CAG pulls up Odisha govt over poor implementation of OSWAS

The Comptroller and Auditor General (CAG) has pulled up the state government for failing to successfully implement the Odisha Secretariat Workflow Automation System (OSWAS) even after six years.
"The OSWAS failed to achieve its objective even after six years of implementation. All applications of OSWAS have not been implemented so far," the CAG report tabled in the Assembly by Finance Minister Pradip Kumar Amat said.
Stating that the state government had engaged Tata Consultancy Service (TCS) Limited to implement the system, the report said, "OSWAS had weak management controls and Business Process Re-engineering was not conducted, which created inefficiencies and inconsistencies in file management. Business Continuity and Disaster Recovery Plan was not framed."

The state-run Odisha Computer Application Centre (OCAC) could not exercise adequate control over database administration activities, the report said, adding that OSWAS was aimed at bringing in efficiency and effectiveness in its functioning in the state secretariat.
"The digital signature was partially implemented which failed to protect the integrity of notes created through OSWAS. The OSWAS has design deficiencies like incomplete administrator interface, non-provision for transfer/posting, ineffective session management, inconsistencies in reports and time stamping," the report said.
What shocked the CAG was the access controls were inadequate in OSWAS as files have been accessible to any user irrespective of department, post and confidentiality.

"User management was given to the vendor without any control of OCAC. OSWAS used outdated platforms making government business vulnerable. Several features in user interface were non-functional," it said.
As the OSWAS was found with "improper" design and non-implementation of secured sockets layer authentication system, the report said, "Security of the system was weak."
Though the OSWAS system was implemented to smoothen works in the state secretariat, CAG found usage of OSWAS was as low as 81 per cent and departments had created more than 50 per cent files, bypassing the OSWAS.