JPA

wave_dodger

MIA
Book Reviewer
#3
The problem isn't just a JPA problem, anyone remember the Writer from Collingwood (If I recall correctly) who stole thousands from the imprest account and did a runner because he thought he was dieing?

The problem is even with the best protected systems with lots of safeguards those trusted as administrators have a lot of scope for mischief.

I suspect the JPA system auditing and the scrutiny applied to HR staff will be increased as a result of this. I don't see it as the earth shattering news, though no doubt some will.
 

FlagWagger

GCM
Book Reviewer
#4
wave_dodger said:
The problem is even with the best protected systems with lots of safeguards those trusted as administrators have a lot of scope for mischief.
Agreed - however, the system should be better designed to reduce or ideally remove "single points of failure" that put people in a position where they have a suitable temptation to breach their trust. In this case, two people were tempted and have paid the price - will there be any remedial action applied to the system to prevent others being put in this position or will it simply be a case or more stringent checks? Its far better to remove the source of the problem than putting in barriers to detect wrongdoing.

wave_dodger said:
I suspect the JPA system auditing and the scrutiny applied to HR staff will be increased as a result of this. I don't see it as the earth shattering news, though no doubt some will.
See above - speaking as a systems engineer, removal of the cause is far better than detection of the problem.
 

sgtpepperband

War Hero
Moderator
Book Reviewer
#6
Edited: Apologies - I read a different link, that had not published the finding of the case, which is no longer sub judice.

:thumbleft:
 

witsend

MIA
Book Reviewer
#8
Nothing new, you read about bank workers doing the same thing all the time. Now the MP's who have managed to get away with fraud is another matter.
 

wave_dodger

MIA
Book Reviewer
#9
FlagWagger said:
wave_dodger said:
The problem is even with the best protected systems with lots of safeguards those trusted as administrators have a lot of scope for mischief.
Agreed - however, the system should be better designed to reduce or ideally remove "single points of failure" that put people in a position where they have a suitable temptation to breach their trust. In this case, two people were tempted and have paid the price - will there be any remedial action applied to the system to prevent others being put in this position or will it simply be a case or more stringent checks? Its far better to remove the source of the problem than putting in barriers to detect wrongdoing.

wave_dodger said:
I suspect the JPA system auditing and the scrutiny applied to HR staff will be increased as a result of this. I don't see it as the earth shattering news, though no doubt some will.
See above - speaking as a systems engineer, removal of the cause is far better than detection of the problem.
The system, in terms of auditing and security enforcing functionality is the same as all Oracle HRMS implementations. I guess its hard to defeat/prevent two admins operating in tandem who are working to defraud the system.
 

FlagWagger

GCM
Book Reviewer
#11
wave_dodger said:
The system, in terms of auditing and security enforcing functionality is the same as all Oracle HRMS implementations. I guess its hard to defeat/prevent two admins operating in tandem who are working to defraud the system.
Er... no, actually. How the system is deployed will determine where audit and security can be enforced. For example, my current company uses Oracle for expenses with user management being controlled centrally - local admins can't therefore create phantom user accounts for claims or authorisation purposes. The problem with the JPA installation is that central control of users would not work and has to be devolved to "trusted" users around the fleet.
 
Thread starter Similar threads Forum Replies Date
D Diamond Lil's 8
M The Quarterdeck 20
S The Fleet 147

Similar threads

Latest Threads