House seeks out Yatani to explain Ifmis loopholes

The National Assembly wants a thorough inquiry into the management and administration of Integrated Financial Management Information System (Ifmis) after claims that it is a conduit for loss of public funds through fraud and errors.

On Thursday last week, following a request by nominated MP Godfrey Osotsi, temporary Speaker Chris Omulele directed that Communication, Information and Innovation Committee to conduct an inquiry that will give way to a system audit.

Although Mr Osotsi had requested that the matter be handled by the House Committee on Finance and National Planning, Mr Omulele directed the Information Committee chaired by Marakwet West MP William Kisang, to conduct the probe.

“If we are losing money through the system then it is a very serious matter. The manner Osotsi has sought it, probably the Cabinet Secretary will just come and deliver a statement without questions being put to him. We want a proper inquiry and audit,” said Mr Omulele.


It is the nerve centre of accounting, recording and reporting and a critical information superhighway connecting the public financial management.

Mr Osotsi’s intervention to have a tamper-proof system comes after the Auditor-General’s 2016 special audit on the effectiveness of the system that covered the period of July 2010 to June 2014 recommended far-reaching measures to seal loopholes in it.

The audit report, sanctioned by the House Committee on Public Accounts Committee was based on scrutiny of documents, review of IT applications controls, review of the configurations of Ifmis systems, vendor contracts and surveys with Ifmis users across the country.

But, over four years later, and despite the audit report having been adopted by the House, the system still faces challenges.

This is on top of the millions of shillings spent by the government every year for the system upgrade and software licensing. There have also been allegations that the system has been hacked several times due to weak and inadequate internal controls, lack of a functioning audit trail and poor management of users’ rights.

This is aided by weak integration with other systems, weaknesses in data encryption, access by unauthorised users, negligence regarding basic system security procedure and non-existent data safeguards.

The special audit revealed that improper approval processes for creation of new system IDs, the capability to create duplicate supplier names in Ifmis with passwords that don’t expire may have led to security vulnerabilities exploited in the National Youth Service scams and others.

Credit: Source link