JPA

Discussion in 'Current Affairs' started by FlagWagger, Jan 22, 2010.

Welcome to the Navy Net aka Rum Ration

The UK's largest and busiest UNofficial RN website.

The heart of the site is the forum area, including:

  1. FlagWagger

    FlagWagger Book Reviewer

  2. Tip of the iceberg.
     
  3. wave_dodger

    wave_dodger War Hero Book Reviewer

    The problem isn't just a JPA problem, anyone remember the Writer from Collingwood (If I recall correctly) who stole thousands from the imprest account and did a runner because he thought he was dieing?

    The problem is even with the best protected systems with lots of safeguards those trusted as administrators have a lot of scope for mischief.

    I suspect the JPA system auditing and the scrutiny applied to HR staff will be increased as a result of this. I don't see it as the earth shattering news, though no doubt some will.
     
  4. FlagWagger

    FlagWagger Book Reviewer

    Agreed - however, the system should be better designed to reduce or ideally remove "single points of failure" that put people in a position where they have a suitable temptation to breach their trust. In this case, two people were tempted and have paid the price - will there be any remedial action applied to the system to prevent others being put in this position or will it simply be a case or more stringent checks? Its far better to remove the source of the problem than putting in barriers to detect wrongdoing.

    See above - speaking as a systems engineer, removal of the cause is far better than detection of the problem.
     
  5. One of those bright sparks was on our Squadron. He raised suspicions when he bought a house, then 1 week later turned up to work in a brand new BMW!
     
  6. sgtpepperband

    sgtpepperband War Hero Moderator Book Reviewer

    Edited: Apologies - I read a different link, that had not published the finding of the case, which is no longer sub judice.

    :thumbleft:
     
  7. Surely if they've been sentenced it's not sub judice?

    A question - not an argument I hasten to add :)
     
  8. witsend

    witsend War Hero Book Reviewer

    Nothing new, you read about bank workers doing the same thing all the time. Now the MP's who have managed to get away with fraud is another matter.
     
  9. wave_dodger

    wave_dodger War Hero Book Reviewer

    The system, in terms of auditing and security enforcing functionality is the same as all Oracle HRMS implementations. I guess its hard to defeat/prevent two admins operating in tandem who are working to defraud the system.
     
  10. Temptation(-Controls) x (Fingers + Pies) = S & S
     
  11. FlagWagger

    FlagWagger Book Reviewer

    Er... no, actually. How the system is deployed will determine where audit and security can be enforced. For example, my current company uses Oracle for expenses with user management being controlled centrally - local admins can't therefore create phantom user accounts for claims or authorisation purposes. The problem with the JPA installation is that central control of users would not work and has to be devolved to "trusted" users around the fleet.
     

Share This Page