Audit Report 98-11

IMMIGRATION AND NATURALIZATION SERVICE
REFUGEES, ASYLUM AND PAROLE SYSTEM

Audit Report 98-11, (3/98)

TABLE OF CONTENTS

I.  ACCOUNTABILITY OF ALIEN IDENTIFICATION NUMBERS

II.  INTERFACES WITH OTHER INS SYSTEMS

III.  DATA INPUT CONTROLS

IV.  COMPUTER SECURITY

STATEMENT ON COMPLIANCE WITH LAWS AND REGULATIONS

APPENDIX - OBJECTIVE, SCOPE AND METHODOLOGY

Executive Summary

The Immigration and Naturalization Service (INS) implemented the Refugees, Asylum, and Parole System (RAPS) in 1991 to automate alien casework management. RAPS is designed to automate tracking of individuals seeking asylum, to control asylum and refugee applications, and to provide an efficient and effective asylum adjudication process. In 1994, the system gained greater visibility when it was redesigned to support the Commissioner's Asylum Reform initiative. As of 1996, RAPS implementation costs have amounted to almost $1.2 million.

The system operates from the Justice Data Center and can be accessed 24 hours a day from remote computer workstations at the four INS service centers and eight asylum offices. In addition, the system interfaces with other INS systems to identify and update alien address changes and to track alien files.

The objective of our audit was to determine whether RAPS satisfied user needs by automating the alien casework process and to assess management controls. We found that overall RAPS users surveyed indicated that the system satisfied user needs by automating the asylum casework process and the system reduced manual processing. However, we found the following management control deficiencies:

Alien file numbers were not always properly accounted for, permitting possible fraudulent record creation in RAPS using missing numbers.
System interfaces were not always effective, affecting the timeliness and reliability of information used for decision making.
Data input controls, although adequate at all INS service centers, were not adequate at asylum offices, diminishing the reliability of alien status reporting.
Computer security was not adequate, opening the system to internal and external attack, and loss of critical data.

Prior to the preparation of the report, we met with INS management to review our findings and recommendations. The report discusses conditions found, INS management comments, recommendations, and a status update regarding the action performed to close the recommendations. The details of our work are contained in the Findings and Recommendations section of the report. Our objective, audit scope and methodology are contained in the Appendix.

FINDINGS AND RECOMMENDATIONS

We found that RAPS satisfied user needs by automating the asylum casework process. Over two thirds of the surveyed users answered positively when asked whether RAPS automated their work, reduced manual work, and contained reliable data. We also found that data input controls were adequate at all INS service centers. We did, however, identify management control deficiencies in the areas of alien file number accountability, system interfaces, data input controls at the asylum offices, and computer security. These deficiencies occurred because INS personnel had either not developed or adhered to established guidelines and procedures.

I. ACCOUNTABILITY OF ALIEN IDENTIFICATION NUMBERS

INS assigns an alien identification number (A-number) to each new application for asylum. INS personnel obtain the A-number from a pre-numbered alien file folder and input it into RAPS. The A-number is unique to each alien record and is the primary RAPS data element. Consequently, INS personnel are required to control file folders to prevent fraudulent alien records from being created in RAPS. Federal regulations require that access to records and resources be limited to authorized individuals.

For two of four service centers and one of eight asylum offices, we found alien identification number accountability deficiencies including:

At the Eastern Service Center, INS personnel did not securely store and account for issued and unused alien file folders.
At the Western Service Center, the alien file folder log was not reconciled with file folder distribution sheets to ensure that the folders were properly accounted for.
At the Los Angeles Asylum Office, INS personnel maintained a log to track alien file folder distribution. However, the log indicated that no alien file folders had been tracked since 1995.

In our judgment, these deficiencies occurred because INS personnel did not adhere to established guidelines for accounting for and physically securing pre-numbered alien file folders. Effective accountability of alien identification numbers prevents INS personnel from establishing fraudulent records in RAPS.

INS Comments:

INS officials concurred and provided us with documentation showing the guidelines for accounting for and physically securing alien file folders. In addition, INS officials provided us with a copy of its INSpect Guide for Records Program dated February 1997, which is used by INS for reviewing the security of alien file folders. INS officials agreed that INS personnel should be reminded of these established guidelines and the importance of securing alien file folders.

Recommendation and Status

We recommend that the Commissioner, INS:

1. Ensure adherence to established guidelines for accounting for and physically securing alien file folders.

Closed. INS provided us with: (a) an INSpect Report, dated October 28, 1997, documenting a review of A-file folder accountability at the Western Service Center; (b) a schedule of future inspections, which includes a review of the Eastern Service Center; and (c) documentation demonstrating that established guidelines for accounting for and physically securing alien file folders had been communicated to appropriate INS personnel.

II. INTERFACES WITH OTHER INS SYSTEMS

RAPS interfaces with the Computer Linked Applicant Information System (CLAIMS)¹ and the Receipt and Alien File Accountability Control System (RAFACS).² RAPS interfaces with CLAIMS to identify and update alien address changes, and RAFACS to track alien files. Effective system interfaces depend on reliable data and effective electronic communications. Reliable data are ensured when organizations develop change management procedures to detect and correct changed or deleted data. Effective communications procedures ensure that data are transmitted promptly and that transmissions are verified. Federal regulations state that agencies reasonably ensure that timely and reliable information is obtained and maintained to assist decision making.

We found CLAIMS interface deficiencies with 26 of 144 transactions including:

20 CLAIMS alien address changes were incorrectly updated in RAPS.
Three alien addresses in CLAIMS did not match the addresses in RAPS.
Three cases in RAPS were closed when, in fact, CLAIMS indicated they should have been reopened.

We found RAFACS interface deficiencies including:

79 of 196 RAFACS alien records were not updated in RAPS.

In our judgment, the CLAIMS interface deficiencies occurred because INS had not developed change management procedures to detect and correct changed or deleted data. The RAFACS interface deficiencies occurred because INS personnel in the field did not adhere to established procedures to ensure that interfaced data are transmitted and received. Effective systems interfaces ensure that timely and reliable information is available to managers to make informed decisions.

INS Comments:

INS officials concurred and provided us with CLAIMS documentation showing the implementation of change management procedures to detect and correct changed or deleted data. Regarding RAFACS interface deficiencies, INS officials concurred that personnel did not adhere to established procedures. INS officials stated that the Local Area Network (LAN) administrators at the asylum offices are responsible for uploading RAFACS files. These administrators are contract employees whose duties are defined in their contract. INS officials agreed that INS' contract manager would send a reminder memorandum to the LAN administrators reemphasizing their responsibility to upload the RAFACS files.

Recommendations and Status

We recommend that the Commissioner, INS:

2. Develop change management procedures to detect and correct changed or deleted data.

Closed. INS officials provided us with the implemented change management procedures.

3. Ensure adherence by INS contract personnel to established procedures to ensure that interfaced data are transmitted and received.

Closed. INS provided us with a memorandum reminding contract personnel at the asylum offices to follow established procedures to ensure that interfaced data are transmitted and received.

III. DATA INPUT CONTROLS

Service Centers

INS service center personnel create initial records and alien files by inputting data into RAPS from the Form I-589, Application for Asylum. We tested data authenticity, completeness, and accuracy by comparing 4,704 randomly selected RAPS entries from the Form I-589 source document with downloaded data from the four INS service centers. The universe of data was broken down into eight individual populations representing each asylum office jurisdiction. For each of the sampled populations, we found an acceptable one percent error rate.³ We attributed the low error rate to effective operator data entry training, supervisory oversight, and unit quality control.

Asylum Offices

Asylum office personnel update RAPS data after conducting interviews with the asylum applicants. Data input controls require asylum personnel to ensure the accuracy and completeness of RAPS data by reviewing error and exception reports. Error and exception reports pinpoint data entry errors and missing data. Federal regulations require that reliable information be obtained and maintained, and that transactions be properly accounted for to prepare reliable reports.

We found asylum office data input control deficiencies including:

At all eight asylum offices, personnel were not reviewing exception reports to identify rejected data and ensure its correct re-entry.
At four of eight asylum offices, data input procedures were not consistently applied for entering data only after proper authorization. For example, managers at the four asylum offices were not informed when personnel created initial RAPS records and alien files. Whereas, at the remaining four asylum offices, managers required that clerks gain supervisory approval prior to entering a new record in RAPS.

In our judgment, these data input control deficiencies occurred because INS personnel did not adhere to established data input control procedures for asylum offices to review and follow up on RAPS database error and exception reports, and enter data only after proper authorization. As a result of control weaknesses identified in A-file folder accountability, data input controls at the asylum offices, and system interfaces, we could not determine data reliability once custody of the Application for Asylum is transferred from the service centers to the individual asylum offices. However, 86 percent of users surveyed in our user satisfaction survey stated that they thought that RAPS data were reliable. We also found that data entered at the service centers were 99 percent accurate. Effective data input controls prevent database and output report inaccuracies.

INS Comments:

INS officials concurred and stated they would send a memorandum to the asylum offices reminding personnel to review and follow up on exception reports and to require proper authorization before entering new records into RAPS.

Recommendation and Status

We recommend that the Commissioner, INS:

4. Ensure adherence to established data input procedures to: (a) review and follow up on RAPS exception reports, and (b) enter data only after proper authorization.

a. Closed. INS personnel provided us with documentation demonstrating that established procedures to ensure review and follow up on RAPS exception reports had been communicated to appropriate personnel.

b. Closed. INS provided us with documentation demonstrating that established procedures to enter data only after proper authorization were communicated to appropriate personnel.

IV. COMPUTER SECURITY

The goal of a computer security program is to protect critical data from unauthorized use, deletion, and modification. An effective computer security program includes informative and practical computer security and contingency plans, an analysis of the risks associated with operating the information system, and computer security training for users. Federal regulations require agencies to physically secure computer systems, prepare computer security and contingency plans, conduct risk analyses on critical computer systems, and provide initial and refresher computer security training to protect systems from internal and external attack, and loss of critical data.

For the four service centers and eight asylum offices tested, we found computer security deficiencies including:

Four asylum offices did not close or lock doors to the computer facilities.
One service center and one asylum office did not record access to their facilities.
Three service centers and six asylum offices did not prepare computer security plans.
Two service centers and three asylum offices did not perform risk analyses.
One service center and six asylum offices did not prepare contingency plans. In addition, two service centers and one asylum office were in the process of preparing contingency plans.
Six asylum offices did not provide initial and refresher computer security awareness training to their personnel.

In our judgment, the first two weaknesses occurred because INS had not followed established access control procedures. The last four deficiencies occurred because the Department of Justice had not developed and implemented effective computer security program guidance for its components, and monitored compliance. In a separate audit report, we recommended the Assistant Attorney General for Administration develop and implement effective computer security guidance for its components, and monitor compliance. Accordingly, we will offer no formal recommendation on these weaknesses. Effective computer security program guidance will provide INS with guidelines to develop and manage an effective RAPS computer security program.

INS Comments:

INS officials concurred and provided us with documentation containing steps to ensure that computer room doors are secured. INS personnel further stated they would send a memorandum to the appropriate offices notifying them of the security weaknesses and the corrective action required.

Recommendation and Status

We recommend that the Commissioner, INS:

5. Correct the access control weaknesses to ensure that: (a) computer room doors are closed and locked, and (b) access to its facilities is recorded.

Closed. INS personnel provided documentation showing that appropriate offices were notified of the security weaknesses and the completion of corrective action to ensure that computer room doors are closed and locked and access to facilities is recorded.

STATEMENT ON COMPLIANCE WITH LAWS AND REGULATIONS

The audit was conducted in accordance with generally accepted government auditing standards. We audited INS' system policies and associated operational procedures. In connection with the audit, and as required by the standards, we also tested transactions and records to obtain reasonable assurance with laws and regulations that, if not complied with, we believe could have a material effect on the INS' mission.

Federal security laws and regulations require agencies to establish controls assuring adequate security of information processed, transmitted, or stored in Federal automated information systems. The specific laws and regulations against which we conducted our tests included: (1) the Computer Security Act of 1987 (Public Law 100-235); (2) OMB Circular A-123, Management Accountability and Control; and (3) OMB Circular A-130, Management of Federal Information Resources.

The results of our tests indicated that for the Headquarters and field offices tested, INS did not comply with the laws and regulations referred to above in the areas of alien file number accountability, data input controls, system interfaces, and computer security. Compliance with laws and regulations applicable to the data reliability of RAPS is the responsibility of INS management. Based on our limited review, we considered the data in RAPS reliable and did not find errors that would preclude the use of the computer-processed data.

The Justice Data Center management is responsible for establishing and maintaining the overall computer security and control environment at the data centers. A recent Department of Justice Annual Financial Statement Report for Fiscal Year 1996 disclosed that general controls in place at the Department's Maryland and Texas data centers were not effective to adequately safeguard software programs and data such as RAPS from unauthorized access and modification.

Because of the materiality of noncompliance noted in this report, we cannot provide assurance that INS complied with the above-cited laws and regulations with respect to those offices not tested.

APPENDIX

OBJECTIVES, SCOPE AND METHODOLOGY

OBJECTIVES

The objective of our audit was to determine whether RAPS satisfied user needs by automating the alien casework process and was managed effectively. Specifically, we determined whether: (1) alien identification numbers were properly accounted for, (2) INS service center and asylum office data input controls were adequate, (3) interfaces with the Computer Linked Applicant Information Management System (CLAIMS) and the Receipt and Alien File Accountability Control System (RAFACS) were effective, and (4) computer security was adequate.

SCOPE AND METHODOLOGY

The audit was performed in accordance with generally accepted government auditing standards. However, we may not be considered to be completely independent of INS, as required by the standards, because INS has reimbursed us for work that pertained to INS fee-supported programs. The Office of Management and Budget and the Department of Justice (including the OIG, the INS, and the Justice Management Division) disagree with INS funding our work and are attempting to have the funds appropriated directly to the OIG. In FYs 1996 and 1997, the OIG received $5 million for fee-related audits, investigations, and inspections. The dollar amount funded approximately 14 percent of the total OIG staff positions. Nonetheless, we consider ourselves independent and do not believe that our reimbursement arrangements with INS have had any effect with regard to our conduct of this audit. We examined laws, policies, regulations, manuals, and memoranda; interviewed responsible personnel; and performed data integrity tests of RAPS data.

Our audit included reviews of the four INS service centers and eight asylum offices. The reviews focused on general and application controls. We randomly selected the records used to conduct our data integrity tests using audit software. The universe of data was broken down into eight individual populations. For each population, the software randomly selected and sampled 20-30 records. Each record contained 24 RAPS entries, for a total of 4,704. For each of the eight sampled populations, we found an acceptable one percent error rate. In addition, we interviewed approximately 80 employees at INS Headquarters and field offices. Finally, we conducted a survey to determine the level of satisfaction among 36 of 311 judgmentally selected RAPS users.

1 CLAIMS is a mainframe system that records and tracks cases for immigration benefits.

2 RAFACS is a local area networked system that tracks the location of alien files within designated offices.

3 This error rate applies only to initial record creation at the service centers. It does not apply to subsequent updates performed at the asylum offices where we found data input control deficiencies.

#####