested
public and private entities with accurate, timely financial services, management
information, technical assistance while assuring compliance with related statutes
and rules; to maintain and improve the statewide automated financial systems; and
to provide for the safeguarding of state assets.
EPS Mission:
One procurement community, consistently seeking best value procurement solutions
for customers through innovation.
Management self-insures and self-administers the State’s workers’
compensation benefits for injured state employees; assists agencies in
administering return-to-work programs; and recovers monies from third parties
who have injured state employees.
HRIS project
Starting in 1999, the Department, with the assistance of several state agencies,
began work on identifying, designing, and implementing a new state human
resources information system. The Human Resources Information Solution (HRIS) is
replacing the State’s Human Resources Management System (HRMS), Benefits
Information Tracking System, and other applications with a single integrated system
shared by state agencies. According to the Department, HRMS had become
obsolete as key software components would no longer be supported by the vendor
and the system did not capture important personnel information for management
purposes. When fully implemented, HRIS should provide a single system for the
administration of payroll, personnel, employee benefits, and other related functions.
The Legislature appropriated a total of $7.5 million in fiscal years 2002 and 2003 to
help fund the project. The State obtained additional funding of approximately $35
million for system development and implementation by issuing certificates of
participation (see Other Pertinent Information, pages 39 through 41, for further
information). The HRIS system has been implemented in two phases, with ongoing
development currently occurring for Phase 2 system functions. Phase 1, which
processes state employee payroll, was implemented in December 2003 (see Finding
1, pages 9 through 19, for more information on the development and implementation
of HRIS).
1995 report and followup
As part of this audit, some concerns identified in the Auditor General’s 1995
performance audit report (Report No. 95-11) were reviewed. This review revealed the
following:
Improved handling of property and liability claims—The 1995 report
recommended that Risk Management improve the handling of property and
liability claims. Specific recommendations included regular supervision of
The Department is
developing a new state
human resources
information system.
Office of the Auditor General
page 3
Risk Management Mission:
To provide timely, high quality, and cost effective services to agency customers and
the public for the state’s property and liability exposures, and to our state employee
customers who have work-related injuries.
claims adjusters, revising caseload standards, addressing internal control
weaknesses, and better monitoring of contracted claims adjusters. Based on
auditors’ review of a sample of 16 property and liability claims submitted from
July 2003 through August 2004, it appears that Risk Management has improved
its processing of these claims. Specifically, auditors found that the policies and
procedures for processing property and liability claims are appropriate and that
the claims auditors reviewed were processed according to these policies and
procedures. For example, Risk Management appropriately conducted and
documented the claim investigation, documented required supervisory review
and approval of claims, and appropriately assigned and monitored tasks given
to contracted adjusters.
Stronger incentives to control losses have been implemented—As
recommended in the 1995 report, Risk Management changed its allocation
model to encourage loss control behavior among state agencies. The previous
model used by Risk Management to allocate insurance charges to state
agencies did not provide financial incentives to encourage loss control
behaviors. However, the new model adopted by Risk
Management is driven by an agency’s historical loss
trends and its exposure as it relates to a specific line of
insurance coverage. Currently, either through self-insurance
or purchased insurance policies, the State
has various lines of insurance coverage, including
environmental liability, medical and general liability, and
auto liability. For example, based on the new allocation
model, an agency’s insurance charge for auto liability
insurance coverage is based on the number of
vehicles that an agency owns and its auto accident
history. For this line of insurance coverage, the
exposure to accidents is increased with a greater
number of vehicles. Additionally, depending on the
specific line of insurance coverage, the allocation
model considers from 2 to 5 years of agency loss
history. Table 1 illustrates the revenues generated from state agency charges for
insurance coverage and insurance coverage expenditures for fiscal years 2001
through 2004.
Financial Services Division’s operating budget
While the Division’s operating budget consists of monies appropriated from the State
General Fund, the majority of its revenues consist of charges assessed to state
agencies for the various services it provides. Table 2 (see page 5) illustrates the
Division’s actual revenues and expenditures for fiscal years 2003 and 2004 and its
State of Arizona
page 4
Table 1: Risk Management Fund Cash Balance, in Millions
For the Years Ended June 30, 2001 through 2004
2001 2002 2003
2004
Cash receipts $61.3 $77.4 $79.5 $92.1
Cash distributions 1 74.5 76.7 90.1 78.2
Subtotal ($13.2) $ 0.7 ($10.6) $13.9
Beginning cash balance $41.5 $28.3 $29.0 $18.4
Ending cash balance $28.3 $29.0 $18.4 $32.3
1 The 2001 amount includes the Legislature’s transfer of $12 million to the State General Fund.
Source: Auditor General staff analysis of the Risk Management Fund Allocation of Cash
Balance schedule for fiscal years 2001 through 2004.
Office of the Auditor General
page 5
Table 2: Schedule of Receipts and Disbursements by Program, in Thousands
Years Ended or Ending June 30, 2003 through 2005
(Unaudited)
Enterprise Procurement Services 1 General Accounting Office Risk Management
2003 2004 2005 2003 2004 2005 2003 2004 2005
(Actual) (Actual) (Estimated) (Actual) (Actual) (Estimated) (Actual) (Actual) (Estimated)
Revenues:
State General Fund $1,485 $1,511 $1,715 $ 4,219 $ 3,361 $ 3,519
Charges for services 2 168 288 152 10,582 10,747 11,062 $80,935 $91,350 $89,342
Miscellaneous 68 71 151 763 1,739 1,739
Total revenues 1,721 1,870 2,018 15,564 15,847 16,320 80,935 91,350 89,342
Expenditures and transfers:
Operating:
Personal services and employee
related 1,457 1,284 1,455 2,663 2,726 3,508 4,217 4,409 4,725
Professional and outside services 129 19 34 2 2 12 95 74 100
Travel, equipment, and other
operating 174
680
535
2,360
1,680
1,982
2,282
1,109
1,133
Allocated costs 23 14 17 62 68 82
Total operating expenditures 1,783 1,997 2,041 5,025 4,408 5,502 6,656 5,660 6,040
Losses, premiums, and related
expenditures 3
71,484
71,826
77,380
Retirement accumulated sick leave 4 11,064 9,128 9,961
Total expenditures 1,783 1,997 2,041 16,089 13,536 15,463 78,140 77,486 83,420
Net operating transfers out 5 12,002 565 2,239
Total expenditures and operating
transfers 1,783 1,997 2,041 16,089 13,536 15,463 90,142 78,051 85,659
Excess (Deficiency) of revenues over
expenditures and operating
transfers $ (62) $ (127) $ (23) $ (525) $ 2,311 $ 857 $(9,207) $13,299 $ 3,683
________________
1 The 2003 and 2004 amounts represent the financial activity of the State Procurement Office. Beginning January 2005, the Department created the Enterprise Procurement Services
program, which replaced the State Procurement Office. Consequently, the 2005 amounts include 6 months of financial activity for the State Procurement Office and 6 months of estimated
financial activity under the new organizational structure. See Introduction and Background, page 2, for additional information on the new program.
2 General Accounting Office amounts include a pro rata charge on other agencies’ payroll expenditures for the retiree accumulated sick leave program. Risk Management amounts are
charges to state agencies for insurance.
3 Consists of insurance premiums, property claims, settlements, payments to workers’ compensation beneficiaries, and related legal and other costs.
4 Consists of payment for accumulated sick leave and associated employee-related expenditures in accordance with A.R.S. §38-615 and administration costs of the program.
5 2003 amount includes $12 million transferred to the State General Fund in accordance with Laws 2003, First Special Session, Chapter 1.
Source: Auditor General staff analysis of financial information provided by the Department of Administration from its Arizona Financial Information System for the years ended June 30, 2003
and 2004; and department-prepared estimates for the year ending June 30, 2005.
estimated revenues and expenditures for fiscal year 2005. The Division received
nearly $109.1 million in revenues in fiscal year 2004, over $4.87 million of which
consisted of General Fund appropriations. The Division’s revenues are expected to
decrease slightly in fiscal year 2005, as they are estimated to be nearly $107.7 million.
The Division’s fiscal year 2004 expenditures were approximately $93 million, which
represented over a 3 percent decrease from its fiscal year 2003 expenditures of
approximately $96 million. However, based on fiscal year 2005 estimates,
expenditures will increase to $109 million. According to a department official, the
Department conservatively estimated fiscal year 2005 expenditures, particularly for
Risk Management, and the Department does not anticipate that actual expenditures
will exceed revenue in fiscal year 2005.
The Legislature also appropriates monies for Risk Management operations. These
monies are appropriated from the Risk Management Fund, which consists of
allocations charged to other state agencies. The allocations charged by the Risk
Management program not only cover the costs of its employees and operations, but
also pay for insurance premiums, property claims, liability claims/settlements,
payments to workers’ compensation beneficiaries, medical costs, legal costs, and
other loss adjustment expenses. As previously mentioned, the allocation to each
state agency is based on the line of insurance coverage, the agency’s loss history,
and risk exposure. As shown in Table 2 (see page 5), the Department collected
$91.35 million in agency insurance charges for fiscal year 2004 and is expected to
collect an estimated $89.34 million in fiscal year 2005. Risk Management’s fiscal year
2004 expenditures were nearly $77.5 million and are estimated to increase to $83.4
million in fiscal year 2005.
Audit scope and methodology
This audit focused on the Department’s development and implementation of HRIS,
oversight of procurement activities, and its workers’ compensation claims process.
This report presents findings and recommendations in the following areas:
The Department needs to develop a comprehensive plan, with appropriate user
participation, to help ensure that the continued development and
implementation of the Human Resources Information Solution system meets
project goals and satisfies user needs.
The Department should continue with and augment its plans to increase
oversight of state agency procurement practices.
State of Arizona
page 6
The Department can improve its workers’ compensation claims process to help
ensure that state employees who are injured while at work promptly receive
benefits.
In addition, this report contains an Other Pertinent Information section (see pages 39
through 41) that provides information regarding the certificates of participation that
the State issued to help fund HRIS development and implementation.
Auditors used a number of methods to obtain information about the Division’s
programs and to study issues addressed in this report. These methods included
interviewing department and division management and staff, and reviewing statutes
and administrative rules, policies, and procedures, and the Department’s strategic
plan for fiscal years 2005 through 2009.
Auditors also used the following methods:
To evaluate the Department’s progress in developing and implementing HRIS,
auditors interviewed staff of six state agencies, five agency representatives of
the project’s user task force, and HRIS project managers; observed help desk
operations, acceptance testing, and payroll processing; and attended various
work groups associated with the project, such as meetings of the Change
Control Board, which evaluates system changes, and the executive committee,
which oversees the project. Auditors also reviewed HRIS documents such as
the project charter, the project and investment justification submitted to the
Government Information Technology Agency for review and approval, status
reports, and policies and procedures; the results of customer service surveys
and focus groups conducted by the Department in 2003 and 2004 to assess
user satisfaction with system development and implementation; and the HRIS
project plan, budget, and implementation methodology. Finally, auditors
reviewed literature on best practices for information technology project
development.1, 2, 3
To evaluate the need for increased oversight of state agency procurement
activities, auditors reviewed the statutes, policy manuals, and related materials
of the states of California, Florida, and Washington.4 Auditors also interviewed
procurement officials from the same three states, procurement officials within
1 United States General Accountability Office. Accounting and Information Management Division. Federal Information
System Controls Audit Manual: GAO, January 1999.
2 Taylor, James. Managing Information Technology Projects: Applying Project Management Strategies to Software,
Hardware, and Integration Initiatives. New York: American Management Association, 2004.
3 Halper, Stanley D., Glenn C. Davis, P.J. O’Neil-Dunne, and Pamela R. Pfau. Handbook of EDP Auditing. Boston: Warren,
Gorham & Lamont, 1985.
4 California, Florida, and Washington were selected for review because these states similarly delegate procurement
authority to various agencies and are implementing procurement improvements or reform efforts.
Office of the Auditor General
page 7
two Arizona state agencies, Attorney General staff, and a Governor’s Efficiency
Review team member. Finally, auditors reviewed Arizona’s procurement code
and proposed rule revisions, and reports from the Office of the Auditor General
and the Department’s General Accounting Office, and attended meetings and
reviewed documentation from the Department’s Value in Procurement project
team and committees, which are reviewing and revising state procurement
practices.
To determine whether the Department can process workers’ compensation
claims in a more timely manner, auditors reviewed a random sample of 48
workers’ compensation claims submitted during fiscal year 2004. These claims
consisted of 28 time-loss claims, 10 medical-only claims, 5 long-term care
claims, and 5 claims for which the unit initially denied payment, but later paid the
claim. Auditors also interviewed an Arizona Industrial Commission official and
Arizona State Compensation Fund staff, and reviewed a workers’ compensation
claims process study prepared by the Georgia State Board of Workers
Compensation, documents used by the Arizona State Compensation Fund in its
claims process, and the Utah workers’ compensation system and Arizona State
Compensation Fund Web sites.1
To develop information on the certificates of participation that the Department
issued to help fund HRIS development and implementation, auditors reviewed
the April 2002 certificates of participation official statement, audit work
performed by the Office of the Auditor General in 2004 regarding the certificates
of participation, and the Department’s fiscal year 2006 budget submission.
This audit was conducted in accordance with government auditing standards.
The Auditor General and staff express appreciation to the director and staff of the
Arizona Department of Administration for their cooperation and assistance through
this audit.
1 Georgia State Board of Workers’ Compensation: Best Practices—Proper Claim Reporting, July 2003.
State of Arizona
page 8
DOA needs comprehensive plan to ensure
completion of HRIS system
To protect the State’s investment in the Human Resources Information Solution
(HRIS) system, the Department needs to formulate a comprehensive plan to
complete system implementation and ensure continued user participation in system-related
activities. In December 2003, the Department implemented Phase 1 of HRIS
to process personnel-related, payroll, and employee benefits transactions. While
implementation of this phase assured the uninterrupted processing of state
employee payroll, it was implemented several months after the original date
projected for its completion. Many of the system’s new or added features, which
were perceived to be the new system’s major benefits and are being implemented in
Phase 2 of the project, were still not fully implemented as of April 2005. Additionally,
user expectations for system functions have not been met, and some users have
become dissatisfied with the system. Therefore, the Department should continue with
its recent efforts to develop and implement a detailed plan for completing HRIS and
continue to ensure appropriate user participation in determining project direction and
setting priorities.
Implementation delays have exhausted most funding and
some users are dissatisfied
The implementation of HRIS is still not complete and it has not provided the full range
of functions anticipated. While the core payroll functions have been implemented, as
of April 2005, many of the system’s new or added features have yet to be fully
implemented. This delayed implementation consumed almost all the project funding,
resulting in significantly reduced funding and staff resources to implement the
remaining system functions. Additionally, some state agencies continue to use
multiple, in-house systems and processes to perform payroll-related functions that
HRIS does not provide.
Office of the Auditor General
FINDING 1
page 9
HRIS implemented in phases—The goal of HRIS is to replace the State’s
Human Resources Management System (HRMS), Benefits Information Tracking
System, and other applications with a single integrated system shared by state
agencies to administer payroll, personnel, employee benefits, and other related
functions. According to the Department, it was necessary to develop a new human
resources system as HRMS had become obsolete. In particular, the vendor reported
to the Department that it would no longer support key software components of the
system and that the system did not capture important personnel information. The
State contracted with IBM to help develop and implement this new system.
According to the Department, HRIS provides the opportunity to streamline human
resources processes, reduce costs, improve state agency manager and employee
access to human resources information, and improve customer service. Table 3 (see
page 11) describes the major system components and their implementation status
in the project’s two phases.
Phase 1 of the HRIS project, implemented in December 2003, encompasses the
core state employee payroll processing functions. These include maintaining time
and attendance information to process payroll and tracking and processing various
employee-related actions, such as hires, transfers, and promotions. Implementation
of this phase has provided for the continued processing of state employee payroll.
Phase 2 focuses on many of the added or new features that were perceived to be
the major benefits of a new system and were anticipated to provide monetary
savings. These include the hiring gateway, data warehouse, performance
management, and employee/manager self-service functions, which are defined in
Table 3 (see page 11). The components of this phase are in various stages of
implementation. For example, the performance management component is
undergoing user acceptance testing, and the Department expects that the hiring
gateway component will be fully implemented in July 2005. The Department has
estimated that HRIS will save the user community in excess of $100 million over the
next 10 years. The features that the Department anticipates will provide these savings
automate functions that were previously performed by administrative staff and are
expected to reduce turnover due to increased employee satisfaction. For example,
the employee/manager self-service component allows a state employee to input his
or her own information into HRIS for a change of address or schedule training, rather
than submitting a paper document to agency administration for review and data
entry.
HRIS implementation did not meet plan—With the exception of the final
revised implementation date for Phase 1, the planned HRIS implementation dates
have not been met and the project budget, originally intended to pay for the
development and implementation of the entire system, has been largely exhausted.
Specifically:
HRIS is able to process
payroll and limited
employee-related
transactions.
State of Arizona
page 10
Office of the Auditor General
page 11
Table 3: Status of Human Resources Information Solution (HRIS) Component Modules
As of April 2005
Component Module Description Status
Phase 1:
Core System Functions
Captures, tracks, and reports the following:
• Human Resources—hires, transfers, terminations,
promotions, and employee data maintenance.
• Benefits—medical, dental, and disability.
• Payroll—calculates payroll and issues checks or
payroll advices.
Implemented 12/2003
Other:
General Salary
Adjustment
Programming required for Legislature-approved
employee raises.
Implemented 7/2004
Open Enrollment Allows state employees to input and verify their
selection of employee benefits.
Implemented 8/2004
Phase 2:
Performance
Management
Provides a reminder that an annual performance
evaluation is due and captures evaluation information on
reports.
In user acceptance testing. Need to develop
training, agency rollout strategy, and
communication plan. Dates for fully
implementing this feature have yet to be
determined.
Process Flow Provides a reminder when documents or actions are
due and tracks their status.
In production for Department only. Dates for fully
implementing this feature have yet to be
determined.
Analytics Compares Arizona human resource, payroll, and
benefits data to Saratoga Institute data so Arizona can
be compared to national averages.1
Saratoga Institute data loaded into database in
November 2004. Project team analysis of
function continuing. Dates for fully implementing
this feature have yet to be determined.
Data Warehouse Captures a variety of data elements that allow for
analytical and statistical reporting.
In development. Dates for fully implementing this
feature have yet to be determined.
Employee/Manager Self-
Service
Allows managers/employees to input, update, and view
their personnel data in the system.
Rollout of view-only access for the employee
self-service feature expected to begin in May
2005 with complete rollout of view-only access to
all employees by July 2005. Dates for fully
implementing this feature have yet to be
determined.
Hiring Gateway Creates and approves personnel requisitions and allows
agencies to recruit, process resumes, and hire staff via
the Internet.
Phase 1 implemented in April 2005. Department
expects to complete Phase 2 and fully
implement this component in July 2005.
1 A PricewaterhouseCoopers Service that provides a database of comparative statistics.
Source: Auditor General staff analysis of information provided by the Arizona Department of Administration.
Implementation time frames missed—According to the initial contract awarded
to IBM, the entire system was to be completed by July 2003. The Department
and its contractors expected to implement Phase 1, which included the core
payroll functions, by April 2003, 15 months after initiating the project. Phase 2,
which includes the new features such as the hiring gateway and
employee/manager self-service components, was to be implemented no later
than July 2003, 3 months later. However, amendments to the contract revised
these dates. Specifically, the implementation of Phase 1 was changed to July
2003 and then to December 2003. Phase 2 implementation was rescheduled for
May 2004. While Phase 1 features were actually implemented in December
2003, as of April 2005, Phase 2 still does not have any components fully
implemented.
Project budget mostly exhausted—The HRIS project was primarily funded
through the issuance of certificates of participation (certificates) in April 2002,
which generated approximately $35 million, and legislative appropriations
totaling $7.5 million from the Personnel Division Fund in fiscal years 2002 and
2003 (see Other Pertinent Information, pages 39 through 41, for more
information on the certificates). The certificates were intended to finance the
purchase, installation, consulting services, and training costs associated with
the development and implementation of both phases of the system. However,
as of June 30, 2004, the Department reported that the project had consumed
almost all of this funding, yet Phase 2 of the system had yet to be fully developed
and implemented.1 For fiscal year 2005, HRIS was changed from a project with
its own budget to an operating unit of DOA’s Human Resources Division. The
personnel costs for continued HRIS development and implementation, as well
as its operations, are now funded out of this Division’s budget at approximately
$2 million for fiscal year 2005. While the Department has not determined the
amount of additional monies needed to complete Phase 2 of HRIS and address
any needed user requirements, according to a department official, ongoing
development and maintenance of the system will continue as monies are made
available from the Human Resources Division budget. Additionally, according to
HRIS project management, the limited funding available for continuing work on
the system has partially contributed to the delays in completing the system.
Staffing reduced—With the reduction in funding, staff resources devoted to
implementing Phase 2 have also been significantly reduced. During the first 2
years of project development and implementation, as many as 59.5 staff
positions were dedicated to the HRIS project.2 However, project staffing has
been reduced by approximately 70 percent. As of November 2004, 17.5
positions were dedicated to the system for continued development and
1 According to the Department, over $2.3 million remains from the certificates of participation funding and has been
reserved to pay for a planned upgrade to the system in fiscal year 2006 or 2007.
2 Phase 1 was implemented by a combined team of state employees, some on loan from other state agencies, and vendor
employees.
State of Arizona
page 12
HRIS implementation
time frames not met.
implementation, as well as for system operations and maintenance. According
to the Department, staffing will be further reduced to 15.5 positions by May
2005.1
The extensive modifications made to adapt the system’s primary software to the
unique business practices of Arizona’s state agencies contributed to the delay in
implementing the system. According to the contract, the primary contractor assumed
that the system would be implemented using the standard, out-of-the-box software.
However, this would have required state agencies to modify their diverse business
practices and move to standard processes that could be supported by the software.
While a department official indicated that state agencies had committed to adjusting
their business practices to conform to the system, agencies did not do so. As a
result, the modifications required to the system significantly extended the time
needed to complete the project.
User expectations not met—Due to the delayed implementation of Phase 2,
state agency users have not yet received many of the features they expected. These
included features such as the hiring gateway, which assists in the hiring approval and
candidate screening process, and the employee/manager self-service feature.
Additionally, according to HRIS project management, in order to make the target date
to process state payroll with the new system by year-end 2003, some of the Phase 1
user requests for particular functions were deferred. For example, users requested
the ability to retain employee history, such as the length of state service and pay rates
when an employee transfers to another agency. According to a department official,
while this function has not been implemented, agencies can request this information
from the Department. Additionally, users requested the ability to print leave balances
on employee time sheets. While the Department can generate a file from HRIS with
the necessary information, this file must be individually sent to agencies, and
agencies desiring this capability must develop a custom program to print a time
sheet in the desired format. Additionally, according to a department official, even
though this feature had been available since the implementation of Phase 1, it has
not been made readily available to users. In fact, only the Department and another
agency use this feature, and other agencies auditors spoke with were unaware that
the Department could provide this service.
In addition, while the Department has received numerous requests for system
changes or fixes, which is to be expected for a major system implementation, it has
been slow to address some of these user requests. According to HRIS project
management, this is a result of reduced funding and staffing, the resources needed
to maintain the operational stability of the system, and its focus on implementing
Phase 2 and other legislatively mandated changes, such as the July 2004 salary
increase for state employees. User requests include fixing programs that do not
function properly or requests for additional features to provide agencies with
adequate human resources system and information capabilities. For example, as of
Some user requests for
system features have
not been implemented.
1 Three of the 17.5 FTEs spend only a portion of their time on HRIS, and 3 of the 15.5 FTEs will spend a portion of their
time on HRIS only in conjunction with other duties.
Office of the Auditor General
page 13
October 2004, the Department was tracking 40 outstanding requests for Phase 1
program changes. This included 32 requests categorized as either critical or high
priority. Three of these requests identified as critical were made in March or April
2004, while one high priority request was made in September 2003 and four other
high priority requests were made in July 2004. Although HRIS project management
is responding to some identified user requirements, such as the need for improved
training and help desk responsiveness, user needs not yet fully addressed include
the completion of Phase 2 components, difficulty in finding answers to system-related
problems, and the need for better communication.
Some users dissatisfied with system—System data entry requirements, the
delayed implementation of Phase 2 components, and the deferral or rejection of
some agency requests for system functionality has led to some user dissatisfaction
with the system. For example, HRIS requires agencies to capture more information
within the system as compared to the previous payroll system. As a result, agencies
report additional staff time spent on data entry for HRIS. Additionally, the Department
reported it could not accommodate some agency-specific needs within the system
framework. This included a Department of Economic Security request that the
system verify fund availability before processing a time record. According to the
Department, this request would have required an interface with the Arizona Financial
Information System, which was not practical to pursue for a single agency given the
time and resources needed to develop this capability. As a result, some state
agencies have continued to operate and maintain alternative information systems
and manual processes to capture and provide payroll and human resource
information at their own cost. Specifically:
Users relying on in-house systems—One of the major objectives of the HRIS
system was to eliminate duplicate automated systems and processes. However,
according to interviews with six randomly selected agency officials, four of the
six users continue to use or rely on their own in-house systems because the
HRIS system, as currently operating, has not eliminated that need. These
systems range from simple spreadsheets to time accounting systems. For
example, one agency official indicated that the agency maintains an in-house
personnel database and time/activity system to meet the agency’s functional
needs. In fact, this agency official reported that the HRIS project manager
recommended that the agency’s functional needs would be better served by
retaining their existing system. Another agency official indicated that they have
retained an in-house labor distribution system as agency staff felt that the HRIS
labor distribution feature would be too cumbersome to use. However, this official
further reported that the agency is reviewing its business processes to be able
to use the full functionality of HRIS. Another state agency reports using Excel
software to maintain personnel data for reporting purposes as the report
generation feature within HRIS is too complex to operate. Finally, at least one
large state agency has indicated its intention to develop new in-house systems
at its own cost if HRIS cannot provide the functions that it needs.
State of Arizona
page 14
Some agencies
continue to use in-house
systems for
human resources
needs.
Department needs new plan for project’s completion
The Department should develop and implement a comprehensive plan for the
completion of the HRIS system and ensure adequate user participation in the plan’s
development and the system’s completion. In January 2005, the Department began
a strategic planning effort with the goal of developing a new plan, and it should
ensure that this plan identifies the remaining system features or user requests that
remain to be implemented, and the budget, staff resources, and calendar time
needed to fully implement the system. Additionally, consistent with industry best
practices, the Department should continue to facilitate user participation in the
project by involving users in project leadership and the establishment of plan
deliverables and priorities.
New plan needed to direct remaining project work—To help ensure that
the remaining features of the HRIS system and user requests for system features and
changes are fully implemented or otherwise appropriately addressed, the
Department should develop a plan to direct this effort. Prior to the project’s initiation,
a project plan was developed that specified the various functions to be implemented,
the goals and objectives of the project, the project budget and sources of funding,
the staff resources needed, and a time line for project completion. However, this plan
is outdated, and the Department needs to develop a new plan for completing HRIS
because development and implementation of the remaining system functions
continues to languish. In November 2004, the Department provided auditors with
various dates for testing, piloting, and/or implementing these functions. However, it
has missed some of these dates. For example, the Department reported that the first
phase of the hiring gateway was being piloted with implementation expected by
January-February 2005. This date was not met and Phase 1 of the hiring gateway
was implemented in April 2005. The Department expects to complete Phase 2 and
fully implement this component in July 2005. Additionally, the Department has yet to
determine when the data warehouse and employee/manager self-service functions
will be fully implemented.
In January 2005, the Department began a strategic planning effort to address the
future direction of HRIS and user requirements and requests for system changes.
Since holding this strategic planning session in January 2005, the HRIS executive
team has held additional meetings to determine its organizational capabilities,
identify the remaining work needed to complete HRIS, and address customer
requirements. This includes the remaining Phase 2 components and additional items
needed to reflect changes in the state’s personnel system or to upgrade HRIS.
Additionally, the Department has developed project plans for the completion of two
Phase 2 components, the hiring gateway, and employee self-service. For example,
the hiring gateway plan details the various steps, such as product review, testing, and
roll-out strategy and time frames that should be completed to implement this
component. In addition to these efforts, the Department should develop a
The Department has
missed Phase 2 project
milestones.
Office of the Auditor General
page 15
comprehensive plan that brings together these various planning efforts, to direct and
prioritize the remaining work needed to complete HRIS.
User participation should be continued—The Department should continue
to include and, where necessary, enhance user participation in system development
and implementation. Literature on information technology project development
strongly recommends user involvement at all phases of system development. The
Department has established the following project management structure for HRIS
development and implementation:
Executive Committee—Meets every other week to establish project policies and
direction. The committee consists of department assistant directors, the Director
of Arizona Government University, and the HRIS manager, and is chaired by the
HRIS project manager, who is also a department assistant director.
The State’s former chief information officer, in a November 2002 letter to the
Department’s director, criticized the lack of nondepartment members on the
HRIS Board of Directors (currently the executive committee). There are still no
users on the committee, and the Department has not established a documented
process to obtain and consider user input regarding project policies and
direction. However, according to the Department, it plans to involve users in the
development of a strategic plan for completing HRIS and in helping to establish
remaining project priorities.
Project Team—Performs the day-to-day work to support the design and
implementation of new functions or system changes and performs such tasks
as computer programming, testing, and training. Team members consist of
department employees and contractors. While there are no agency users on the
team, the Department has established and plans to continue to establish user
groups to plan for the rollout and testing of Phase 2 components. However, with
the exception of the hiring gateway, the Department does not follow a
documented process for soliciting user feedback on critical design issues and
decisions related to the continuing development of Phase 2 components and
prior to the testing and rollout of these components.
Change Control Board—Generally meets weekly to evaluate and approve
system change requests. The Board consists of several project team members,
one of whom acts as a facilitator. Although the Board has a process to formally
assess the impact of change requests and prioritize these requests, it does not
follow this process, nor do users have input regarding priorities. However, as
part of the strategic planning process that it began in January 2005, the
Department reports that it plans to meet with customers to assess and prioritize
their system needs and requirements. Additionally, the Department should
follow its process for formally assessing the impact of requested system
changes and for approving their implementation and priority on the list of items
awaiting action.
State of Arizona
page 16
User Task Force—This group comprises users from representative state
agencies that provide input and make recommendations on user-related issues
to HRIS project management. Members of this group were only committed to
serve from April 2004 to June 2004. While these members stayed on the task
force through its September 2004 meeting, from October 2004 through
December 2004, the task force did not meet because the Department reports
its resources were needed to implement system modifications. However, users’
willingness to continue participation on this task force had also diminished
because some of its recommendations had not been implemented. For
example, the task force recommended in June 2004 that improvements be
made to the self-directed help process and to the project’s process for reviewing
and prioritizing requests for system changes or fixes. According to HRIS project
management, these recommendations have not been implemented. After this
period of inactivity, the Department reconstituted the task force and it began
meeting again in January 2005.
Literature on information technology project development strongly recommends user
involvement in system development. For example, the United States General
Accountability Office Federal Information System Controls Audit Manual recommends
active user involvement throughout the system development process.1 Additionally,
Managing Information Technology Projects, a publication of the American
Management Association, states that there are several strategies for making
stakeholders feel they are a part of the project.2 Some of the most common
strategies for satisfying stakeholder requirements and answering their concerns are
actively involving them in the project, including them in project reviews, soliciting their
advice, and including them in major project strategy decisions. Finally, according to
the Handbook of EDP Auditing, “user involvement throughout the system
development life cycle helps to avoid developing systems that do not meet the user’s
needs, are inefficient, are not adequately controlled, and are not acceptable to, or
understandable by, operating level personnel.”3
Consistent with best practices, the Department should enhance user participation on
the HRIS project. Specifically, the Department should establish a process for
soliciting, considering, and taking action on user input regarding overall project
policy and direction, and follow through with its plans to involve users in the
development of a comprehensive plan to complete HRIS. Additionally, the
Department should establish a documented process by which the project team
obtains user participation and approval at critical project phases, such as application
design and acceptance testing.
The Department should
enhance user
participation on the
project.
1 United States Government Accountability Office. Accounting and Information Management Division. Federal Information
System Controls Audit Manual. Washington, D.C.: GAO, Jan. 1999.
2 Taylor, James. Managing Information Technology Projects: Applying Project Management Strategies to Software,
Hardware, and Integration Initiatives. New York: American Management Association, 2004.
3 Halper, Stanley D., Glenn C. David, P.J. O’Neil-Dunne, and Pamela R. Pfau. Handbook of EDP Auditing. Boston: Warren,
Gorham & Lamont, 1985.
Office of the Auditor General
page 17
User participation needed in design and testing—Once the executive
committee or change control board has approved a change or enhancement to
HRIS, user participation continues to be necessary for system design and testing.
User participation in system design reduces the risk that a project change will fail to
accommodate the users. Although the Department involved users in the early stages
of the HRIS system design and in the development of some Phase 2 features, the
Department has not involved users in the design of approved changes or
enhancements to the system.
User participation is also critical for system testing and acceptance. Typically,
information technology projects use a testing methodology to ensure a system
change or modification operates as designed. Such methodologies rely on system
users to perform testing and to sign off that the application is operating properly
before the change is introduced into the “live” processing environment. An
independent testing/quality assurance function is standard industry practice to add
independence to the process. However, the Department has recently identified some
concerns with its testing methodology. For example, the Department lacks a
formalized testing methodology and individual test plans, inadequately documents
test results, and has dedicated insufficient resources to ensure acceptance testing
processes are always followed. The Department has proposed various solutions to
address these concerns. Additionally, while users participated in acceptance testing
for Phase 1 of the system and the hiring gateway, users have not participated in
acceptance testing related to user requests for changes or enhancements to the
system. Members of the HRIS project team have performed and signed off on these
test results on the users’ behalf. Therefore, the Department should ensure that it
addresses the concerns with its testing methodology and that users participate in all
phases and at all levels of acceptance testing.
State of Arizona
page 18
Recommendations
1. The Department, in collaboration with the user community, should develop a
comprehensive plan to direct the completion of the HRIS system. This plan
should specify the goals and objectives for completing the project, and the
remaining functions to be implemented; and identify a process for addressing
user requests for system features and changes, and the funding, staff
resources, and time frames for completing the system’s remaining functions
and fully implementing the system.
2. The Department should follow its process for formally assessing the impact of
requested system changes and for approving their implementation and priority
on the list of items awaiting action.
3. The Department should continue to address the concerns with its acceptance
testing process, including developing a testing methodology, individual test
plans, and documenting test results.
4. The Department should enhance user participation in the HRIS project by:
a. Following through with its plans to involve users in the development of a
comprehensive plan to direct the completion of HRIS;
b. Establishing documented processes by which the executive committee
obtains, considers, and takes action on user input regarding overall project
policy, and by which the project team obtains user participation and
approval at critical project phases;
c. Including users in the process for prioritizing system changes; and
d. Involving users in all phases of system design and acceptance testing.
Office of the Auditor General
page 19
State of Arizona
page 20
Planned changes should improve procurement
oversight, but more can be done
The Department’s planned changes to state procurement practices provide a good
foundation for improving oversight, but they can be further enhanced. While Arizona
spends billions of dollars annually on purchased goods and
services, the Department has historically performed minimal
state-wide oversight as to the quality and appropriateness of
procurements. However, the Department’s Value in Procurement
(VIP) effort, with a focus on achieving cost savings through
contracts used by multiple agencies, should increase oversight
of these procurements. Additionally, the Department has
reorganized its procurement functions to place greater
emphasis on development of procurement policies and
oversight of state agency procurement activities. In conjunction
with these changes, the Department should develop policies for
contract administration and study methods to capture and
report basic data on state contracting activity.
Department’s procurement oversight has
been insufficient
Despite the billions of dollars that the State spends annually on
the purchase of goods and services, as well as a history of
documented problems in procurement, the Department has
performed minimal oversight of state agency procurement, and
its State Procurement Office (SPO) has served mainly as a state-wide
contracting center.1 Specifically, while the Department
1 In January 2005, the Department created a new program, Enterprise Procurement Services, which, in addition to several
new functions, performs the activities formerly performed by the State Procurement Office.
Office of the Auditor General
page 21
FINDING 2
Procurement encompasses the following
functions:
Planning—Includes needs assessment,
research of market conditions and
technological advancements, and gathering
financial information for cost-benefit and
other analyses.
Solicitation—Development and public
release of a document specifying the goods
or services sought.
Evaluation and Award—Process in which
bids or proposals are rated for quality and
ability to fulfill organizational needs.
Contract Development—Developing the
written legal agreement that specifies the
goods or services to be provided, price and
payment provisions, and vendor delivery
and performance requirements.
Contract Administration—Ensuring that
contract terms are met by the vendor from
award to close of contract.
delegates its procurement authority to several state agencies, it has performed little
or no oversight of these agencies’ procurement practices.
The cost of poor contracting—A significant portion of Arizona’s annual budget
is spent on the procurement of goods and services. While data is not available
regarding the total expenditures that the State makes through procurement, a
procurement official estimated that state, federal, and other funds expended under
contract exceeded $6 billion in 2003. The State Comptroller, who reviewed this
estimate, suggested that this figure appeared to be conservative. However, recent
Auditor General audits revealed that poorly planned and executed procurements
have occurred and may have led to significant loss or waste of taxpayer money. For
example:
A January 2003 Auditor General report found that the Government Information
Technology Agency entered into a $30.6 million dollar contract without using
procedures to ensure the contract was necessary or reasonable (see Report No.
03-01). The procurement had multiple problems, including a lack of funding,
planning, stakeholder input, legal review, and contract management provisions.
A 2001 Auditor General report found that the Department of Corrections’ poor
planning and contract management led to a cost overrun of $5.8 million on an
information system contract, over twice the $2.5 million budgeted (see Report
No. 01-18).
Department has performed few oversight functions—Despite the
potential costs of poor procurement practices, the Department has performed little
oversight of state agency procurement activities. The Department’s State
Procurement Office had primarily functioned as a state-wide contracting center,
conducting procurements of state-wide goods and services and agency-specific
procurements. The majority of SPO staff, 15 of its 25 filled positions, performed or
supported direct contracting activities. In addition to the contracting activities, SPO
provided some oversight, including offering procurement training; reviewing
agencies’ use of sole source and emergency procurements that are not
competitively bid; and reviewing agencies’ procurement policies, practices, and staff
credentials prior to granting increased delegation authority.
What oversight SPO provided was limited and had significant gaps. For example,
statute designates the department director as the central procurement officer for the
State, responsible for procuring or supervising the procurement of all materials,
services, and construction needed by the State. According to statute, the department
director can delegate procurement authority to state agencies. While SPO would
conduct a review of an agency’s procurement policies, practices, and staff
credentials prior to increasing the agency’s delegated authority, many of the State’s
largest agencies have never been reviewed. Instead, according to a SPO
administrator, 12 of these agencies have had unlimited authority since the current
State of Arizona
page 22
procurement code was adopted in 1985. As of November 2004, 20 state agencies
have delegated authority of $100,000 or more to procure goods and services (see
text box).1 Fourteen of these 20 agencies have unlimited authority and can enter into
multi-million dollar contracts without outside review or approval.
Procurement reforms will help improve
oversight
Arizona has identified procurement as an area for government
reform. Through its Value in Procurement (VIP) effort, the
Department and the state agency procurement community
have designed a new model for state contracting that will
increase the number of multi-agency procurements. In
addition to planned cost savings, this model should also
increase oversight.
New model better leverages State’s purchasing
power—The Governor’s Efficiency Review (ER) identified
procurement as a major area for state-wide reform.
Specifically, it identified the fact that the State could realize
savings if state agencies purchased collectively, leveraging
state purchasing volume to attain reduced pricing. For
example, instead of many individual agencies contracting for
the same goods or services, such as janitorial supplies or
financial services, the ER recommended that state agencies
should procure collectively, benefiting from the price
discounts that would result from higher purchase volumes. In
response to this recommendation, the Department and
procurement officers from state agencies began the Value in
Procurement effort in July 2004. The VIP team has developed a
new model for state contracting in which one state agency will serve as the strategic
contracting center for the procurement of a particular good or service. Other state
agencies that need this good or service will then rely on the contract. The Department
has estimated savings of $29 million to $34 million in fiscal year 2006 in state, federal,
and other funds from using this procurement approach. Table 4 (see page 24)
provides examples of several of the first state-wide contracts to be awarded under
the new model.
New contracting model should increase oversight—Because the model
increases the number of contracts used by multiple state agencies, it should provide
increased visibility for contracts previously developed in isolation. Specifically, since
the contracting agency will need to accommodate the needs of multiple agencies,
state agencies will work collaboratively under the new model, overseeing one another
The Department is
implementing a new
procurement model.
The Department has not
reviewed procurement
practices of several
state agencies with
unlimited procurement
authority.
1 Most other state agencies have delegation authority of either $10,000 or $35,000 and must have SPO conduct any
procurements exceeding these amounts. Some state agencies are exempt from the state procurement code and
department authority, including the universities and legislative agencies.
Office of the Auditor General
page 23
Agencies Delegated Procurement Authority of
$100,000 or Higher
Delegation Amount—Unlimited
Administration, Department of
Arizona Health Care Cost Containment
System
Commerce, Department of
Corrections, Department of
Economic Security, Department of
Emergency and Military Affairs,
Department of
Environmental Quality, Department of
Game and Fish Department
Health Services, Department of
Juvenile Corrections, Department of
Parks Board, Arizona State
Public Safety, Department of
School Facilities Board
Transportation, Department of
Delegation Amount—$250,000
Education, Department of
Retirement System, Arizona State
Veterans’ Services, Arizona
Department of
Delegation Amount—$100,000
Coliseum & Exposition Center
Lottery, Arizona State
Revenue, Department of
and increasing the likelihood that procurement best practices will be used. For
example:
The planning and needs assessment phase of a procurement is unlikely to be
omitted since other agencies’ requirements must be considered. Procurement
officers auditors interviewed indicated that currently this phase of procurement
may be abbreviated or dropped due to time constraints and workload
pressures.
Evaluations of contract proposals are likely to be conducted by procurement
representatives of multiple agencies. Because the procurement representatives
from the various agencies may scrutinize proposals more carefully to ensure
their own agency requirements are met, the evaluation process may improve
overall—better ensuring that proposals meet the specified requirements and
provide the best value for the State.
Reorganization will increase oversight
In addition to changing the way state agencies perform procurements the
Department has reorganized its procurement organization to enhance its oversight
role. Specifically, in January 2005, the Department established a new procurement
program, Enterprise Procurement Services, that includes an oversight group that will
issue a policy and procedure manual to guide procurement activities and conduct
regular reviews of the procurement practices of agencies with high levels of
State of Arizona
page 24
Table 4: Examples of Planned Procurements
As of April 2005
Strategic Contracting Center
Item
Other Agencies
Using Contract
Estimated
Award Date
Department of Commerce Grant writing services All agencies needing the service
Complete
Department of Transportation Automotive parts Departments of Administration,
Corrections, and Game and Fish
Complete
Arizona Health Care Cost
Containment System
Physician services Departments of Corrections,
Economic Security, and
Health Services
July 2005
Department of Administration
Commercial flooring All agencies needing flooring August 2005
Source: Auditor General staff analysis of information provided by the Arizona Department of Administration and the Value in
Procurement strategic contracting center committee.
delegated procurement authority. Further, proposed administrative rule revisions will
increase oversight of agency procurements.
Department created oversight unit—As part of the VIP planning effort, the
Department formed several committees to review possible improvements to state
procurement. One of these committees reviewed the role and functions of SPO and
recommended its reorganization, including an increased focus on procurement
oversight. In the new organization, Enterprise Procurement Services will consist of an
operational group and a policy and oversight group. The operational group will
conduct agency-specific procurements and serve as the strategic contracting center
for several types of purchases, such as office supplies and information technology.
The oversight group will include a best practice and compliance unit that will focus
on oversight of state agency procurement activities. According to department plans,
this unit will have a staff of three with a manager. While these plans were not
formulated in time to be reflected in the Department’s fiscal year 2006 budget
request, the Department has identified options to fund three of the four positions
internally, with funding for the fourth position to be part of the fiscal year 2007 budget
request.
Plans for state-wide policy and procedure manual—One of the
responsibilities of the best practice and compliance unit will be to develop a policy
and procedure manual. The Department can improve oversight and foster more
consistent procurement practices among state agencies by developing an internal
procedure manual for use by procurement staff state-wide. Contracting personnel in
both SPO and state agencies expressed the need for such a manual. Although the
State Procurement Code and the State of Arizona Accounting Manual detail the legal
and regulatory requirements for procurement, neither provide contracting personnel
with detailed instructions on how to conduct key procurement processes. For
example, a procedure manual could provide guidance on whether a particular
procurement requires a needs assessment and/or market research prior to
solicitation. It could also provide guidance on the development of the scope of work,
which is the primary description of the goods and services upon which a vendor
constructs a bid or proposal. Likewise, the procedure manual should detail how to
develop and document a methodology to evaluate vendor proposals and provide
examples of evaluation methodologies for different types of procurements, such as
human services or information technology.
Other states that auditors reviewed had detailed manuals of this type available
through their Web sites.1 For example, the State of Washington’s procurement
manual includes a chapter discussing best practices in key procurement processes.
Further, the National Association of State Procurement Officials identifies the
The planned policy and
procedure manual
should provide needed
guidance to state
agencies.
The Department plans
to increase oversight of
state agency
procurement activities.
1 California, Florida, and Washington were selected for review because these states, similar to Arizona, delegate
procurement authority to various agencies and are implementing procurement improvements or reform efforts.
Office of the Auditor General
page 25
publication of both a policy manual and an internal procedure manual as a
responsibility of the central purchasing authority.1
Conducting reviews of agency procurements and contracts—The
Department also plans to conduct best practice reviews of agency procurements,
focusing on agencies with high and unlimited delegated authority. As of December
2004, the Department had not yet defined what these reviews would encompass, but
they might examine such things as whether solicitations generated a sufficient
number of qualified bidders, whether proposal evaluation criteria was appropriate
and fair, and whether vendor evaluation mechanisms were established in the
contract. According to the State Procurement Administrator, each of the 20 agencies
with delegated authority of $100,000 or more could undergo a review every 3 years.
The administrator indicated that existing compliance reviews conducted by the
Department’s General Accounting Office (GAO) and the Auditor General provide an
appropriate level of oversight for the other agencies.2 However, these reviews focus
only on legal compliance and do not consider such factors as procurement value,
quality, and use of best practices. Therefore, as time and resources permit, the
Department should develop a plan for conducting reviews of a random sample of
procurements annually to assess these additional, important factors. This would
enable the Department to review whether the procurement activities of other state
agencies are following best practices as well.
Providing public notice of noncompetitive procurements—The
Department, with the assistance of several agency procurement officers, is
completing a second draft of administrative rule revisions for submission to the
Governor’s Regulatory Review Commission in April 2005. As part of this rule revision
package, the Department has proposed a requirement that the State post planned
sole-source procurements on the Enterprise Procurement Services Web site for 5
days prior to awarding a contract, making them available for public and vendor
review prior to proceeding with the sole-source procurement. Sole-source
procurements are those where a single vendor has been identified to provide the
good or service and therefore, will not be competitively bid. However, by requiring
that these planned sole-source procurements be posted on the Web site prior to
award, additional vendors may be identified, which might result in a competitive
procurement process. In effect, this rule revision offers the opportunity for greater
oversight of sole-source procurements to help ensure they are justified and that other
vendors do not exist that can potentially provide the requested good or service.
The federal government, Florida, and California require public notification of sole-source
procurements. In fact, a purchasing official from California expressed the
belief that agencies were less likely to conduct unjustified, noncompetitive
procurements if required to publicly post the procurement.
The Department plans
to require proposed
sole-source
procurements to be
posted on its Web site
prior to award.
1 The National Association of State Procurement Officials. State and Local Government Purchasing Principles and
Practices, 5th edition Lexington: The National Association of State Procurement Officials, 2001.
2 Both GAO and the Auditor General conduct procedural compliance reviews of state agency procurements on a multi-year
review schedule.
State of Arizona
page 26
Additional oversight mechanisms can benefit state
procurement
In addition to its plans for improved oversight, the Department should take other
steps to better oversee state-wide procurement. These steps include issuing
guidelines on contract administration practices and exploring various options for
capturing and using data on state-wide procurement and contracting activity.
Policies and procedures should address contract administration—
State procurement practices lack proper emphasis on contract administration.
Procurement staff and officials auditors interviewed identified contract administration
as a particularly weak area in state procurement. Contract administration or
management refers to the task of ensuring that contractors deliver the contracted
goods and/or services within the specified time frame. For the purchase of certain
commodity items, contract administration may be straightforward and may not
consume significant staff hours. In contrast, the contract administration responsibility
for a $30 million information system contract may be much more complex and time
consuming. However, neither the procurement code nor the few policies SPO has
issued in the past provide guidance to state agencies for appropriate oversight and
administration of their contracts. As a result, multi-million dollar state contracts may
have few or no established procedures for contract management to help ensure that
vendors satisfy the contract’s terms and conditions.
The state of Florida and the federal government have various requirements for
contract administration. Specifically, Florida statute requires that contracts for
services have appointed contract managers. In Arizona, improved contract
administration might lead to cost savings for the State. For example, in 2002 and
2003, the Department identified that the State was over-billed by more than $2 million
under its telecommunication contracts with Qwest and AT & T. While the Department
reports that it has recovered these monies, inadequate contract administration—
specifically, not reviewing vendor billings against contract terms and pricing—led to
this problem.
Therefore, as part of its development of a state-wide policy and procedure manual,
the Department should also develop appropriate policies, procedures, and/or
guidelines for contract administration. In doing so, the Department should consider
defining the duties of a contract administrator; developing appropriate contract
language for the scope of work and deliverables to facilitate contract administration;
how vendor performance should be evaluated and shared with other agencies; and
a possible requirement that contracts exceeding a certain dollar amount have an
appointed contract administrator, possibly depending on the complexity or dollar
amount of the contract.
Greater emphasis is
needed on contract
administration.
Office of the Auditor General
page 27
Study alternatives for compiling contracting data—The Department lacks
basic information needed to oversee and gauge improvement in state procurement
activities. For example, the Department does not collect information related to how
much the State spends each year under contract, the number of contracts that each
state agency has entered into, the volume of transactions and dollars spent in various
categories of goods and services and how this changes from year to year, the
number of contracts procured competitively and noncompetitively, and the amount
of state investment in procurement and contracting activities.
Although the Department’s Arizona Financial Information System (AFIS) is capable of
capturing the information needed to track contracting activity, the system has not
been used for this purpose; consequently, agency business processes are not in
place to support this use. For example, most state agencies do not have business
processes in place to set up contracts on AFIS, and then tie the payments to a
contract number.
Because data on contracting activity is critical to assessing and analyzing state
procurement practices, the Department should study the costs and benefits of
different methods to obtain data, two of which are discussed below.
Use AFIS to capture contract data—While AFIS has the capability to capture
contracts and link vendor payments to the appropriate contract, it may be costly
for the State’s large agencies, such as the Departments of Transportation and
Economic Security, which only submit summary financial data to AFIS, to set up
all their contracts in this system. Smaller state agencies, on the other hand, may
be able to use AFIS. The Department could consider requiring those agencies
with independent financial systems to report on their contracting activity, while
using AFIS to capture contract data for other agencies. However, according to
AFIS system administration, there would be several costs associated with
implementing the contracting capabilities in AFIS, such as developing system
edits and a statewide contract numbering scheme, testing AFIS contracting
capabilities, and developing new software programs to extract contract activity
reports.
Integrate purchasing system with AFIS replacement—The Department plans to
conduct a study to evaluate the State’s current capabilities and long-term needs
for state-wide financial computer systems. According to the State Comptroller,
this study will consider a replacement for AFIS and other major agency financial
computer systems. The capability to collect and report contracting data and
information will also be considered. Some department officials have indicated
that a new purchasing system should be a component of a new financial
system, as opposed to a separate information system that would require
subsequent integration with a financial/accounting system. The Department
plans to study these issues during 2005 and present study results to the
Legislature in fiscal year 2006.
The Department should
explore options for
collecting contracting
data.
State of Arizona
page 28
Recommendations
1. The Department should continue with its plans to develop and implement a
state-wide procurement policy and procedure manual that will not only contain
policies and procedures for procurement within Arizona’s regulatory framework,
but also provide guidance and examples of best practices in key procurement
processes.
2. The Department should continue with its plans to implement a process, policies,
and procedures for conducting reviews at least once every 3 years of the
procurement practices of state agencies with delegated procurement authority
of $100,000 or more.
3. In conjunction with its reviews of state agency procurement practices and as
time and resources permit, the Department should annually review a random
sample of individual procurements.
4. As part of its effort to develop a procurement policies and procedures manual,
the Department should develop and implement policies, procedures, and/or
guidelines for contract administration.
5. The Department should conduct a cost-benefit study of various options to
determine the best approach for collecting and analyzing needed data on state
contracting activities. Potential options for study include:
a. Using the current capability that exists on the Arizona Financial Information
System (AFIS) to collect basic contracting information.
b. Identifying a new financial/accounting system to replace AFIS that has a
procurement/contracting component with the ability to collect the desired
contracting data.
Office of the Auditor General
page 29
State of Arizona
page 30
Department can improve its workers’
compensation claims process
The Department can improve its workers’ compensation claims process to help
ensure that state employees who are injured while at work promptly receive benefits.
The Department, through its workers’ compensation unit in the Risk Management
Office, is responsible for processing workers’ compensation claims and determining
eligibility for benefits. However, injured workers may experience delayed benefits
because they do not fully understand their responsibilities for filing a claim. To reduce
delays, Risk Management should better educate workers about the workers’
compensation claims process. Other changes to Risk Management policies and
procedures for claim processing and supervisory review may further reduce delays
and help ensure that claims are appropriately processed.
Workers’ compensation claims process
The State of Arizona provides benefits to state
employees for injuries arising out of and in the
course of employment. The State provides this
coverage through self-insurance and paid $19.2
million for workers’ compensation claims during
fiscal year 2004, covering the costs of medical
treatment and lost wages for injuries incurred by
state employees with work-related injuries.
Table 5 illustrates the number of claims
submitted and dollar amount of claims paid in
fiscal year 2004.
The Risk Management Workers’ Compensation
Unit administers claims according to laws
governing both public and private employers
Office of the Auditor General
page 31
FINDING 3
Table 5: Workers’ Compensation Claims and Payments
For the Year Ended June 30, 2004
Type of Claim
Number of
Claims Submitted
Payments
in Millions1
Medical only 2,628 $ 2.3
Wage loss and medical 448 11.2
Long-term care 25 5.6
1 These are the payments made during the year, regardless of when the claim was
submitted.
Source: Auditor General staff analysis of the fiscal year 2004 workers’ compensation
frequency and severity table prepared by Risk Management.
and rules and regulations established by the Industrial Commission of Arizona
(Commission). As prescribed by A.R.S. §23-1061(A), a workers’ compensation claim
must be filed with the Commission by the employee, or if resulting in death, by the
parties entitled to compensation, within 1 year after the injury occurred or the right to
the claim occurred. A claim is filed either through an employee’s report of injury or a
physician’s report of injury documenting treatment of a work-related injury. Upon
receiving a workers’ compensation claim, the Commission will notify Risk
Management, which has to accept or deny the claim within 21 days of the
Commission’s notification. If Risk Management fails to deny a claim within 21 days,
an injured worker is entitled to immediate compensation as if the claim was
approved. State employees often notify Risk Management when an injury occurs,
making Risk Management aware of many upcoming claims even before they are
filed with the Commission. Prior to accepting a claim, an investigation is typically
needed to determine the cause and severity of the injury and its relationship to the
course and scope of the employee’s job. Risk Management can begin processing a
claim before receiving notification from the Commission. The employee can reopen
a workers’ compensation claims at any time if there has been a change in the
employee’s medical condition relating to the claim.
Risk Management processes two categories of claims: (1) medical-only that request
payment for all authorized medical care required to treat a work-related injury or
illness, and (2) time-loss that request payment for medical care and lost wages that
resulted from the injury or illness. An employee is entitled to payment for lost wages
if more than 7 days are missed from work due to the injury.
Risk Management could better communicate claim
requirements
Although Risk Management meets the statutory time frame for processing claims, it
can better serve state employees by improving its communication of claim filing and
processing requirements. Specifically, injured state employees may be unaware of
their responsibilities for filing a claim with the Commission and can therefore
experience delays in receiving claim benefits. To resolve this problem, Risk
Management should better communicate the claims filing process, employees’
rights and obligations, and other information to state employees to help ensure that
benefits are promptly processed.
Injured workers may experience delays in claims payment—Even
though Risk Management meets the 21-day requirement for processing claims,
meeting this standard is not an effective measure of the total time that elapses
between an employee’s injury and Risk Management’s decision. Auditors reviewed
a random sample of 43 workers’ compensation claims submitted to Risk
State of Arizona
page 32
Management during fiscal year 2004. Risk Management accepted or denied 35 of
these claims within 21 days of receiving notification from the Commission. Risk
Management processed the remaining 8 claims without receiving Commission
notification.
However, considering the total time between an employee’s injury and Risk
Management’s acceptance or denial of the claim, the results can be much different.
Although statute requires the injured state employee to file a claim with the
Commission, state employees may be unaware of the requirement, or some may rely
on their physician to file an injury report with the Commission. As a result, weeks and
even months could elapse between the time the injury occurs and the claim is
formally filed. Because state employees often notify Risk Management when an injury
occurs, Risk Management knew about all 35 claims prior to receiving formal
notification from the Commission. For 17 of the 35 claims, Risk Management was
aware of the injury at least 3 weeks before receiving the Commission’s notification.
While Risk Management actually reviewed and approved 6 of these 17 claims prior
to receiving the notification, it took between 32 and 145 days for Risk Management
to either approve or deny the other 11 claims from the date they were initially made
aware of the injury.
Finally, even though injured employees may rely on their treating physician to notify
the Commission, physicians are not reporting treatment of injured state employees
to the Commission as required. According to administrative rule, the physician must
submit a report of injury to the Commission within 8 days of treatment. However,
auditor review of the 43 claims found that this requirement was met for only 8 of 39
claims where physicians submitted reports.
Communication can improve benefit timeliness—Risk management can
prevent unnecessary benefit delays by improving communication with injured
employees. Risk Management has established an automated telephone number and
Web site to facilitate the reporting of work-related injuries. However, while the Web site
provides information related to workers’ compensation claim benefits, it provides
limited and somewhat difficult-to-find instructions on how to file a claim and the need
to report work-related injuries to the Commission. Additionally, Risk Management’s
automated phone system does not provide instructions to employees on how to
proceed with a claim.
Risk Management should take steps to ensure injured employees clearly understand
the workers’ compensation claims process and their rights and responsibilities in this
process. Specifically, through its automated phone system and Web site, Risk
Management should clearly explain the workers’ compensation claims process,
actions that injured employees are required to take to file a claim, and the information
and reports that Risk Management needs to process a claim. For example, the
automated phone system could inform the injured employee that while Risk
Management will take a report of injury, the employee must file a claim with the
Risk Management
should better inform
injured employees of
their rights and
responsibilities.
Risk Management is
often aware of claims
before receiving the
Commission’s
notification.
Office of the Auditor General
page 33
Industrial Commission and that it is the employee’s responsibility to ensure that his
or her physician submits a report of injury to the Commission. Similarly, Risk
Management’s Web site should inform the injured employee of the importance of
filling out a report of injury when treated by a physician, requesting that the physician
immediately send reports to the Industrial Commission and Risk Management,
asking all providers to send reports to Risk Management, and keeping adjusters
informed of their work status.
The State Compensation Fund of Arizona, which is the largest provider of workers’
compensation insurance in the State, uses its Web site to describe the claims filing
process and how an injured employee can help process his/her claim in a prompt
manner. The Fund’s Web site also provides additional information that will help the
employee facilitate the claims process, such as instructions for the employee to sign
his/her name as it appears on the payroll check, requesting that physicians
immediately send required reports to the Commission, and keeping adjusters
informed of their current mailing address.
Additionally, as of March 1, 2005, Risk Management established and filled a
customer relations coordinator position. In addition to other responsibilities, this
position will serve as the central point of contact for providing information to and
responding to questions from state employees and agencies.
Enhanced policies and procedures should aid claims
processing
Enhanced policies and procedures for processing workers’ compensation claims
should also help ensure that benefits are provided in a timely manner and help
ensure more effective use of resources. While Risk Management recently adopted
policies and procedures for its workers’ compensation claims process, it should
establish an additional procedure to promptly identify injured employees who have
missed more than 7 days of work and monitor its revised supervisory review policies.
Risk Management should also take steps to help ensure state agencies provide
information on injured employees within the required time frame. Finally, Risk
Management can better monitor the claims process by improving its data and
developing additional management reports.
Newly adopted claims procedures need further revisions—In April
2005, Risk Management finalized and adopted policies and procedures for its
workers’ compensation claims process. Although these have been finalized, Risk
Management should adopt procedures for promptly identifying time-loss claims, and
should monitor the implementation of its revised supervisory review procedures.
Specifically:
State of Arizona
page 34
Promptly identifying time-loss claims—Risk Management can better serve
injured employees by adopting procedures to promptly identify time-loss claims.
During the audit, Risk Management revised the questions it asks injured
employees when they report an injury. Specifically, injured employees are
prompted to call another telephone number if they have missed or anticipate
missing more than 7 work days. However, since reports are usually made shortly
after
Object Description
| Rating | |
| TITLE | Performance audit, Department of Administration, Financial Services Division |
| CREATOR | Office of the Auditor General |
| SUBJECT | Arizona--Department of Administration--Financial Services Division--Auditing; |
| Browse Topic |
Government and politics |
| DESCRIPTION | This title contains one or more publications |
| Language | English |
| Publisher | Office of the Auditor General |
| Material Collection | State Documents |
| Acquisition Note | Report No. 05-02 |
| Source Identifier | LG 6.2:R 36 |
| Location | o60787070 |
| REPOSITORY | Arizona State Library, Archives and Public Records--Law and Research Library |
Description
| TITLE | Performance audit, Department of Administration, Financial Services Division |
| DESCRIPTION | 70 pages (PDF version). File size: 634 KB |
| TYPE |
Text |
| Acquisition Note | Report No. 05-02 |
| RIGHTS MANAGEMENT | Copyright to this resource is held by the creating agency and is provided here for educational purposes only. It may not be downloaded, reproduced or distributed in any format without written permission of the creating agency. Any attempt to circumvent the access controls placed on this file is a violation of United States and international copyright laws, and is subject to criminal prosecution. |
| DATE ORIGINAL | 2005-06 |
| Time Period |
2000s (2000-2009) |
| ORIGINAL FORMAT | Born Digital |
| Source Identifier | LG 6.2:R 36 |
| Location | o60787070 |
| DIGITAL IDENTIFIER | 05-02.pdf |
| DIGITAL FORMAT | PDF (Portable Document Format) |
| REPOSITORY | Arizona State Library, Archives and Public Records--Law and Research Library. |
| File Size | 648933 Bytes |
| Full Text | Performance Audit Department of Administration– Financial Services Division Performance Audit Division Debra K. Davenport Auditor General JUNE • 2005 REPORT NO. 05 –02 A REPORT TO THE ARIZONA LEGISLATURE The Auditor General is appointed by the Joint Legislative Audit Committee, a bipartisan committee composed of five senators and five representatives. Her mission is to provide independent and impartial information and specific recommendations to improve the operations of state and local government entities. To this end, she provides financial audits and accounting services to the State and political subdivisions, investigates possible misuse of public monies, and conducts performance audits of school districts, state agencies, and the programs they administer. The Joint Legislative Audit Committee Senator Robert Blendu, Chair Representative Laura Knaperek, Vice Chair Senator Carolyn Allen Representative Tom Boone Senator Gabrielle Giffords Representative Ted Downing Senator John Huppenthal Representative Pete Rios Senator Harry Mitchell Representative Steve Yarbrough Senator Ken Bennett (ex-officio) Representative Jim Weiers (ex-officio) Audit Staff Melanie Chesney, Director Dale Chapman, Manager and Contact Person Allan Friedman Elizabeth Shoemaker Copies of the Auditor General’s reports are free. You may request them by contacting us at: Office of the Auditor General 2910 N. 44th Street, Suite 410 • Phoenix, AZ 85018 • (602) 553-0333 Additionally, many of our reports can be found in electronic format at: www.auditorgen.state.az.us 2910 NORTH 44th STREET • SUITE 410 • PHOENIX, ARIZONA 85018 • (602) 553-0333 • FAX (602) 553-0051 DEBRA K. DAVENPORT, CPA AUDITOR GENERAL STATE OF ARIZONA OFFICE OF THE AUDITOR GENERAL WILLIAM THOMSON DEPUTY AUDITOR GENERAL June 13, 2005 Members of the Arizona Legislature The Honorable Janet Napolitano, Governor Ms. Betsey Bayless, Director Arizona Department of Administration Transmitted herewith is a report of the Auditor General, A Performance Audit of the Department of Administration—Financial Services Division. This report is in response to a November 20, 2002, resolution of the Joint Legislative Audit Committee. The performance audit was conducted as part of the sunset review process prescribed in Arizona Revised Statutes §41-2951 et seq. I am also transmitting with this report a copy of the Report Highlights for this audit to provide a quick summary for your convenience. As outlined in its response, the Department of Administration agrees with all of the findings and plans to implement or implement in a different manner all of the recommendations. My staff and I will be pleased to discuss or clarify items in the report. This report will be released to the public on June 14, 2005. Sincerely, Debbie Davenport Auditor General Enclosure Services: The General Accounting Office, one of three programs within the Department of Administration's Financial Services Division, provides a variety of services and fulfills several responsibilities through the following units: Central Services Bureau—Provides a variety of budget preparation and monitoring, bookkeep-ing, and reporting and consulting services to small- and medium-sized state agencies on a fee-for-service basis. Federal—Negotiates and monitors federal issues affecting the State, including developing federal reporting policies and procedures, coordinating the State-wide Single Audit, and preparing the State-wide Cost Allocation Plan. Appropriations—Administers state-wide appro-priation and allotment transactions, prepares and distributes the state cash basis Annual Financial Report, and approves and monitors agency revolving funds. Financial Accounting—Prepares the audited State-wide Comprehensive Annual Financial Report (CAFR) and provides technical assis-tance to state agencies regarding accounting issues pertaining to financial statement reporting and for the processing of fixed assets on the state-wide accounting system. Audit, Policy, and Compliance—Coordinates the development and distribution of state-wide accounting policies and procedures; maintains security for the state-wide accounting system (AFIS); and performs procedural, compliance, and special reviews of state agencies. Central Payroll and State’s Retiree Accumulated Sick Leave (RASL)—Coordinates payroll for state employees, jointly administers the Human Resource Solution (HRIS) system with the Human Resource Division, and administers, reports, and accounts for the RASL program, which provides an incentive for state employees who retire from state service with 500 hours or more of accumulated sick leave. Support Services—Provides logistical and administrative support to GAO units, and signs and distributes state payments. PROGRAM FACT SHEET Arizona Department of Administration—Financial Services Division General Accounting Office (GAO) Office of the Auditor General Program revenue: $16.32 million (fiscal year 2005, estimated) Program staffing: 68 positions with 10 vacancies as of March 1, 2005 $0.00 $2.00 $4.00 $6.00 $8.00 $10.00 $12.00 $14.00 $16.00 $18.00 FY 2003 FY 2004 FY 2005 (estimated) Millions of Dollars State General Fund Charges for Services Miscellaneous Arizona Financial Information System—16 (3 vacancies) Federal, Appropriations, Central Services Bureau—12 (3 vacancies) Central Payroll and RASL—11 (2 vacancies) Audit, Policy, and Compliance—10 (1 vacancy) Support Services—7 (0 vacancies) Administration—6 (1 vacancy) Financial Reporting—6 (0 vacancies) Arizona Financial Information System—Maintains AFIS, including assisting state agen-cies in AFIS understanding and problem resolutions, coordinating AFIS enhancements, maintaining the State’s vendor file, and performing various system reconciliations. Facilities and equipment: GAO occupies 22,049 square feet of office space in the Department’s building at 100 North 15th Avenue in Phoenix. The Department leases this building under the PLTO (private lease-to-own) program and during fiscal year 2005, was scheduled to pay approximately $2.6 million in rent for the entire building. This amount increases annually until fiscal year 2027, when the Department is scheduled to make rent payments of $4.46 million for this building. GAO’s equipment includes typical office equipment. Mission: To provide state and federal agencies, the general public, and other interested public and private entities with accurate, timely financial services, management information, technical assistance while assuring compliance with related statutes and rules; to maintain and improve the statewide automated financial systems; and to provide for the safeguarding of state assets. Program goals: 1. To deliver customer service second to none. 2. To attract and retain a high-performance team of employees. 3. To aggressively pursue innovative solutions and/or opportunities. Adequacy of goals and performance measures: GAO has delivered a variety of performance measures that are generally in line with its goals, including output, outcome, and efficiency measures. However, it could benefit from additional goals and performance measures that would provide more information on its many activities. For example, GAO should consider establishing specific goals that reflect the numerous services it provides to state agencies and the various functions it performs. These might include goals regarding the financial and accounting services it provides to state agencies, its responsibilities for financial reporting, and its responsibilities for processing state employee payroll and state pay-ments. Once it establishes these goals, GAO could develop additional measures, such as the number of requests its receives and fulfills for financial and accounting services, to better reflect its many activities. Additionally, the Department should consider establishing a goal and associated performance measures to report information related to the number and types of reviews or audits of state agencies it conducts each year and whether agencies implement the recommendations made as part of these audits. Source: Auditor General staff compilation of unaudited information obtained from the Arizona Financial Information System (AFIS) for the years ended June 30, 2003 and 2004; Master List of State Government Programs; and other information provided by the Department, including financial estimates for the year ending June 30, 2005. State of Arizona Services: Enterprise Procurement Services (EPS) was created in January 2005 as a new program within the Department of Administration’s Financial Services Division. In addition to providing several new functions, EPS performs the functions previously provided by the State Procurement Office. These various functions are performed through the following units: Communications—Coordinates communications on procurement contracts and status, procurement policies and best practices, emerging issues, public information, and other data to procure-ment officers, customers, political subdivisions, and citizens. Compliance—Conducts delegation reviews and oversight of procurement authority delegated to state agencies, conducts agency procurement perform-ance reviews, identifies and educates state agencies regarding procurement best practices, and prepares policies and procedures. Enterprise Systems—Works with state agencies and political subdivisions to provide access to the EPS Web site and automated procurement systems. MRO and Construction—Coordinates and conducts strategic sourcing for building maintenance, repair, and operations (MRO); contracts in coordination with state agencies; and contracts for building construc-tion contracting services. Procurement Service Center—Conducts strategic sourcing and procurement functions for agencies not designated as strategic contracting centers. Strategic Contracts—Provides centralized procure-ment services for specific state-wide contracts such as office supplies, furniture, and information technol-ogy. Training—Provides procurement training and over-sight of professional certification programs, and pro-vides procurement standards to enable political sub-divisions to award and administer state-wide con-tracts. Facilities and equipment: Enterprise Procurement Services occupies 8,914 square feet of office space in the Department’s building at 100 North 15th Avenue in Phoenix. The Department leases this build- PROGRAM FACT SHEET Arizona Department of Administration—Financial Services Division Enterprise Procurement Services Administration—9 (1 vacancy) Strategic Contracts—6 (1 vacancy) Enterprise Systems—5 (0 vacancies) Procurement Service Center—5 (2 vacancies) MRO and Construction—4 (1 vacancy) Compliance—2 (0 vacancies) Training—2 (0 vacancies) Communications—1 (1 vacancy) Program revenue: $2.02 million (fiscal year 2005, estimated) Program staffing: 34 positions with 6 vacancies as of March 1, 2005 Office of the Auditor General $0.00 $0.50 $1.00 $1.50 $2.00 $2.50 FY 2003 FY 2004 FY 2005 (estimated) Millions of Dollars State General Fund Charges for Services Miscellaneous ing under the PLTO (private lease-to-own) program and during fiscal year 2005 was scheduled to pay approximately $2.6 million in rent for the entire building. This amount increases annually until fiscal year 2027, when the Department is scheduled to make rent payments of $4.46 million for this building. Enterprise Procurement Service’s equipment includes typical office equipment. Mission: One procurement community, consistently seeking best value procurement solutions for cus-tomers through innovation. Program goals: 1. To deliver customer service second to none. 2. To aggressively pursue innovative solutions and/or opportunities. Adequacy of goals and performance measures: The following discussion of performance measures pertains to the measures that were used by the State Procurement Office (SPO). At the time of this audit, EPS had not revised or expanded these performance measures. SPO’s performance measures included measures that reflect the timeliness of procurement services and customer (state agency management) satisfaction with the procurement services provided by its staff. However, EPS could develop a more compre-hensive set of measures of its activities by adding input and output measures, such as the num-ber of agency-specific procurements conducted and the number of state-wide procurements awarded by EPS staff. Additionally, as EPS broadens its policy and oversight role, it should develop measures to reflect these activities. For example, it might report the number of policies and/or procedures issued, the number of agency reviews conducted, the outcomes of these reviews, and whether state agencies implement the recommendations made as part of these reviews. Further, when EPS determines and implements mechanisms to capture and report data on state-wide procurement activity, it should develop performance measures to report such data. For example, it could develop measures to report the annual number and estimated dollar volume of contract awards, the dollars spent under contract, the percentage of total procurements awarded by strategic con-tracting centers, and other measures reflecting the procurement activity and outcomes for the State as a whole. Source: Auditor General staff compilation of unaudited information obtained from the Arizona Financial Information System (AFIS) for the years ended June 30, 2003 and 2004; Master List of State Government Programs; and other information provided by the Department, including financial estimates for the year ending June 30, 2005. State of Arizona Services: Risk Management, one of three programs within the Department of Administration’s Financial Services Division, provides a variety of services and fulfills several responsibili-ties through the following units: Workers’ Compensation—Processes workers’ com-pensation claims on behalf of state employees injured in the course and scope of their employment and determines wage, medical, surgical, and hospi-tal disability benefits as provided by law under the Arizona Workers’ Compensation Act. Property and Liability Claims—Investigates, evalu-ates, negotiates, and settles claims against the State, including third-party general liability, third-party auto liability, personal injury, third-party bodily injury, and property claims. Loss Prevention—Works with state agencies to reduce or eliminate their exposure to risk by provid-ing advice and assistance in a variety of areas, including property, liability, environmental, and work-er protections. Finance/Insurance—Provides financial and account-ing services, purchases excess and catastrophic insurance to supplement state-funded self-insurance, calculates state agency insurance charges, and pro-vides agency support and customer service related to insurance matters. Occupational Health Services—Provides physical examinations to potential state employees after an offer of employment has been extended, including scheduling, evaluating, and paying for these exami-nations for various state agencies. Facilities and equipment: Risk Management occupies 15,048 square feet of office space in the Department’s building at 100 North 15th Avenue in Phoenix. The Department leases this building under the PLTO (private lease-to-own) program and during PROGRAM FACT SHEET Arizona Department of Administration—Financial Services Division Risk Management Workers' Compe and Property an Claims—47 (4 vacancies) Financial/Insurance—13 (0 vacancies) Administration and Information Services—12 (3 vacancies) Occupational Health Services—5 (0 vacancies) Office of the Auditor General Program staffing: 97 positions with 11 vacancies as of March 1, 2005 Workers' Compensation and Property and Liability Claims—47 (4 vacancies) Loss Prevention—20 (4 vacancies) Financial/Insurance—13 (0 vacancies) Administration and Information Services—12 (3 vacancies) Occupational Health Services—5 (0 vacancies) Program revenues, expenditures, losses, and premiums: 1 Consists of insurance charges assessed to state agencies. 2 Consists of property claims, settlements, payments to workers' compensation beneficiaries, and related legal and other costs. $0.00 $10.00 $20.00 $30.00 $40.00 $50.00 $60.00 $70.00 $80.00 $90.00 $100.00 1 2 3 4 5 6 7 8 Millions of Dollars Revenues Operating Expenditures Losses, Premiums, and 1 Related Expenditures 2003 2004 2005 Fiscal Year fiscal year 2005, was scheduled to pay approximately $2.6 million in rent for the entire building. This amount increases annually until fiscal year 2027, when the Department is scheduled to make rent payments of $4.46 million for this building. Risk Management’s equipment includes typical office equipment. Mission: To provide timely, high-quality, and cost-effective services to agency customers and the public for the State’s property and liability exposures, and to our state employee customers who have work-related injuries. Program goals: 1. To deliver customer service second to none. 2. To aggressively pursue innovative solutions and/or opportunities. Adequacy of goals and performance measures: Risk Management has developed performance measures that are generally in line with its goals, and include input, outcome, efficiency, and quality measures. However, Risk Management could benefit from additional goals and performance measures that would provide more information on its activities. For example, while it does have some measures that report on activities related to property and liability, and workers’ compensation claims, it has not established any measures to reflect its handling of these claims, such as the ratio of open-to-closed property and liability and workers’ compensation claims, whether these claims are approved or denied, whether these claims are processed in a timely manner, and the percentage of claims with attorney involvement. Likewise, Risk Management does not have a goal or performance measures regarding its work with agencies on loss prevention activities. A loss prevention goal and associated performance measures might focus on the number of new programs implemented to limit the State’s future liability and the number of state agency consultations performed. Establishing a broader array of goals and performance measures would better reflect the variety of functions that Risk Management performs and better inform stakeholders, including the Legislature, of these activ-ities and their outcomes. Source: Auditor General staff compilation of unaudited information obtained from the Arizona Financial Information System (AFIS) for the years ended June 30, 2003 and 2004; Master List of State Government Programs; and other information provided by the Department, including financial estimates for the year ending June 30, 2005. State of Arizona The Office of the Auditor General has conducted a performance audit and sunset review of the Arizona Department of Administration, Financial Services Division pursuant to a November 20, 2002, resolution of the Joint Legislative Audit Committee. This audit was conducted as part of the sunset review process prescribed in Arizona Revised Statutes (A.R.S.) §41-2951 et seq and is the first in a series of four reports on the Department of Administration (Department). This report focused on the development and implementation of the Human Resources Information Solution (HRIS), the State’s new human resources system; procurement; and the workers’ compensation claims process. The second report will focus on functions performed by the Human Resources Division, and the third report will focus on functions performed by the Information Technology Services Division. The final report will be an analysis of the 12 statutory sunset factors. The Financial Services Division (Division) provides a variety of services to state agencies, including developing state-wide accounting policies and procedures; providing bookkeeping, reporting, and consulting services; preparing financial reports and performing internal audits; conducting state-wide and individual agency procurements; providing insurance coverage to state agencies and employees for property, liability, and workers’ compensation losses; and settling property and liability claims against the State. Additionally, the Division has assisted in the development and implementation of a new state payroll and human resource system. DOA needs comprehensive plan to ensure completion of HRIS system (see pages 9 through 19) The Department should develop a plan for completing the Human Resources Information Solution (HRIS) system and ensure adequate user participation in the plan’s development and the system’s completion. HRIS is replacing the State’s Human Resources Management System, Benefits Information Tracking System, and other applications with a single integrated system to administer payroll, personnel, employee benefits, and other related functions. Phase 1 of the system was Office of the Auditor General SUMMARY page i implemented in December 2003. This phase of the system processes state employee payroll and tracks and processes various employee-related actions, such as hires, transfers, and promotions. Phase 2 functions of the system, which were in various stages of implementation as of April 2005, are expected to provide the major benefits of this new system. These functions include a hiring gateway, which assists in the hiring approval and candidate screening process, and an employee/manager self-service component, which would allow a state employee to input his/her own information, such as an address change, into the system. According to department estimates, HRIS should produce more than $100 million in cost savings over the next 10 years by automating functions previously performed by administrative staff and reducing turnover due to increased employee satisfaction. The Department did not meet the system’s original and some of its revised implementation dates and has exhausted most of the project budget. Specifically: Implementation time frames missed—According to the initial contract awarded to the system vendor, the entire system was to be completed in 18 months. The Department expected to implement Phase 1 by April 2003 and Phase 2 by July 2003. However, amendments to the contract revised these dates. The implementation of Phase 1 was rescheduled for July 2003, and then to December 2003. Phase 2 implementation was rescheduled for May 2004. While Phase 1 was implemented in December 2003, as of April 2005, Phase 2 components were in various stages of development and implementation. These delays have occurred because of the extensive modifications needed to adapt the system’s primary software to the unique business practices of each state agency and the limited funding available for continuing work on the system. Project budget mostly exhausted—The Department received approximately $42.5 million in project funding. The Legislature appropriated $7.5 million from the Personnel Division Fund, and the Department issued certificates of participation for the remaining funding.1 This funding was originally intended to pay for the entire system. However, as of June 30, 2004, the Department reported that the project had consumed almost all of this funding.2 The personnel costs for the continued development and implementation of HRIS, as well as its operations, are now funded out of the Department’s Human Resources Division budget at approximately $2 million for fiscal year 2005. While the Department has not determined the amount of additional monies needed to complete Phase 2 of HRIS and address any needed user requirements, according to a department official, ongoing development and maintenance of the system will continue as monies are made available from the Human Resources Division budget. 1 Certificates of participation function similarly to a lease-purchase agreement, in that these securities are backed by the assets funded by the certificate proceeds, and nonpayment of the lease payments can result in the State’s returning possession of the assets to the trustee. 2 According to the Department, over $2.3 million remains from the certificates of participation funding and has been reserved to pay for a planned upgrade to the HRIS system in fiscal year 2006 or 2007. State of Arizona page ii According to interviews with several state agency users, Phase 1 of the HRIS system does not provide all of the functionality they required or expected. The new features in Phase 2, which are expected to provide the major benefits to users, have yet to be fully implemented. As a result, some agencies report relying on in-house systems or manual processes to ensure that they have the necessary personnel information and processing capabilities. Although expected during a major system implementation, the Department has also been slow to address some of the user requests for Phase 1 modifications, some of which are needed to correct programs that do not function properly. The Department should develop a plan for completing the system. This plan should specify the remaining functions to be implemented, identify the project budget and funding sources, outline the staff resources needed, and establish a timeline to fully implement the system. The plan should also address user requirements and requests for system changes. In January 2005, the Department began a strategic planning effort to address the future direction of HRIS. While the effort includes determining organizational capabilities and identifying the remaining work needed to complete HRIS, a comprehensive plan is still needed. Additionally, the Department should enhance user participation on the project. Literature on information technology project development strongly recommends user involvement in all phases and at all levels of system development. While the Department has included users in several facets of the project, it should also ensure that users have input or are involved in overall project policy and direction, evaluating and prioritizing requests for system functions or changes, and at all levels of system design and system testing and acceptance. Planned changes should improve procurement oversight, but more can be done (see pages 21 through 29) The Department’s planned changes to state procurement practices provide a good foundation for improving oversight, but they can be further enhanced. Although department officials estimate that the State spends billions annually in state, federal, and other monies on the purchase of goods and services, the Department performs little oversight of state agency procurement activities. The Department’s State Procurement Office (SPO) primarily functioned as a state-wide contracting center, conducting procurement of state-wide goods and services, and agency-specific procurement for smaller state agencies.1 However, many of the State’s large agencies conduct procurement under authority delegated by the Department.2 1 In January 2005, the Department created a new program, Enterprise Procurement Services, which, in addition to several new functions, performs the activities formerly performed by the State Procurement Office. 2 Statute designates the department director as the central procurement officer for the State, responsible for procuring or supervising the procurement of all materials, services, and construction needed by the State. Statute also authorizes the department director to delegate procurement authority to state agencies. Office of the Auditor General page iii Several of these agencies have received little or no oversight because they have had unlimited delegated authority since the current procurement code was adopted in 1985. Fourteen state agencies have this unlimited authority and can enter into multi-million dollar contracts without outside review or approval. The changes underway include the following: State’s procurement approach changing—In response to a Governor’s Efficiency Review team recommendation, the Department is making significant changes to the way the State conducts its procurements. Instead of many individual agencies contracting for the same goods or services—such as janitorial supplies or financial services—one state agency will serve as the strategic procurement and contracting center for a specific good or service. All state agencies needing this good or service will then rely on the contract. For example, the Arizona Department of Transportation (ADOT) will serve as the contracting center for automotive parts, and agencies needing these parts will use the contract developed by ADOT. The State should then benefit from the discounts that result from higher-volume purchases. This new approach to procurement should also improve oversight. Because the number of contracts used by multiple state agencies will increase, the procurement process will be more visible, which can help ensure that procurement and contracting best practices are used. New oversight unit established—In conjunction with this effort, the Department has reorganized its procurement organization. In January 2005, the Department established the Enterprise Procurement Services program that includes a new oversight group. This group plans to issue a policy and procedure manual to guide procurement activities and conduct regular reviews of the procurement practices of agencies with high levels of delegated procurement authority. There are several opportunities to enhance these efforts beyond what is currently planned. These include expanding the proposed policy and procedure manual to include polices for administering contracts once they are in place, developing ways to gather and analyze state contracting data, and annually reviewing a random sample of individual procurements. Department can improve its workers’ compensation claims process (see pages 31 through 38) The Department can improve its workers’ compensation claims process to help ensure that state employees who are injured while at work promptly receive benefits. The State provides workers’ compensation coverage through self-insurance, and the Department’s workers’ compensation unit in Risk Management administers the State of Arizona page iv claims. Claims are administered according to rules and regulations established by the Industrial Commission of Arizona (Commission). For example, Risk Management must accept or deny all claims within 21 days after the Commission notifies it of a claim. According to statute, injured state employees are responsible for filing a claim with the Commission. However, injured employees often inform Risk Management of the injury before they file a claim with the Commission, and Risk Management does not have to wait for formal notification from the Commission to begin processing a claim. While Risk Management meets the 21-day requirement for processing claims, since some claims are not promptly filed with the Commission, it may take much longer— weeks or even months—for the injured employee to know if the claim has been approved or denied. Although responsible for filing a claim with the Commission, state employees may be unaware of this requirement, or some may rely on their physicians to file an injury report with the Commission. Auditors reviewed a random sample of 43 workers’ compensation claims submitted to Risk Management during fiscal year 2004 and determined that the Commission formally notified Risk Management of 35 of these claims. Risk Management approved or denied each claim within 21 days of notification.1 However, Risk Management was aware of all 35 claims prior to receiving formal notification and for 17 of these claims, was aware of the injury and potential for a claim more than 3 weeks prior to the Commission’s formal notification. While Risk Management actually reviewed and approved 6 of these 17 claims prior to receiving notification from the Commission, it took between 32 and 145 days for Risk Management to either approve or deny the other 11 claims from the date they were initially made aware of the injury. Risk management can prevent unnecessary benefit delays by improving communication with injured employees. For example, although Risk Management has established an automated phone system and Web site to facilitate the reporting of work-related injuries to state employees, neither the phone system nor Web site adequately explains how to proceed with a claim or the need to report claims to the Commission. Adding this information could help injured employees receive benefits sooner. Enhanced policies and procedures would also help Risk Management process claims more quickly. While Risk Management adopted policies and procedures for its workers’ compensation claims process in April 2005, it should establish additional procedures to promptly identify injured employees who have missed more than 7 work days and explore options for obtaining needed information on injured employees from state agencies in a timely manner. Risk Management should also monitor its recently revised supervisory review procedures to ensure claims are reviewed as scheduled. 1 Risk Management processed an additional eight claims without receiving commission notification. Office of the Auditor General page v Other Pertinent Information (see pages 39 through 41) As part of the audit, auditors gathered information regarding the certificates of participation (certificates) that the State issued to help fund the development and implementation of HRIS. In April 2002, the State, through the Department, issued $63.27 million in certificates to finance a portion of the construction costs for the new state health laboratory and to help fund HRIS. The certificates function similarly to a lease-purchase agreement, in that these securities are backed by the assets funded by the certificate proceeds and nonpayment of the debt can result in the State returning possession of the assets to the trustee. The sale of these certificates generated over $65.7 million. The HRIS project received approximately $35 million of this amount, and the state health lab received the remaining monies. The debt service schedule, which requires the Department to pay $45.84 million over 11 years for the HRIS portion of the certificates, requires increasing payments annually. State agency charges for personnel administration services have been designated to service this debt.1 However, beginning in fiscal year 2005, the Department shows a Human Resources Division budget deficit of $180,000 and this deficit continues as the payment amounts increase. As a result, in its fiscal year 2006 budget submission, the Department has requested an increase in state agency charges for personnel administration services from 1.04 to 1.08 percent. 1 Only state agencies covered by the State’s personnel merit system, which requires these agencies to adhere to state personnel rules and regulations, are assessed this charge. State of Arizona page vi Office of the Auditor General TABLE OF CONTENTS continued 1 9 9 15 19 21 21 23 24 27 29 31 31 32 34 38 39 39 Introduction & Background Finding 1: DOA needs comprehensive plan to ensure completion of HRIS system Implementation delays have exhausted most funding and some users are dissatisfied Department needs new plan for project’s completion Recommendations Finding 2: Planned changes should improve procurement oversight, but more can be done Department’s procurement oversight has been insufficient Procurement reforms will help improve oversight Reorganization will increase oversight Additional oversight mechanisms can benefit state procurement Recommendations Finding 3: Department can improve its workers’ compensation claims process Workers’ compensation claims process Risk Management could better communicate claim requirements Enhanced policies and procedures should aid claims processing Recommendations Other Pertinent Information Certificates of Participation page vii State of Arizona TABLE OF CONTENTS Agency Response Tables: 1 Risk Management Fund Cash Balance, in Millions For the Years Ended June 30, 2001 through 2004 2 Schedule of Receipts and Disbursements by Program, in Thousands Years Ended or Ending June 30, 2003 through 2005 (Unaudited) 3 Status of Human Resources Information Solution (HRIS) Component Modules As of April 2005 4 Examples of Planned Procurements As of April 2005 5 Workers’ Compensation Claims and Payments For the Year Ended June 30, 2004 6 Human Resources Division Projected Budget Shortfall, in Millions Years Ending June 30, 2005 through 2007 Figure: 1 Human Resources Information Solution (HRIS) Scheduled Certificate of Participation Payments, in Millions Eleven Years Ending May 1, 2013 4 5 11 24 31 41 40 concluded page viii The Office of the Auditor General has conducted a performance audit and sunset review of the Arizona Department of Administration, Financial Services Division pursuant to a November 20, 2002, resolution of the Joint Legislative Audit Committee. This audit was conducted as part of the sunset review process prescribed in Arizona Revised Statutes (A.R.S.) §41-2951 et seq and is the first in a series of four reports on the Department of Administration (Department). This report focused on the development and implementation of the Human Resources Information Solution (HRIS), the State’s new human resources system; procurement; and the workers’ compensation claims process. The second report will focus on functions performed by the Human Resources Division, and the third report will focus on functions performed by the Information Technology Services Division. The final report will be an analysis of the 12 statutory sunset factors. Financial Services Division The Department was formed in 1972 and consists of seven divisions, including the Financial Services Division (Division). The Division’s mission is “to provide effective and efficient support services to enable government agencies, state employees and the public to achieve their goal.” To help fulfill its mission, as of March 1, 2005, the Division reported a total of 199 positions, with 27 vacancies. These staff provide a variety of services to state agencies through three programs described below. Additionally, the Division has assisted in the development and implementation of the State’s new human resources system. General Accounting Office (68 positions; 10 vacancies)—The General Accounting Office (GAO) provides financial information to state and federal government agencies, financial institutions, and other interested public or private entities. Specifically, GAO operates the state-wide accounting system (AFIS) and the state-wide payroll portion of the Human Resources Information Solution (HRIS). GAO also provides state-wide accounting policies and procedures to state agencies; distributes and reconciles all state warrants; provides a variety of data input, bookkeeping, reporting, and consulting services Office of the Auditor General INTRODUCTION & BACKGROUND page 1 to state agencies; prepares financial reports; performs internal audits, reviews, and investigations of state agencies; and provides various types of technical assistance on government accounting and financial matters. Enterprise Procurement Services (34 positions; 6 vacancies)—Enterprise Procurement Services (EPS) was created in January 2005 as a new program within the Division. EPS replaces the State Procurement Office (SPO) as the central procurement authority for the State. EPS conducts strategic state-wide contracting for specific goods and services, conducts procurements for individual agencies when the value of the procurement exceeds the agency’s delegated procurement authority or upon request, establishes and administers procurement policies and procedures, establishes standards and manages procurement authority delegated to agencies, disseminates procurement information to customers, and administers bid protests and claims appeals.1 According to procurement system reports, as of December 2004, SPO staff served as the primary procurement administrators for 142 state agency-specific procurements and 139 state-wide procurements. Risk Management (97 positions; 11 vacancies)—Risk Management manages the property, liability, and workers’ compensation claims and losses for the State. Specifically, Risk Management provides insurance coverage to state agencies and employees for property, liability, and workers’ compensation losses through self-insurance and purchased insurance policies; investigates, mitigates, and settles all property and liability claims against the State; recovers monies from third parties who have injured the State; and assists agencies in the development and administration of loss prevention programs. Also, Risk 1 Statute designates the department director as the central procurement officer for the State, responsible for procuring or supervising the procurement of all materials, services, and construction needed by the State. Statute also authorizes the department director to delegate procurement authority to state agencies. State of Arizona page 2 GAO Mission: To provide state and federal agencies, the general public, and other interested public and private entities with accurate, timely financial services, management information, technical assistance while assuring compliance with related statutes and rules; to maintain and improve the statewide automated financial systems; and to provide for the safeguarding of state assets. EPS Mission: One procurement community, consistently seeking best value procurement solutions for customers through innovation. Management self-insures and self-administers the State’s workers’ compensation benefits for injured state employees; assists agencies in administering return-to-work programs; and recovers monies from third parties who have injured state employees. HRIS project Starting in 1999, the Department, with the assistance of several state agencies, began work on identifying, designing, and implementing a new state human resources information system. The Human Resources Information Solution (HRIS) is replacing the State’s Human Resources Management System (HRMS), Benefits Information Tracking System, and other applications with a single integrated system shared by state agencies. According to the Department, HRMS had become obsolete as key software components would no longer be supported by the vendor and the system did not capture important personnel information for management purposes. When fully implemented, HRIS should provide a single system for the administration of payroll, personnel, employee benefits, and other related functions. The Legislature appropriated a total of $7.5 million in fiscal years 2002 and 2003 to help fund the project. The State obtained additional funding of approximately $35 million for system development and implementation by issuing certificates of participation (see Other Pertinent Information, pages 39 through 41, for further information). The HRIS system has been implemented in two phases, with ongoing development currently occurring for Phase 2 system functions. Phase 1, which processes state employee payroll, was implemented in December 2003 (see Finding 1, pages 9 through 19, for more information on the development and implementation of HRIS). 1995 report and followup As part of this audit, some concerns identified in the Auditor General’s 1995 performance audit report (Report No. 95-11) were reviewed. This review revealed the following: Improved handling of property and liability claims—The 1995 report recommended that Risk Management improve the handling of property and liability claims. Specific recommendations included regular supervision of The Department is developing a new state human resources information system. Office of the Auditor General page 3 Risk Management Mission: To provide timely, high quality, and cost effective services to agency customers and the public for the state’s property and liability exposures, and to our state employee customers who have work-related injuries. claims adjusters, revising caseload standards, addressing internal control weaknesses, and better monitoring of contracted claims adjusters. Based on auditors’ review of a sample of 16 property and liability claims submitted from July 2003 through August 2004, it appears that Risk Management has improved its processing of these claims. Specifically, auditors found that the policies and procedures for processing property and liability claims are appropriate and that the claims auditors reviewed were processed according to these policies and procedures. For example, Risk Management appropriately conducted and documented the claim investigation, documented required supervisory review and approval of claims, and appropriately assigned and monitored tasks given to contracted adjusters. Stronger incentives to control losses have been implemented—As recommended in the 1995 report, Risk Management changed its allocation model to encourage loss control behavior among state agencies. The previous model used by Risk Management to allocate insurance charges to state agencies did not provide financial incentives to encourage loss control behaviors. However, the new model adopted by Risk Management is driven by an agency’s historical loss trends and its exposure as it relates to a specific line of insurance coverage. Currently, either through self-insurance or purchased insurance policies, the State has various lines of insurance coverage, including environmental liability, medical and general liability, and auto liability. For example, based on the new allocation model, an agency’s insurance charge for auto liability insurance coverage is based on the number of vehicles that an agency owns and its auto accident history. For this line of insurance coverage, the exposure to accidents is increased with a greater number of vehicles. Additionally, depending on the specific line of insurance coverage, the allocation model considers from 2 to 5 years of agency loss history. Table 1 illustrates the revenues generated from state agency charges for insurance coverage and insurance coverage expenditures for fiscal years 2001 through 2004. Financial Services Division’s operating budget While the Division’s operating budget consists of monies appropriated from the State General Fund, the majority of its revenues consist of charges assessed to state agencies for the various services it provides. Table 2 (see page 5) illustrates the Division’s actual revenues and expenditures for fiscal years 2003 and 2004 and its State of Arizona page 4 Table 1: Risk Management Fund Cash Balance, in Millions For the Years Ended June 30, 2001 through 2004 2001 2002 2003 2004 Cash receipts $61.3 $77.4 $79.5 $92.1 Cash distributions 1 74.5 76.7 90.1 78.2 Subtotal ($13.2) $ 0.7 ($10.6) $13.9 Beginning cash balance $41.5 $28.3 $29.0 $18.4 Ending cash balance $28.3 $29.0 $18.4 $32.3 1 The 2001 amount includes the Legislature’s transfer of $12 million to the State General Fund. Source: Auditor General staff analysis of the Risk Management Fund Allocation of Cash Balance schedule for fiscal years 2001 through 2004. Office of the Auditor General page 5 Table 2: Schedule of Receipts and Disbursements by Program, in Thousands Years Ended or Ending June 30, 2003 through 2005 (Unaudited) Enterprise Procurement Services 1 General Accounting Office Risk Management 2003 2004 2005 2003 2004 2005 2003 2004 2005 (Actual) (Actual) (Estimated) (Actual) (Actual) (Estimated) (Actual) (Actual) (Estimated) Revenues: State General Fund $1,485 $1,511 $1,715 $ 4,219 $ 3,361 $ 3,519 Charges for services 2 168 288 152 10,582 10,747 11,062 $80,935 $91,350 $89,342 Miscellaneous 68 71 151 763 1,739 1,739 Total revenues 1,721 1,870 2,018 15,564 15,847 16,320 80,935 91,350 89,342 Expenditures and transfers: Operating: Personal services and employee related 1,457 1,284 1,455 2,663 2,726 3,508 4,217 4,409 4,725 Professional and outside services 129 19 34 2 2 12 95 74 100 Travel, equipment, and other operating 174 680 535 2,360 1,680 1,982 2,282 1,109 1,133 Allocated costs 23 14 17 62 68 82 Total operating expenditures 1,783 1,997 2,041 5,025 4,408 5,502 6,656 5,660 6,040 Losses, premiums, and related expenditures 3 71,484 71,826 77,380 Retirement accumulated sick leave 4 11,064 9,128 9,961 Total expenditures 1,783 1,997 2,041 16,089 13,536 15,463 78,140 77,486 83,420 Net operating transfers out 5 12,002 565 2,239 Total expenditures and operating transfers 1,783 1,997 2,041 16,089 13,536 15,463 90,142 78,051 85,659 Excess (Deficiency) of revenues over expenditures and operating transfers $ (62) $ (127) $ (23) $ (525) $ 2,311 $ 857 $(9,207) $13,299 $ 3,683 ________________ 1 The 2003 and 2004 amounts represent the financial activity of the State Procurement Office. Beginning January 2005, the Department created the Enterprise Procurement Services program, which replaced the State Procurement Office. Consequently, the 2005 amounts include 6 months of financial activity for the State Procurement Office and 6 months of estimated financial activity under the new organizational structure. See Introduction and Background, page 2, for additional information on the new program. 2 General Accounting Office amounts include a pro rata charge on other agencies’ payroll expenditures for the retiree accumulated sick leave program. Risk Management amounts are charges to state agencies for insurance. 3 Consists of insurance premiums, property claims, settlements, payments to workers’ compensation beneficiaries, and related legal and other costs. 4 Consists of payment for accumulated sick leave and associated employee-related expenditures in accordance with A.R.S. §38-615 and administration costs of the program. 5 2003 amount includes $12 million transferred to the State General Fund in accordance with Laws 2003, First Special Session, Chapter 1. Source: Auditor General staff analysis of financial information provided by the Department of Administration from its Arizona Financial Information System for the years ended June 30, 2003 and 2004; and department-prepared estimates for the year ending June 30, 2005. estimated revenues and expenditures for fiscal year 2005. The Division received nearly $109.1 million in revenues in fiscal year 2004, over $4.87 million of which consisted of General Fund appropriations. The Division’s revenues are expected to decrease slightly in fiscal year 2005, as they are estimated to be nearly $107.7 million. The Division’s fiscal year 2004 expenditures were approximately $93 million, which represented over a 3 percent decrease from its fiscal year 2003 expenditures of approximately $96 million. However, based on fiscal year 2005 estimates, expenditures will increase to $109 million. According to a department official, the Department conservatively estimated fiscal year 2005 expenditures, particularly for Risk Management, and the Department does not anticipate that actual expenditures will exceed revenue in fiscal year 2005. The Legislature also appropriates monies for Risk Management operations. These monies are appropriated from the Risk Management Fund, which consists of allocations charged to other state agencies. The allocations charged by the Risk Management program not only cover the costs of its employees and operations, but also pay for insurance premiums, property claims, liability claims/settlements, payments to workers’ compensation beneficiaries, medical costs, legal costs, and other loss adjustment expenses. As previously mentioned, the allocation to each state agency is based on the line of insurance coverage, the agency’s loss history, and risk exposure. As shown in Table 2 (see page 5), the Department collected $91.35 million in agency insurance charges for fiscal year 2004 and is expected to collect an estimated $89.34 million in fiscal year 2005. Risk Management’s fiscal year 2004 expenditures were nearly $77.5 million and are estimated to increase to $83.4 million in fiscal year 2005. Audit scope and methodology This audit focused on the Department’s development and implementation of HRIS, oversight of procurement activities, and its workers’ compensation claims process. This report presents findings and recommendations in the following areas: The Department needs to develop a comprehensive plan, with appropriate user participation, to help ensure that the continued development and implementation of the Human Resources Information Solution system meets project goals and satisfies user needs. The Department should continue with and augment its plans to increase oversight of state agency procurement practices. State of Arizona page 6 The Department can improve its workers’ compensation claims process to help ensure that state employees who are injured while at work promptly receive benefits. In addition, this report contains an Other Pertinent Information section (see pages 39 through 41) that provides information regarding the certificates of participation that the State issued to help fund HRIS development and implementation. Auditors used a number of methods to obtain information about the Division’s programs and to study issues addressed in this report. These methods included interviewing department and division management and staff, and reviewing statutes and administrative rules, policies, and procedures, and the Department’s strategic plan for fiscal years 2005 through 2009. Auditors also used the following methods: To evaluate the Department’s progress in developing and implementing HRIS, auditors interviewed staff of six state agencies, five agency representatives of the project’s user task force, and HRIS project managers; observed help desk operations, acceptance testing, and payroll processing; and attended various work groups associated with the project, such as meetings of the Change Control Board, which evaluates system changes, and the executive committee, which oversees the project. Auditors also reviewed HRIS documents such as the project charter, the project and investment justification submitted to the Government Information Technology Agency for review and approval, status reports, and policies and procedures; the results of customer service surveys and focus groups conducted by the Department in 2003 and 2004 to assess user satisfaction with system development and implementation; and the HRIS project plan, budget, and implementation methodology. Finally, auditors reviewed literature on best practices for information technology project development.1, 2, 3 To evaluate the need for increased oversight of state agency procurement activities, auditors reviewed the statutes, policy manuals, and related materials of the states of California, Florida, and Washington.4 Auditors also interviewed procurement officials from the same three states, procurement officials within 1 United States General Accountability Office. Accounting and Information Management Division. Federal Information System Controls Audit Manual: GAO, January 1999. 2 Taylor, James. Managing Information Technology Projects: Applying Project Management Strategies to Software, Hardware, and Integration Initiatives. New York: American Management Association, 2004. 3 Halper, Stanley D., Glenn C. Davis, P.J. O’Neil-Dunne, and Pamela R. Pfau. Handbook of EDP Auditing. Boston: Warren, Gorham & Lamont, 1985. 4 California, Florida, and Washington were selected for review because these states similarly delegate procurement authority to various agencies and are implementing procurement improvements or reform efforts. Office of the Auditor General page 7 two Arizona state agencies, Attorney General staff, and a Governor’s Efficiency Review team member. Finally, auditors reviewed Arizona’s procurement code and proposed rule revisions, and reports from the Office of the Auditor General and the Department’s General Accounting Office, and attended meetings and reviewed documentation from the Department’s Value in Procurement project team and committees, which are reviewing and revising state procurement practices. To determine whether the Department can process workers’ compensation claims in a more timely manner, auditors reviewed a random sample of 48 workers’ compensation claims submitted during fiscal year 2004. These claims consisted of 28 time-loss claims, 10 medical-only claims, 5 long-term care claims, and 5 claims for which the unit initially denied payment, but later paid the claim. Auditors also interviewed an Arizona Industrial Commission official and Arizona State Compensation Fund staff, and reviewed a workers’ compensation claims process study prepared by the Georgia State Board of Workers Compensation, documents used by the Arizona State Compensation Fund in its claims process, and the Utah workers’ compensation system and Arizona State Compensation Fund Web sites.1 To develop information on the certificates of participation that the Department issued to help fund HRIS development and implementation, auditors reviewed the April 2002 certificates of participation official statement, audit work performed by the Office of the Auditor General in 2004 regarding the certificates of participation, and the Department’s fiscal year 2006 budget submission. This audit was conducted in accordance with government auditing standards. The Auditor General and staff express appreciation to the director and staff of the Arizona Department of Administration for their cooperation and assistance through this audit. 1 Georgia State Board of Workers’ Compensation: Best Practices—Proper Claim Reporting, July 2003. State of Arizona page 8 DOA needs comprehensive plan to ensure completion of HRIS system To protect the State’s investment in the Human Resources Information Solution (HRIS) system, the Department needs to formulate a comprehensive plan to complete system implementation and ensure continued user participation in system-related activities. In December 2003, the Department implemented Phase 1 of HRIS to process personnel-related, payroll, and employee benefits transactions. While implementation of this phase assured the uninterrupted processing of state employee payroll, it was implemented several months after the original date projected for its completion. Many of the system’s new or added features, which were perceived to be the new system’s major benefits and are being implemented in Phase 2 of the project, were still not fully implemented as of April 2005. Additionally, user expectations for system functions have not been met, and some users have become dissatisfied with the system. Therefore, the Department should continue with its recent efforts to develop and implement a detailed plan for completing HRIS and continue to ensure appropriate user participation in determining project direction and setting priorities. Implementation delays have exhausted most funding and some users are dissatisfied The implementation of HRIS is still not complete and it has not provided the full range of functions anticipated. While the core payroll functions have been implemented, as of April 2005, many of the system’s new or added features have yet to be fully implemented. This delayed implementation consumed almost all the project funding, resulting in significantly reduced funding and staff resources to implement the remaining system functions. Additionally, some state agencies continue to use multiple, in-house systems and processes to perform payroll-related functions that HRIS does not provide. Office of the Auditor General FINDING 1 page 9 HRIS implemented in phases—The goal of HRIS is to replace the State’s Human Resources Management System (HRMS), Benefits Information Tracking System, and other applications with a single integrated system shared by state agencies to administer payroll, personnel, employee benefits, and other related functions. According to the Department, it was necessary to develop a new human resources system as HRMS had become obsolete. In particular, the vendor reported to the Department that it would no longer support key software components of the system and that the system did not capture important personnel information. The State contracted with IBM to help develop and implement this new system. According to the Department, HRIS provides the opportunity to streamline human resources processes, reduce costs, improve state agency manager and employee access to human resources information, and improve customer service. Table 3 (see page 11) describes the major system components and their implementation status in the project’s two phases. Phase 1 of the HRIS project, implemented in December 2003, encompasses the core state employee payroll processing functions. These include maintaining time and attendance information to process payroll and tracking and processing various employee-related actions, such as hires, transfers, and promotions. Implementation of this phase has provided for the continued processing of state employee payroll. Phase 2 focuses on many of the added or new features that were perceived to be the major benefits of a new system and were anticipated to provide monetary savings. These include the hiring gateway, data warehouse, performance management, and employee/manager self-service functions, which are defined in Table 3 (see page 11). The components of this phase are in various stages of implementation. For example, the performance management component is undergoing user acceptance testing, and the Department expects that the hiring gateway component will be fully implemented in July 2005. The Department has estimated that HRIS will save the user community in excess of $100 million over the next 10 years. The features that the Department anticipates will provide these savings automate functions that were previously performed by administrative staff and are expected to reduce turnover due to increased employee satisfaction. For example, the employee/manager self-service component allows a state employee to input his or her own information into HRIS for a change of address or schedule training, rather than submitting a paper document to agency administration for review and data entry. HRIS implementation did not meet plan—With the exception of the final revised implementation date for Phase 1, the planned HRIS implementation dates have not been met and the project budget, originally intended to pay for the development and implementation of the entire system, has been largely exhausted. Specifically: HRIS is able to process payroll and limited employee-related transactions. State of Arizona page 10 Office of the Auditor General page 11 Table 3: Status of Human Resources Information Solution (HRIS) Component Modules As of April 2005 Component Module Description Status Phase 1: Core System Functions Captures, tracks, and reports the following: • Human Resources—hires, transfers, terminations, promotions, and employee data maintenance. • Benefits—medical, dental, and disability. • Payroll—calculates payroll and issues checks or payroll advices. Implemented 12/2003 Other: General Salary Adjustment Programming required for Legislature-approved employee raises. Implemented 7/2004 Open Enrollment Allows state employees to input and verify their selection of employee benefits. Implemented 8/2004 Phase 2: Performance Management Provides a reminder that an annual performance evaluation is due and captures evaluation information on reports. In user acceptance testing. Need to develop training, agency rollout strategy, and communication plan. Dates for fully implementing this feature have yet to be determined. Process Flow Provides a reminder when documents or actions are due and tracks their status. In production for Department only. Dates for fully implementing this feature have yet to be determined. Analytics Compares Arizona human resource, payroll, and benefits data to Saratoga Institute data so Arizona can be compared to national averages.1 Saratoga Institute data loaded into database in November 2004. Project team analysis of function continuing. Dates for fully implementing this feature have yet to be determined. Data Warehouse Captures a variety of data elements that allow for analytical and statistical reporting. In development. Dates for fully implementing this feature have yet to be determined. Employee/Manager Self- Service Allows managers/employees to input, update, and view their personnel data in the system. Rollout of view-only access for the employee self-service feature expected to begin in May 2005 with complete rollout of view-only access to all employees by July 2005. Dates for fully implementing this feature have yet to be determined. Hiring Gateway Creates and approves personnel requisitions and allows agencies to recruit, process resumes, and hire staff via the Internet. Phase 1 implemented in April 2005. Department expects to complete Phase 2 and fully implement this component in July 2005. 1 A PricewaterhouseCoopers Service that provides a database of comparative statistics. Source: Auditor General staff analysis of information provided by the Arizona Department of Administration. Implementation time frames missed—According to the initial contract awarded to IBM, the entire system was to be completed by July 2003. The Department and its contractors expected to implement Phase 1, which included the core payroll functions, by April 2003, 15 months after initiating the project. Phase 2, which includes the new features such as the hiring gateway and employee/manager self-service components, was to be implemented no later than July 2003, 3 months later. However, amendments to the contract revised these dates. Specifically, the implementation of Phase 1 was changed to July 2003 and then to December 2003. Phase 2 implementation was rescheduled for May 2004. While Phase 1 features were actually implemented in December 2003, as of April 2005, Phase 2 still does not have any components fully implemented. Project budget mostly exhausted—The HRIS project was primarily funded through the issuance of certificates of participation (certificates) in April 2002, which generated approximately $35 million, and legislative appropriations totaling $7.5 million from the Personnel Division Fund in fiscal years 2002 and 2003 (see Other Pertinent Information, pages 39 through 41, for more information on the certificates). The certificates were intended to finance the purchase, installation, consulting services, and training costs associated with the development and implementation of both phases of the system. However, as of June 30, 2004, the Department reported that the project had consumed almost all of this funding, yet Phase 2 of the system had yet to be fully developed and implemented.1 For fiscal year 2005, HRIS was changed from a project with its own budget to an operating unit of DOA’s Human Resources Division. The personnel costs for continued HRIS development and implementation, as well as its operations, are now funded out of this Division’s budget at approximately $2 million for fiscal year 2005. While the Department has not determined the amount of additional monies needed to complete Phase 2 of HRIS and address any needed user requirements, according to a department official, ongoing development and maintenance of the system will continue as monies are made available from the Human Resources Division budget. Additionally, according to HRIS project management, the limited funding available for continuing work on the system has partially contributed to the delays in completing the system. Staffing reduced—With the reduction in funding, staff resources devoted to implementing Phase 2 have also been significantly reduced. During the first 2 years of project development and implementation, as many as 59.5 staff positions were dedicated to the HRIS project.2 However, project staffing has been reduced by approximately 70 percent. As of November 2004, 17.5 positions were dedicated to the system for continued development and 1 According to the Department, over $2.3 million remains from the certificates of participation funding and has been reserved to pay for a planned upgrade to the system in fiscal year 2006 or 2007. 2 Phase 1 was implemented by a combined team of state employees, some on loan from other state agencies, and vendor employees. State of Arizona page 12 HRIS implementation time frames not met. implementation, as well as for system operations and maintenance. According to the Department, staffing will be further reduced to 15.5 positions by May 2005.1 The extensive modifications made to adapt the system’s primary software to the unique business practices of Arizona’s state agencies contributed to the delay in implementing the system. According to the contract, the primary contractor assumed that the system would be implemented using the standard, out-of-the-box software. However, this would have required state agencies to modify their diverse business practices and move to standard processes that could be supported by the software. While a department official indicated that state agencies had committed to adjusting their business practices to conform to the system, agencies did not do so. As a result, the modifications required to the system significantly extended the time needed to complete the project. User expectations not met—Due to the delayed implementation of Phase 2, state agency users have not yet received many of the features they expected. These included features such as the hiring gateway, which assists in the hiring approval and candidate screening process, and the employee/manager self-service feature. Additionally, according to HRIS project management, in order to make the target date to process state payroll with the new system by year-end 2003, some of the Phase 1 user requests for particular functions were deferred. For example, users requested the ability to retain employee history, such as the length of state service and pay rates when an employee transfers to another agency. According to a department official, while this function has not been implemented, agencies can request this information from the Department. Additionally, users requested the ability to print leave balances on employee time sheets. While the Department can generate a file from HRIS with the necessary information, this file must be individually sent to agencies, and agencies desiring this capability must develop a custom program to print a time sheet in the desired format. Additionally, according to a department official, even though this feature had been available since the implementation of Phase 1, it has not been made readily available to users. In fact, only the Department and another agency use this feature, and other agencies auditors spoke with were unaware that the Department could provide this service. In addition, while the Department has received numerous requests for system changes or fixes, which is to be expected for a major system implementation, it has been slow to address some of these user requests. According to HRIS project management, this is a result of reduced funding and staffing, the resources needed to maintain the operational stability of the system, and its focus on implementing Phase 2 and other legislatively mandated changes, such as the July 2004 salary increase for state employees. User requests include fixing programs that do not function properly or requests for additional features to provide agencies with adequate human resources system and information capabilities. For example, as of Some user requests for system features have not been implemented. 1 Three of the 17.5 FTEs spend only a portion of their time on HRIS, and 3 of the 15.5 FTEs will spend a portion of their time on HRIS only in conjunction with other duties. Office of the Auditor General page 13 October 2004, the Department was tracking 40 outstanding requests for Phase 1 program changes. This included 32 requests categorized as either critical or high priority. Three of these requests identified as critical were made in March or April 2004, while one high priority request was made in September 2003 and four other high priority requests were made in July 2004. Although HRIS project management is responding to some identified user requirements, such as the need for improved training and help desk responsiveness, user needs not yet fully addressed include the completion of Phase 2 components, difficulty in finding answers to system-related problems, and the need for better communication. Some users dissatisfied with system—System data entry requirements, the delayed implementation of Phase 2 components, and the deferral or rejection of some agency requests for system functionality has led to some user dissatisfaction with the system. For example, HRIS requires agencies to capture more information within the system as compared to the previous payroll system. As a result, agencies report additional staff time spent on data entry for HRIS. Additionally, the Department reported it could not accommodate some agency-specific needs within the system framework. This included a Department of Economic Security request that the system verify fund availability before processing a time record. According to the Department, this request would have required an interface with the Arizona Financial Information System, which was not practical to pursue for a single agency given the time and resources needed to develop this capability. As a result, some state agencies have continued to operate and maintain alternative information systems and manual processes to capture and provide payroll and human resource information at their own cost. Specifically: Users relying on in-house systems—One of the major objectives of the HRIS system was to eliminate duplicate automated systems and processes. However, according to interviews with six randomly selected agency officials, four of the six users continue to use or rely on their own in-house systems because the HRIS system, as currently operating, has not eliminated that need. These systems range from simple spreadsheets to time accounting systems. For example, one agency official indicated that the agency maintains an in-house personnel database and time/activity system to meet the agency’s functional needs. In fact, this agency official reported that the HRIS project manager recommended that the agency’s functional needs would be better served by retaining their existing system. Another agency official indicated that they have retained an in-house labor distribution system as agency staff felt that the HRIS labor distribution feature would be too cumbersome to use. However, this official further reported that the agency is reviewing its business processes to be able to use the full functionality of HRIS. Another state agency reports using Excel software to maintain personnel data for reporting purposes as the report generation feature within HRIS is too complex to operate. Finally, at least one large state agency has indicated its intention to develop new in-house systems at its own cost if HRIS cannot provide the functions that it needs. State of Arizona page 14 Some agencies continue to use in-house systems for human resources needs. Department needs new plan for project’s completion The Department should develop and implement a comprehensive plan for the completion of the HRIS system and ensure adequate user participation in the plan’s development and the system’s completion. In January 2005, the Department began a strategic planning effort with the goal of developing a new plan, and it should ensure that this plan identifies the remaining system features or user requests that remain to be implemented, and the budget, staff resources, and calendar time needed to fully implement the system. Additionally, consistent with industry best practices, the Department should continue to facilitate user participation in the project by involving users in project leadership and the establishment of plan deliverables and priorities. New plan needed to direct remaining project work—To help ensure that the remaining features of the HRIS system and user requests for system features and changes are fully implemented or otherwise appropriately addressed, the Department should develop a plan to direct this effort. Prior to the project’s initiation, a project plan was developed that specified the various functions to be implemented, the goals and objectives of the project, the project budget and sources of funding, the staff resources needed, and a time line for project completion. However, this plan is outdated, and the Department needs to develop a new plan for completing HRIS because development and implementation of the remaining system functions continues to languish. In November 2004, the Department provided auditors with various dates for testing, piloting, and/or implementing these functions. However, it has missed some of these dates. For example, the Department reported that the first phase of the hiring gateway was being piloted with implementation expected by January-February 2005. This date was not met and Phase 1 of the hiring gateway was implemented in April 2005. The Department expects to complete Phase 2 and fully implement this component in July 2005. Additionally, the Department has yet to determine when the data warehouse and employee/manager self-service functions will be fully implemented. In January 2005, the Department began a strategic planning effort to address the future direction of HRIS and user requirements and requests for system changes. Since holding this strategic planning session in January 2005, the HRIS executive team has held additional meetings to determine its organizational capabilities, identify the remaining work needed to complete HRIS, and address customer requirements. This includes the remaining Phase 2 components and additional items needed to reflect changes in the state’s personnel system or to upgrade HRIS. Additionally, the Department has developed project plans for the completion of two Phase 2 components, the hiring gateway, and employee self-service. For example, the hiring gateway plan details the various steps, such as product review, testing, and roll-out strategy and time frames that should be completed to implement this component. In addition to these efforts, the Department should develop a The Department has missed Phase 2 project milestones. Office of the Auditor General page 15 comprehensive plan that brings together these various planning efforts, to direct and prioritize the remaining work needed to complete HRIS. User participation should be continued—The Department should continue to include and, where necessary, enhance user participation in system development and implementation. Literature on information technology project development strongly recommends user involvement at all phases of system development. The Department has established the following project management structure for HRIS development and implementation: Executive Committee—Meets every other week to establish project policies and direction. The committee consists of department assistant directors, the Director of Arizona Government University, and the HRIS manager, and is chaired by the HRIS project manager, who is also a department assistant director. The State’s former chief information officer, in a November 2002 letter to the Department’s director, criticized the lack of nondepartment members on the HRIS Board of Directors (currently the executive committee). There are still no users on the committee, and the Department has not established a documented process to obtain and consider user input regarding project policies and direction. However, according to the Department, it plans to involve users in the development of a strategic plan for completing HRIS and in helping to establish remaining project priorities. Project Team—Performs the day-to-day work to support the design and implementation of new functions or system changes and performs such tasks as computer programming, testing, and training. Team members consist of department employees and contractors. While there are no agency users on the team, the Department has established and plans to continue to establish user groups to plan for the rollout and testing of Phase 2 components. However, with the exception of the hiring gateway, the Department does not follow a documented process for soliciting user feedback on critical design issues and decisions related to the continuing development of Phase 2 components and prior to the testing and rollout of these components. Change Control Board—Generally meets weekly to evaluate and approve system change requests. The Board consists of several project team members, one of whom acts as a facilitator. Although the Board has a process to formally assess the impact of change requests and prioritize these requests, it does not follow this process, nor do users have input regarding priorities. However, as part of the strategic planning process that it began in January 2005, the Department reports that it plans to meet with customers to assess and prioritize their system needs and requirements. Additionally, the Department should follow its process for formally assessing the impact of requested system changes and for approving their implementation and priority on the list of items awaiting action. State of Arizona page 16 User Task Force—This group comprises users from representative state agencies that provide input and make recommendations on user-related issues to HRIS project management. Members of this group were only committed to serve from April 2004 to June 2004. While these members stayed on the task force through its September 2004 meeting, from October 2004 through December 2004, the task force did not meet because the Department reports its resources were needed to implement system modifications. However, users’ willingness to continue participation on this task force had also diminished because some of its recommendations had not been implemented. For example, the task force recommended in June 2004 that improvements be made to the self-directed help process and to the project’s process for reviewing and prioritizing requests for system changes or fixes. According to HRIS project management, these recommendations have not been implemented. After this period of inactivity, the Department reconstituted the task force and it began meeting again in January 2005. Literature on information technology project development strongly recommends user involvement in system development. For example, the United States General Accountability Office Federal Information System Controls Audit Manual recommends active user involvement throughout the system development process.1 Additionally, Managing Information Technology Projects, a publication of the American Management Association, states that there are several strategies for making stakeholders feel they are a part of the project.2 Some of the most common strategies for satisfying stakeholder requirements and answering their concerns are actively involving them in the project, including them in project reviews, soliciting their advice, and including them in major project strategy decisions. Finally, according to the Handbook of EDP Auditing, “user involvement throughout the system development life cycle helps to avoid developing systems that do not meet the user’s needs, are inefficient, are not adequately controlled, and are not acceptable to, or understandable by, operating level personnel.”3 Consistent with best practices, the Department should enhance user participation on the HRIS project. Specifically, the Department should establish a process for soliciting, considering, and taking action on user input regarding overall project policy and direction, and follow through with its plans to involve users in the development of a comprehensive plan to complete HRIS. Additionally, the Department should establish a documented process by which the project team obtains user participation and approval at critical project phases, such as application design and acceptance testing. The Department should enhance user participation on the project. 1 United States Government Accountability Office. Accounting and Information Management Division. Federal Information System Controls Audit Manual. Washington, D.C.: GAO, Jan. 1999. 2 Taylor, James. Managing Information Technology Projects: Applying Project Management Strategies to Software, Hardware, and Integration Initiatives. New York: American Management Association, 2004. 3 Halper, Stanley D., Glenn C. David, P.J. O’Neil-Dunne, and Pamela R. Pfau. Handbook of EDP Auditing. Boston: Warren, Gorham & Lamont, 1985. Office of the Auditor General page 17 User participation needed in design and testing—Once the executive committee or change control board has approved a change or enhancement to HRIS, user participation continues to be necessary for system design and testing. User participation in system design reduces the risk that a project change will fail to accommodate the users. Although the Department involved users in the early stages of the HRIS system design and in the development of some Phase 2 features, the Department has not involved users in the design of approved changes or enhancements to the system. User participation is also critical for system testing and acceptance. Typically, information technology projects use a testing methodology to ensure a system change or modification operates as designed. Such methodologies rely on system users to perform testing and to sign off that the application is operating properly before the change is introduced into the “live” processing environment. An independent testing/quality assurance function is standard industry practice to add independence to the process. However, the Department has recently identified some concerns with its testing methodology. For example, the Department lacks a formalized testing methodology and individual test plans, inadequately documents test results, and has dedicated insufficient resources to ensure acceptance testing processes are always followed. The Department has proposed various solutions to address these concerns. Additionally, while users participated in acceptance testing for Phase 1 of the system and the hiring gateway, users have not participated in acceptance testing related to user requests for changes or enhancements to the system. Members of the HRIS project team have performed and signed off on these test results on the users’ behalf. Therefore, the Department should ensure that it addresses the concerns with its testing methodology and that users participate in all phases and at all levels of acceptance testing. State of Arizona page 18 Recommendations 1. The Department, in collaboration with the user community, should develop a comprehensive plan to direct the completion of the HRIS system. This plan should specify the goals and objectives for completing the project, and the remaining functions to be implemented; and identify a process for addressing user requests for system features and changes, and the funding, staff resources, and time frames for completing the system’s remaining functions and fully implementing the system. 2. The Department should follow its process for formally assessing the impact of requested system changes and for approving their implementation and priority on the list of items awaiting action. 3. The Department should continue to address the concerns with its acceptance testing process, including developing a testing methodology, individual test plans, and documenting test results. 4. The Department should enhance user participation in the HRIS project by: a. Following through with its plans to involve users in the development of a comprehensive plan to direct the completion of HRIS; b. Establishing documented processes by which the executive committee obtains, considers, and takes action on user input regarding overall project policy, and by which the project team obtains user participation and approval at critical project phases; c. Including users in the process for prioritizing system changes; and d. Involving users in all phases of system design and acceptance testing. Office of the Auditor General page 19 State of Arizona page 20 Planned changes should improve procurement oversight, but more can be done The Department’s planned changes to state procurement practices provide a good foundation for improving oversight, but they can be further enhanced. While Arizona spends billions of dollars annually on purchased goods and services, the Department has historically performed minimal state-wide oversight as to the quality and appropriateness of procurements. However, the Department’s Value in Procurement (VIP) effort, with a focus on achieving cost savings through contracts used by multiple agencies, should increase oversight of these procurements. Additionally, the Department has reorganized its procurement functions to place greater emphasis on development of procurement policies and oversight of state agency procurement activities. In conjunction with these changes, the Department should develop policies for contract administration and study methods to capture and report basic data on state contracting activity. Department’s procurement oversight has been insufficient Despite the billions of dollars that the State spends annually on the purchase of goods and services, as well as a history of documented problems in procurement, the Department has performed minimal oversight of state agency procurement, and its State Procurement Office (SPO) has served mainly as a state-wide contracting center.1 Specifically, while the Department 1 In January 2005, the Department created a new program, Enterprise Procurement Services, which, in addition to several new functions, performs the activities formerly performed by the State Procurement Office. Office of the Auditor General page 21 FINDING 2 Procurement encompasses the following functions: Planning—Includes needs assessment, research of market conditions and technological advancements, and gathering financial information for cost-benefit and other analyses. Solicitation—Development and public release of a document specifying the goods or services sought. Evaluation and Award—Process in which bids or proposals are rated for quality and ability to fulfill organizational needs. Contract Development—Developing the written legal agreement that specifies the goods or services to be provided, price and payment provisions, and vendor delivery and performance requirements. Contract Administration—Ensuring that contract terms are met by the vendor from award to close of contract. delegates its procurement authority to several state agencies, it has performed little or no oversight of these agencies’ procurement practices. The cost of poor contracting—A significant portion of Arizona’s annual budget is spent on the procurement of goods and services. While data is not available regarding the total expenditures that the State makes through procurement, a procurement official estimated that state, federal, and other funds expended under contract exceeded $6 billion in 2003. The State Comptroller, who reviewed this estimate, suggested that this figure appeared to be conservative. However, recent Auditor General audits revealed that poorly planned and executed procurements have occurred and may have led to significant loss or waste of taxpayer money. For example: A January 2003 Auditor General report found that the Government Information Technology Agency entered into a $30.6 million dollar contract without using procedures to ensure the contract was necessary or reasonable (see Report No. 03-01). The procurement had multiple problems, including a lack of funding, planning, stakeholder input, legal review, and contract management provisions. A 2001 Auditor General report found that the Department of Corrections’ poor planning and contract management led to a cost overrun of $5.8 million on an information system contract, over twice the $2.5 million budgeted (see Report No. 01-18). Department has performed few oversight functions—Despite the potential costs of poor procurement practices, the Department has performed little oversight of state agency procurement activities. The Department’s State Procurement Office had primarily functioned as a state-wide contracting center, conducting procurements of state-wide goods and services and agency-specific procurements. The majority of SPO staff, 15 of its 25 filled positions, performed or supported direct contracting activities. In addition to the contracting activities, SPO provided some oversight, including offering procurement training; reviewing agencies’ use of sole source and emergency procurements that are not competitively bid; and reviewing agencies’ procurement policies, practices, and staff credentials prior to granting increased delegation authority. What oversight SPO provided was limited and had significant gaps. For example, statute designates the department director as the central procurement officer for the State, responsible for procuring or supervising the procurement of all materials, services, and construction needed by the State. According to statute, the department director can delegate procurement authority to state agencies. While SPO would conduct a review of an agency’s procurement policies, practices, and staff credentials prior to increasing the agency’s delegated authority, many of the State’s largest agencies have never been reviewed. Instead, according to a SPO administrator, 12 of these agencies have had unlimited authority since the current State of Arizona page 22 procurement code was adopted in 1985. As of November 2004, 20 state agencies have delegated authority of $100,000 or more to procure goods and services (see text box).1 Fourteen of these 20 agencies have unlimited authority and can enter into multi-million dollar contracts without outside review or approval. Procurement reforms will help improve oversight Arizona has identified procurement as an area for government reform. Through its Value in Procurement (VIP) effort, the Department and the state agency procurement community have designed a new model for state contracting that will increase the number of multi-agency procurements. In addition to planned cost savings, this model should also increase oversight. New model better leverages State’s purchasing power—The Governor’s Efficiency Review (ER) identified procurement as a major area for state-wide reform. Specifically, it identified the fact that the State could realize savings if state agencies purchased collectively, leveraging state purchasing volume to attain reduced pricing. For example, instead of many individual agencies contracting for the same goods or services, such as janitorial supplies or financial services, the ER recommended that state agencies should procure collectively, benefiting from the price discounts that would result from higher purchase volumes. In response to this recommendation, the Department and procurement officers from state agencies began the Value in Procurement effort in July 2004. The VIP team has developed a new model for state contracting in which one state agency will serve as the strategic contracting center for the procurement of a particular good or service. Other state agencies that need this good or service will then rely on the contract. The Department has estimated savings of $29 million to $34 million in fiscal year 2006 in state, federal, and other funds from using this procurement approach. Table 4 (see page 24) provides examples of several of the first state-wide contracts to be awarded under the new model. New contracting model should increase oversight—Because the model increases the number of contracts used by multiple state agencies, it should provide increased visibility for contracts previously developed in isolation. Specifically, since the contracting agency will need to accommodate the needs of multiple agencies, state agencies will work collaboratively under the new model, overseeing one another The Department is implementing a new procurement model. The Department has not reviewed procurement practices of several state agencies with unlimited procurement authority. 1 Most other state agencies have delegation authority of either $10,000 or $35,000 and must have SPO conduct any procurements exceeding these amounts. Some state agencies are exempt from the state procurement code and department authority, including the universities and legislative agencies. Office of the Auditor General page 23 Agencies Delegated Procurement Authority of $100,000 or Higher Delegation Amount—Unlimited Administration, Department of Arizona Health Care Cost Containment System Commerce, Department of Corrections, Department of Economic Security, Department of Emergency and Military Affairs, Department of Environmental Quality, Department of Game and Fish Department Health Services, Department of Juvenile Corrections, Department of Parks Board, Arizona State Public Safety, Department of School Facilities Board Transportation, Department of Delegation Amount—$250,000 Education, Department of Retirement System, Arizona State Veterans’ Services, Arizona Department of Delegation Amount—$100,000 Coliseum & Exposition Center Lottery, Arizona State Revenue, Department of and increasing the likelihood that procurement best practices will be used. For example: The planning and needs assessment phase of a procurement is unlikely to be omitted since other agencies’ requirements must be considered. Procurement officers auditors interviewed indicated that currently this phase of procurement may be abbreviated or dropped due to time constraints and workload pressures. Evaluations of contract proposals are likely to be conducted by procurement representatives of multiple agencies. Because the procurement representatives from the various agencies may scrutinize proposals more carefully to ensure their own agency requirements are met, the evaluation process may improve overall—better ensuring that proposals meet the specified requirements and provide the best value for the State. Reorganization will increase oversight In addition to changing the way state agencies perform procurements the Department has reorganized its procurement organization to enhance its oversight role. Specifically, in January 2005, the Department established a new procurement program, Enterprise Procurement Services, that includes an oversight group that will issue a policy and procedure manual to guide procurement activities and conduct regular reviews of the procurement practices of agencies with high levels of State of Arizona page 24 Table 4: Examples of Planned Procurements As of April 2005 Strategic Contracting Center Item Other Agencies Using Contract Estimated Award Date Department of Commerce Grant writing services All agencies needing the service Complete Department of Transportation Automotive parts Departments of Administration, Corrections, and Game and Fish Complete Arizona Health Care Cost Containment System Physician services Departments of Corrections, Economic Security, and Health Services July 2005 Department of Administration Commercial flooring All agencies needing flooring August 2005 Source: Auditor General staff analysis of information provided by the Arizona Department of Administration and the Value in Procurement strategic contracting center committee. delegated procurement authority. Further, proposed administrative rule revisions will increase oversight of agency procurements. Department created oversight unit—As part of the VIP planning effort, the Department formed several committees to review possible improvements to state procurement. One of these committees reviewed the role and functions of SPO and recommended its reorganization, including an increased focus on procurement oversight. In the new organization, Enterprise Procurement Services will consist of an operational group and a policy and oversight group. The operational group will conduct agency-specific procurements and serve as the strategic contracting center for several types of purchases, such as office supplies and information technology. The oversight group will include a best practice and compliance unit that will focus on oversight of state agency procurement activities. According to department plans, this unit will have a staff of three with a manager. While these plans were not formulated in time to be reflected in the Department’s fiscal year 2006 budget request, the Department has identified options to fund three of the four positions internally, with funding for the fourth position to be part of the fiscal year 2007 budget request. Plans for state-wide policy and procedure manual—One of the responsibilities of the best practice and compliance unit will be to develop a policy and procedure manual. The Department can improve oversight and foster more consistent procurement practices among state agencies by developing an internal procedure manual for use by procurement staff state-wide. Contracting personnel in both SPO and state agencies expressed the need for such a manual. Although the State Procurement Code and the State of Arizona Accounting Manual detail the legal and regulatory requirements for procurement, neither provide contracting personnel with detailed instructions on how to conduct key procurement processes. For example, a procedure manual could provide guidance on whether a particular procurement requires a needs assessment and/or market research prior to solicitation. It could also provide guidance on the development of the scope of work, which is the primary description of the goods and services upon which a vendor constructs a bid or proposal. Likewise, the procedure manual should detail how to develop and document a methodology to evaluate vendor proposals and provide examples of evaluation methodologies for different types of procurements, such as human services or information technology. Other states that auditors reviewed had detailed manuals of this type available through their Web sites.1 For example, the State of Washington’s procurement manual includes a chapter discussing best practices in key procurement processes. Further, the National Association of State Procurement Officials identifies the The planned policy and procedure manual should provide needed guidance to state agencies. The Department plans to increase oversight of state agency procurement activities. 1 California, Florida, and Washington were selected for review because these states, similar to Arizona, delegate procurement authority to various agencies and are implementing procurement improvements or reform efforts. Office of the Auditor General page 25 publication of both a policy manual and an internal procedure manual as a responsibility of the central purchasing authority.1 Conducting reviews of agency procurements and contracts—The Department also plans to conduct best practice reviews of agency procurements, focusing on agencies with high and unlimited delegated authority. As of December 2004, the Department had not yet defined what these reviews would encompass, but they might examine such things as whether solicitations generated a sufficient number of qualified bidders, whether proposal evaluation criteria was appropriate and fair, and whether vendor evaluation mechanisms were established in the contract. According to the State Procurement Administrator, each of the 20 agencies with delegated authority of $100,000 or more could undergo a review every 3 years. The administrator indicated that existing compliance reviews conducted by the Department’s General Accounting Office (GAO) and the Auditor General provide an appropriate level of oversight for the other agencies.2 However, these reviews focus only on legal compliance and do not consider such factors as procurement value, quality, and use of best practices. Therefore, as time and resources permit, the Department should develop a plan for conducting reviews of a random sample of procurements annually to assess these additional, important factors. This would enable the Department to review whether the procurement activities of other state agencies are following best practices as well. Providing public notice of noncompetitive procurements—The Department, with the assistance of several agency procurement officers, is completing a second draft of administrative rule revisions for submission to the Governor’s Regulatory Review Commission in April 2005. As part of this rule revision package, the Department has proposed a requirement that the State post planned sole-source procurements on the Enterprise Procurement Services Web site for 5 days prior to awarding a contract, making them available for public and vendor review prior to proceeding with the sole-source procurement. Sole-source procurements are those where a single vendor has been identified to provide the good or service and therefore, will not be competitively bid. However, by requiring that these planned sole-source procurements be posted on the Web site prior to award, additional vendors may be identified, which might result in a competitive procurement process. In effect, this rule revision offers the opportunity for greater oversight of sole-source procurements to help ensure they are justified and that other vendors do not exist that can potentially provide the requested good or service. The federal government, Florida, and California require public notification of sole-source procurements. In fact, a purchasing official from California expressed the belief that agencies were less likely to conduct unjustified, noncompetitive procurements if required to publicly post the procurement. The Department plans to require proposed sole-source procurements to be posted on its Web site prior to award. 1 The National Association of State Procurement Officials. State and Local Government Purchasing Principles and Practices, 5th edition Lexington: The National Association of State Procurement Officials, 2001. 2 Both GAO and the Auditor General conduct procedural compliance reviews of state agency procurements on a multi-year review schedule. State of Arizona page 26 Additional oversight mechanisms can benefit state procurement In addition to its plans for improved oversight, the Department should take other steps to better oversee state-wide procurement. These steps include issuing guidelines on contract administration practices and exploring various options for capturing and using data on state-wide procurement and contracting activity. Policies and procedures should address contract administration— State procurement practices lack proper emphasis on contract administration. Procurement staff and officials auditors interviewed identified contract administration as a particularly weak area in state procurement. Contract administration or management refers to the task of ensuring that contractors deliver the contracted goods and/or services within the specified time frame. For the purchase of certain commodity items, contract administration may be straightforward and may not consume significant staff hours. In contrast, the contract administration responsibility for a $30 million information system contract may be much more complex and time consuming. However, neither the procurement code nor the few policies SPO has issued in the past provide guidance to state agencies for appropriate oversight and administration of their contracts. As a result, multi-million dollar state contracts may have few or no established procedures for contract management to help ensure that vendors satisfy the contract’s terms and conditions. The state of Florida and the federal government have various requirements for contract administration. Specifically, Florida statute requires that contracts for services have appointed contract managers. In Arizona, improved contract administration might lead to cost savings for the State. For example, in 2002 and 2003, the Department identified that the State was over-billed by more than $2 million under its telecommunication contracts with Qwest and AT & T. While the Department reports that it has recovered these monies, inadequate contract administration— specifically, not reviewing vendor billings against contract terms and pricing—led to this problem. Therefore, as part of its development of a state-wide policy and procedure manual, the Department should also develop appropriate policies, procedures, and/or guidelines for contract administration. In doing so, the Department should consider defining the duties of a contract administrator; developing appropriate contract language for the scope of work and deliverables to facilitate contract administration; how vendor performance should be evaluated and shared with other agencies; and a possible requirement that contracts exceeding a certain dollar amount have an appointed contract administrator, possibly depending on the complexity or dollar amount of the contract. Greater emphasis is needed on contract administration. Office of the Auditor General page 27 Study alternatives for compiling contracting data—The Department lacks basic information needed to oversee and gauge improvement in state procurement activities. For example, the Department does not collect information related to how much the State spends each year under contract, the number of contracts that each state agency has entered into, the volume of transactions and dollars spent in various categories of goods and services and how this changes from year to year, the number of contracts procured competitively and noncompetitively, and the amount of state investment in procurement and contracting activities. Although the Department’s Arizona Financial Information System (AFIS) is capable of capturing the information needed to track contracting activity, the system has not been used for this purpose; consequently, agency business processes are not in place to support this use. For example, most state agencies do not have business processes in place to set up contracts on AFIS, and then tie the payments to a contract number. Because data on contracting activity is critical to assessing and analyzing state procurement practices, the Department should study the costs and benefits of different methods to obtain data, two of which are discussed below. Use AFIS to capture contract data—While AFIS has the capability to capture contracts and link vendor payments to the appropriate contract, it may be costly for the State’s large agencies, such as the Departments of Transportation and Economic Security, which only submit summary financial data to AFIS, to set up all their contracts in this system. Smaller state agencies, on the other hand, may be able to use AFIS. The Department could consider requiring those agencies with independent financial systems to report on their contracting activity, while using AFIS to capture contract data for other agencies. However, according to AFIS system administration, there would be several costs associated with implementing the contracting capabilities in AFIS, such as developing system edits and a statewide contract numbering scheme, testing AFIS contracting capabilities, and developing new software programs to extract contract activity reports. Integrate purchasing system with AFIS replacement—The Department plans to conduct a study to evaluate the State’s current capabilities and long-term needs for state-wide financial computer systems. According to the State Comptroller, this study will consider a replacement for AFIS and other major agency financial computer systems. The capability to collect and report contracting data and information will also be considered. Some department officials have indicated that a new purchasing system should be a component of a new financial system, as opposed to a separate information system that would require subsequent integration with a financial/accounting system. The Department plans to study these issues during 2005 and present study results to the Legislature in fiscal year 2006. The Department should explore options for collecting contracting data. State of Arizona page 28 Recommendations 1. The Department should continue with its plans to develop and implement a state-wide procurement policy and procedure manual that will not only contain policies and procedures for procurement within Arizona’s regulatory framework, but also provide guidance and examples of best practices in key procurement processes. 2. The Department should continue with its plans to implement a process, policies, and procedures for conducting reviews at least once every 3 years of the procurement practices of state agencies with delegated procurement authority of $100,000 or more. 3. In conjunction with its reviews of state agency procurement practices and as time and resources permit, the Department should annually review a random sample of individual procurements. 4. As part of its effort to develop a procurement policies and procedures manual, the Department should develop and implement policies, procedures, and/or guidelines for contract administration. 5. The Department should conduct a cost-benefit study of various options to determine the best approach for collecting and analyzing needed data on state contracting activities. Potential options for study include: a. Using the current capability that exists on the Arizona Financial Information System (AFIS) to collect basic contracting information. b. Identifying a new financial/accounting system to replace AFIS that has a procurement/contracting component with the ability to collect the desired contracting data. Office of the Auditor General page 29 State of Arizona page 30 Department can improve its workers’ compensation claims process The Department can improve its workers’ compensation claims process to help ensure that state employees who are injured while at work promptly receive benefits. The Department, through its workers’ compensation unit in the Risk Management Office, is responsible for processing workers’ compensation claims and determining eligibility for benefits. However, injured workers may experience delayed benefits because they do not fully understand their responsibilities for filing a claim. To reduce delays, Risk Management should better educate workers about the workers’ compensation claims process. Other changes to Risk Management policies and procedures for claim processing and supervisory review may further reduce delays and help ensure that claims are appropriately processed. Workers’ compensation claims process The State of Arizona provides benefits to state employees for injuries arising out of and in the course of employment. The State provides this coverage through self-insurance and paid $19.2 million for workers’ compensation claims during fiscal year 2004, covering the costs of medical treatment and lost wages for injuries incurred by state employees with work-related injuries. Table 5 illustrates the number of claims submitted and dollar amount of claims paid in fiscal year 2004. The Risk Management Workers’ Compensation Unit administers claims according to laws governing both public and private employers Office of the Auditor General page 31 FINDING 3 Table 5: Workers’ Compensation Claims and Payments For the Year Ended June 30, 2004 Type of Claim Number of Claims Submitted Payments in Millions1 Medical only 2,628 $ 2.3 Wage loss and medical 448 11.2 Long-term care 25 5.6 1 These are the payments made during the year, regardless of when the claim was submitted. Source: Auditor General staff analysis of the fiscal year 2004 workers’ compensation frequency and severity table prepared by Risk Management. and rules and regulations established by the Industrial Commission of Arizona (Commission). As prescribed by A.R.S. §23-1061(A), a workers’ compensation claim must be filed with the Commission by the employee, or if resulting in death, by the parties entitled to compensation, within 1 year after the injury occurred or the right to the claim occurred. A claim is filed either through an employee’s report of injury or a physician’s report of injury documenting treatment of a work-related injury. Upon receiving a workers’ compensation claim, the Commission will notify Risk Management, which has to accept or deny the claim within 21 days of the Commission’s notification. If Risk Management fails to deny a claim within 21 days, an injured worker is entitled to immediate compensation as if the claim was approved. State employees often notify Risk Management when an injury occurs, making Risk Management aware of many upcoming claims even before they are filed with the Commission. Prior to accepting a claim, an investigation is typically needed to determine the cause and severity of the injury and its relationship to the course and scope of the employee’s job. Risk Management can begin processing a claim before receiving notification from the Commission. The employee can reopen a workers’ compensation claims at any time if there has been a change in the employee’s medical condition relating to the claim. Risk Management processes two categories of claims: (1) medical-only that request payment for all authorized medical care required to treat a work-related injury or illness, and (2) time-loss that request payment for medical care and lost wages that resulted from the injury or illness. An employee is entitled to payment for lost wages if more than 7 days are missed from work due to the injury. Risk Management could better communicate claim requirements Although Risk Management meets the statutory time frame for processing claims, it can better serve state employees by improving its communication of claim filing and processing requirements. Specifically, injured state employees may be unaware of their responsibilities for filing a claim with the Commission and can therefore experience delays in receiving claim benefits. To resolve this problem, Risk Management should better communicate the claims filing process, employees’ rights and obligations, and other information to state employees to help ensure that benefits are promptly processed. Injured workers may experience delays in claims payment—Even though Risk Management meets the 21-day requirement for processing claims, meeting this standard is not an effective measure of the total time that elapses between an employee’s injury and Risk Management’s decision. Auditors reviewed a random sample of 43 workers’ compensation claims submitted to Risk State of Arizona page 32 Management during fiscal year 2004. Risk Management accepted or denied 35 of these claims within 21 days of receiving notification from the Commission. Risk Management processed the remaining 8 claims without receiving Commission notification. However, considering the total time between an employee’s injury and Risk Management’s acceptance or denial of the claim, the results can be much different. Although statute requires the injured state employee to file a claim with the Commission, state employees may be unaware of the requirement, or some may rely on their physician to file an injury report with the Commission. As a result, weeks and even months could elapse between the time the injury occurs and the claim is formally filed. Because state employees often notify Risk Management when an injury occurs, Risk Management knew about all 35 claims prior to receiving formal notification from the Commission. For 17 of the 35 claims, Risk Management was aware of the injury at least 3 weeks before receiving the Commission’s notification. While Risk Management actually reviewed and approved 6 of these 17 claims prior to receiving the notification, it took between 32 and 145 days for Risk Management to either approve or deny the other 11 claims from the date they were initially made aware of the injury. Finally, even though injured employees may rely on their treating physician to notify the Commission, physicians are not reporting treatment of injured state employees to the Commission as required. According to administrative rule, the physician must submit a report of injury to the Commission within 8 days of treatment. However, auditor review of the 43 claims found that this requirement was met for only 8 of 39 claims where physicians submitted reports. Communication can improve benefit timeliness—Risk management can prevent unnecessary benefit delays by improving communication with injured employees. Risk Management has established an automated telephone number and Web site to facilitate the reporting of work-related injuries. However, while the Web site provides information related to workers’ compensation claim benefits, it provides limited and somewhat difficult-to-find instructions on how to file a claim and the need to report work-related injuries to the Commission. Additionally, Risk Management’s automated phone system does not provide instructions to employees on how to proceed with a claim. Risk Management should take steps to ensure injured employees clearly understand the workers’ compensation claims process and their rights and responsibilities in this process. Specifically, through its automated phone system and Web site, Risk Management should clearly explain the workers’ compensation claims process, actions that injured employees are required to take to file a claim, and the information and reports that Risk Management needs to process a claim. For example, the automated phone system could inform the injured employee that while Risk Management will take a report of injury, the employee must file a claim with the Risk Management should better inform injured employees of their rights and responsibilities. Risk Management is often aware of claims before receiving the Commission’s notification. Office of the Auditor General page 33 Industrial Commission and that it is the employee’s responsibility to ensure that his or her physician submits a report of injury to the Commission. Similarly, Risk Management’s Web site should inform the injured employee of the importance of filling out a report of injury when treated by a physician, requesting that the physician immediately send reports to the Industrial Commission and Risk Management, asking all providers to send reports to Risk Management, and keeping adjusters informed of their work status. The State Compensation Fund of Arizona, which is the largest provider of workers’ compensation insurance in the State, uses its Web site to describe the claims filing process and how an injured employee can help process his/her claim in a prompt manner. The Fund’s Web site also provides additional information that will help the employee facilitate the claims process, such as instructions for the employee to sign his/her name as it appears on the payroll check, requesting that physicians immediately send required reports to the Commission, and keeping adjusters informed of their current mailing address. Additionally, as of March 1, 2005, Risk Management established and filled a customer relations coordinator position. In addition to other responsibilities, this position will serve as the central point of contact for providing information to and responding to questions from state employees and agencies. Enhanced policies and procedures should aid claims processing Enhanced policies and procedures for processing workers’ compensation claims should also help ensure that benefits are provided in a timely manner and help ensure more effective use of resources. While Risk Management recently adopted policies and procedures for its workers’ compensation claims process, it should establish an additional procedure to promptly identify injured employees who have missed more than 7 days of work and monitor its revised supervisory review policies. Risk Management should also take steps to help ensure state agencies provide information on injured employees within the required time frame. Finally, Risk Management can better monitor the claims process by improving its data and developing additional management reports. Newly adopted claims procedures need further revisions—In April 2005, Risk Management finalized and adopted policies and procedures for its workers’ compensation claims process. Although these have been finalized, Risk Management should adopt procedures for promptly identifying time-loss claims, and should monitor the implementation of its revised supervisory review procedures. Specifically: State of Arizona page 34 Promptly identifying time-loss claims—Risk Management can better serve injured employees by adopting procedures to promptly identify time-loss claims. During the audit, Risk Management revised the questions it asks injured employees when they report an injury. Specifically, injured employees are prompted to call another telephone number if they have missed or anticipate missing more than 7 work days. However, since reports are usually made shortly after |
