Reengineering Beyond the Illusion of Control


Copyright 1996 CAUSE. From _CAUSE/EFFECT_ Volume 19, Number 2, Summer 1996,
pp. 38-44. Permission to copy or disseminate all or part of this material is
granted provided that the copies are not made or distributed for commercial
advantage, the CAUSE copyright and its date appear, and notice is given that
copying is by permission of CAUSE, the association for managing and using
information resources in higher education. To disseminate otherwise, or to
republish, requires written permission. For further information, contact
Julia Rudy at CAUSE, 4840 Pearl East Circle, Suite 302E, Boulder, CO 80301
USA; 303-939-0308; e-mail: jrudy@cause.colorado.edu


               REENGINEERING BEYOND THE ILLUSION OF CONTROL
                    by Elazar Harel and Greg Partipilo


ABSTRACT: UCLA has recently implemented an innovative computing system
based on radical post-audit and distributed security concepts. Rather than
automating standard manual processes, the University decided to eliminate all
pre-approval processes and decentralize access controls. The implementation
has resulted in significant cost savings, faster turnarounds, dramatic
cultural changes, and improved employee productivity.


The administrative processes of the University of California, Los Angeles,
have recently been transformed through the implementation of innovative
computing systems based on radical, new post-audit and distributed security
concepts. Like many other large public universities, UCLA has a long history
of relying on bureaucratic and inefficient administrative processes. The
recent State of California and University of California budget crises
provided University administrators with an incentive and a mandate to
reengineer, automate, and dramatically reduce costs.

Rather than implementing the standard industry method of
automating/replicating manual processes, UCLA decided to take a risky leap
toward eliminating all pre-approval processes and distributing access
controls to the operating department level. We have found that valuable time
and a significant amount of money were consumed by manual, or even
electronic, approval processes that were historically justified by
administrators for control reasons. These reasons have turned out to be an
"illusion of control," costing the University much more than the savings
they were supposed to produce. For example, due to the large volume of
transactions it has become impossible to verify or check paper signatures.
Similarly, traditional automated approval processes turned out to be almost
as clumsy and time consuming as the old manual methods.

In this new process, people who key in transactions, such as purchase orders
or personnel actions, are now empowered to fully perform their duties and
are accountable for the quality and correctness of the data. Electronic mail
messages containing a comprehensive view of the completed transactions are
automatically sent out to the people assigned the responsibility for
reviewing those actions. The key difference is that these reviews are done
_after the fact_, with the reviewers assuming the responsibility for taking
appropriate actions when and if necessary. Electronic logs of the
accountability structure and of all actions are kept online in a relational
database and are available to authorized users through a variety of search
engines. These logs have proven to be an electronic paradise for auditors
and other administrators who have always longed for access to such useful
information.


BACKGROUND: THE CULTURE

Over the past few years, the University of California has been facing
difficult challenges, which have seriously threatened its financial, social,
and economical stability. Financial support from the State of California to
the University has continuously declined, while competition among higher
education institutions (for students, private gifts, contracts, and grants)
has become fiercer. The successful unprecedented growth period of the '70s
and '80s has finally come to an end, and UCLA, being one of the largest UC
campuses, was not spared the consequences.

UCLA is a large enterprise measured by any economical terms. Its annual
budget is about $1.8 billion, with over 20,000 employees, 35,000 students, a
large teaching hospital, and numerous colleges and professional schools.
This Los Angeles campus is located in Westwood Village, spreading across 411
acres with over 150 buildings and structures.

Like many other universities, UCLA has developed over the years an
"impressive" cumbersome bureaucracy. Many rules and regulations were piled
on, based on complicated University, government, and state regulations. The
number of paper forms increased exponentially over time; that necessitated,
of course, a larger number of paper shufflers, more rules, and more forms.
Eventually, many University faculty and administrators became involved in a
spiraling paper-signing and -chasing ritual that complicated basic processes
and increased the cost of doing business. It was not uncommon to see paper
forms with fifteen (or more) signatures, and business transactions that took
several weeks to complete.

The culture that evolved as a result of these processes was quite
interesting. From a traditional audit perspective this seemed to be a
well-controlled and accountable process. After all, so many of the involved
parties signed the forms.

From a personal perspective, there seemed to be almost no accountability or
risk involved, since so many people signed the papers. One of the authors
still recalls his first days as a University director, when one of the
campus executives told him, "There's nothing to worry about; someone will
catch your mistakes or save you just in time."

Such a culture is obviously very dangerous and expensive, and encourages
mediocrity. It also promotes the public view of a bloated, inefficient,
government-supported bureaucracy that keeps wasting taxpayer money. Based on
our experience and on discussions with numerous colleagues, we believe that
this kind of a culture was, and still is, quite common in many other large
universities and even in large Fortune 500 companies.

As the financial belt started tightening, it became obvious that something
had to be done. The University had to cut costs and streamline its
processes. It also quickly became apparent that in order to be successful,
information technology needed to be a key ingredient of the prescribed
medication.


CONCEPTS: HOW RADICAL CAN WE BE?

Thus, a few years ago, UCLA embarked on a process aimed at a fundamental
restructuring of its administrative processes. The University's chancellor
unveiled a campuswide blueprint titled, "Transforming Administration at
UCLA," which called for dramatic cultural and organizational campus changes.
Key concepts included a shift to personal empowerment and accountability,
elimination of bureaucracy, and creation of appropriate incentives to
facilitate these changes.[1]

This was naturally easier said than done. Cultural transformation usually
takes a long time and requires an extensive top executive commitment. The
process, however, had begun, and first steps were taken to communicate the
challenges and issues.

Meanwhile, several of us started thinking about the potential steps that
could be initiated. Many of the issues at hand were quite obvious. However,
it was not clear how to remedy the situation and how to truly transform the
organization. As we started to review what other universities and companies
were doing, we quickly found out that the term "computerizing" was far from
synonymous with "streamlining." We saw numerous instances of taking a bad
manual process and merely automating it, resulting in a computer system that
did not save money or streamline the process. In a typical example, the
computerized form still requires numerous, now electronic, signatures, and
the process elapsed time is still long (sometimes even longer than manual
processes).

Interestingly enough, while these institutions were moving progressively
forward in their efforts to allow distributed processing of transactions,
they tended towards caution and conservatism when it came to proposing any
significant modifications to the associated security access and transaction
authorization controls. Basically, their design efforts tended to
electronically replicate the long-standing manual processes.

As a result, those institutions that had implemented online transaction
processing were not experiencing anticipated reductions in overall
processing time. This appeared to be due to three primary factors:

  1. System access needed to prepare online transactions, while being
     requested electronically, was still being reviewed and approved
     centrally.
  2. The transaction authorization process remained basically the same, with
     electronic pre-approvals replacing manual signatures.
  3. Since it was now "easy" to add individuals, routing paths, and new
     approval criteria, the number of electronic signatures often increased,
     further prolonging the desired purchasing, hiring, or other financial
     outcome.

After reading Hammer's now famous "Don't Automate, Obliterate" article[2 ] and
capitalizing on the experiences gained by others, we decided that it was
time to challenge these long-standing and well-accepted system access and
transaction authorization policies and procedures. As a first step, the
project team identified the core reasons behind the current internal control
practices: the central offices reviewing and granting access to systems were
only doing this because they alone had the system tools to do so. The
resulting time delays were unfortunate, since requests were seldom denied as
these central areas had no way of knowing the qualifications and
capabilities of the departmental staff. This resulted in an "illusion of
control" atmosphere, which had very little basis in reality.

The key reasons that the pre-authorization of transaction documents had been
put in place were for department managers to (1) ensure that only authorized
personnel were preparing transactions, (2) ensure the accuracy of recorded
information, (3) confirm the adequacy of available funding, (4) verify
compliance with special funding restrictions, and (5) monitor overall
departmental activity. However, as the volume of transactions increased over
time, this control became less and less effective. Better ways were needed
to meet these objectives.

With these findings, the project team then determined that UCLA's paperless
processing scenario could shorten overall processing times and provide fully
automated controls using a combination of new technical tools and revised
processing flows supported by modified policies and procedures. The specific
recommendations presented and adopted by UCLA management included:

   * Developing ASAP (Application System Authorization Process), a
     post-audit mechanism to distribute electronic mail notifications of
     completed financial transactions to prescribed department
     administrators to perform their reviews after processing, rather than
     before
   * Having ASAP provide an accessible and secure repository (audit file) of
     copies of all notifications forwarded to individuals performing the
     post-authorization reviews
   * Publishing written policy that clearly outlines the qualifications and
     responsibilities of individuals entering online transactions and those
     performing the post-authorization reviews
   * Developing DACSS (Distributed Access Control Security System), a new
     online tool that would allow departments the ability to grant system
     access to their staffs and designate transaction reviewers themselves
   * Writing new interfacing programs so applications could interact with
     DACSS to ensure that only authorized personnel could prepare online
     transactions
   * Building front-end edits (and exception reporting) into the application
     processes to help prevent department users from entering inaccurate
     information, expending money if budgetary funds are insufficient, and
     failing to comply with special funding restrictions


(Figure 1 not available in ASCII text version)


Preparers granted acccess by local DSAs now finalize transactions
before any significant reviews and audit take place.

These concepts turned out to be truly revolutionary. The idea that purchase
orders or personnel actions can be _initiated and finalized at the same time
and by the same person_ (see Figure 1) was very difficult for many people to
digest. This meant that staff would need to be empowered, trained, and
trusted to do their job, while those who used to sign the forms would have
to become accustomed to acting or reacting after the fact. It also gave the
word _accountability_  a whole new and very real meaning. Figures 2a, 2b, and
2c respectively present a graphic comparison between the old manual process,
its electronic replication (as implemented in many places), and the
reengineered post-audit approach developed and implemented at UCLA.


(Figures 2a, 2b, 2c not available in ASCII text version)


GAINING ACCEPTANCE: THE CONSULTATION PHASE

It was in the consultation phase that we began the legitimization process of
these concepts. First, we tried to make sure that we were not totally naive
or irrational. The core project group, which comprised financial managers,
internal auditors, and technologists, discussed the issues over and over
again, assessing different alternatives and solutions to the potential
problems.

When we were truly convinced that the ideas were good and feasible, we began
the second and most difficult task-communicating the concepts to the campus
community, conveying the risks and benefits, and ensuring proper support
throughout the implementation.

Several key factors contributed to the success of this process:

   * Having the most appropriate people right from the beginning of the
     conceptual stages, including the campus comptroller, budget officer,
     and key administrative computing staff. Especially critical was the
     presence and enthusiastic support of the campus internal auditors.
   * Strong team spirit and cooperation among the various involved campus
     offices. The team members were genuinely convinced that the post-audit
     approach was "the right thing to do." This was critical in order to
     stand up to pressure from fearful skeptics who viewed the concepts as
     "abandoning controls."
   * The creation and demonstration of prototypes of the proposed system to
     various University audiences. The ability to quickly build screens and
     present them to the users kept the momentum and enthusiasm going. The
     prototypes were continuously revised based on the feedback received.
   * Flexibility in rolling out the post-audit concept. It was extremely
     important to listen to and to analyze many concerns that were brought
     up during the consultation phase. Issues such as proper logging of all
     activities and technical certification of electronic mail systems,
     required proper attention and needed to be resolved promptly.
   * Timely development of policies regarding the qualifications and
     responsibilities of transaction preparers, reviewers, and security
     administrators. The subsequent training of the involved parties
     regarding these policies was also a critical success factor.


SYSTEM DESIGN

Both ASAP and DACSS were designed as core infrastructure systems. They
underline and interface with all other administrative computing systems
which are a combination of purchased and home-grown applications (e.g.,
purchasing, payroll, billing, and financial journals.) All system data are
stored in a relational database (DB2) and are available online to authorized
users through predefined screens or via ad hoc SQL queries.

The new paperless processing scenario at UCLA begins with local departments
defining their _accountability structure_, which delineates the personnel
responsible for processing and reviewing transactions. This step first
involves selecting a Department Security Administrator (DSA). In conjunction
with the chief administrative/financial officer, this person helps identify
those who will be entering and updating data (preparers) and those
responsible for reviewing these transactions (reviewers) foreach specific
online application. To ensure the integrity of the "check-and-balance"
control mechanism, the preparer and reviewer must be different individuals.
This accountability structure is then entered directly into DACSS by each
DSA; it is the "glue" that holds the entire system together.

The post-audit process is performed through two main avenues:

   * As transactions are finalized, electronic mail messages (a
     comprehensive view of each completed transaction) are generated by ASAP
     and are transmitted to the appropriate reviewers throughout the work
     day. At least one reviewer has to receive an electronic mail
     notification in order for a transaction to be completed. The campus
     policies state that the reviewer is accountable for reading the
     notification within two working days. The system, however, does not
     verify that the mail was actually read. The reviewers are identified
     automatically by the system based on the accountability structure
     stored in the DACSS database. This assures that notification messages
     are sent to the appropriate reviewers and that the transaction
     preparers cannot tamper with the process. The preparer has the option
     of copying additional people on the electronic mail messages (see
     Figure 3).
   * An audit log of all transaction and electronic mail messages is
     maintained and is available online. Authorized users can search the log
     based on numerous criteria (e.g., date ranges, identity of the
     preparer, transaction amount, account number, etc.) and are provided
     with a list of all transactions that satisfy these parameters.


(Figure 3 not available in ASCII text version)


BENEFITS AND LESSONS LEARNED: IT WAS WORTH IT!

The implementation of the post-audit and distributed access controls at UCLA
has been extremely successful. Almost all financial and payroll transactions
are now executed under the new paradigm by several thousand users in almost
300 departments. A recent audit conducted by the University external
auditors concluded:

     Our review found no major control weaknesses which would
     significantly impact either the University's MIS general control
     or the DACSS/ASAP control environment ... . With respect to the
     DACSS and ASAP systems and the process for preparing and reviewing
     online financial transactions, we believe the University is well
     ahead of its peers in its use of information technology to
     automate this process.

Processes that in the past took two to six weeks (or more) to complete and
that traversed numerous approval desks are now being completed in a matter
of seconds. Transactions that previously required four or more signatures
are now typically reviewed by only one or two people in a post-audit mode.

The number of transaction errors has been reduced dramatically, primarily
due to the increased awareness of personal accountability and to the edit
controls that were added to the various application systems (e.g.,
verification of account numbers, ensuring sufficient funds, etc.) For
example, one of our departments reported a decrease of monthly errors from
500 to 5! This, of course, significantly reduced the manual labor required
to detect, correct, and explain the mistakes. Needless to say, customer
satisfaction was also positively affected.

The systems allow for the delegation of financial management from central
authorities to operating units. Thus, instead of routing paper forms all
over campus for approvals before a transaction can occur, teams of preparers
and reviewers in the operating units can conduct transactions online.
Because of online processing, paper filing for purchases, personnel, and
financial transactions have been reduced by 80-90 percent, resulting in
staff time savings and regained office space.

Without top management and auditors' commitment to the concepts, it would
have been practically impossible to challenge the long-standing (and
traditional) security and approval practices. Also, the prototyping approach
was mandatory to effectively show the skeptics how the new controls are much
more effective than the old. Without such early demonstrative proof, it is
likely that the fear of "loss of control" would have persevered, causing
designers to "automate" in the old way. As can be seen from Figure 4, the
number of transactions generated by the purchasing, payroll, and transfer of
fund systems has significantly increased over the course of the
implementation process (migration from the old to the new process), thus
indicating the success and the users' "faith" in the post-audit review
philosophy.


Figure 4 not available in ASCII text version)

Training of users and executives proved to be one of the most important
factors affecting the success of the implementation. The internal audit
department, in coordination with other units, developed a comprehensive
training session that addressed critical issues such as the changes in
responsibilities, the accountability structure, and the use of the systems.

Although it is quite difficult to estimate the total cost savings realized
by the implementation of the post-audit methodology, it is clear that the
savings were substantial. An unofficial quick and very conservative
calculation shows that if a total of only five minutes of staff time were
saved for each transaction, _the campus has realized an ongoing annual saving
of at least 30,000 staff hours or about $600,000_ (number of transactions X
the time saved per transaction X average salary) due to the post-audit
process. These savings are realized in reduction of personnel or a shift of
resources to other activities. Significant additional savings were also
realized with the elimination of outside form data entry (more than $300,000
per year) and the decentralization of access controls (at least $100,000 per
year).

It is important to acknowledge the benefits of selecting electronic mail as
the mechanism for delivering the notifications to the reviewers. Our goal
was to build a process that would facilitate a quick delivery of the
notifications without inconveniencing the reviewers, who typically are busy
managers. Electronic mail was found to be the obvious choice-most people
were already using it and there was no need for system training on how to
use it. Additionally, this practically assured that reviews are performed in
a timely manner, since most people check their electronic mailboxes at least
once a day. The use of electronic mail also involves some calculated risk,
since it is not possible to verify that the review actually occurred
(reviewer may not have read the message or message may have not been
delivered). We addressed these issues by: (1) issuing a campus policy that
requires reviewers to check their electronic mail within two working days of
the transaction, and (2) implementing an automated process that alerts the
help desk on the occasional occurrence of undelivered e-mail.

An important shift in roles of central offices has resulted from the
implementation of the post-audit process. These offices, which used to
process transactions and play the "police" role, are now engaged in broader
corporate activities that include policy setting, departmental support,
training, and education.

Although it may be difficult to believe, there were only a few problems or
disadvantages resulting from the implementation of these concepts and
systems. The biggest challenge was addressing the skeptics who did not think
that such an approach is workable. The other was accepting the risk (and the
associated accountability issues) that some of the reviewers might not
perform their duties as defined by the policies. Our experience so far, two
years after the initial implementation, indicates that the process is
working remarkably well and that the campus community (4,000 users in over
300 departments) has made no overtures to return to the classic pre-approval
process.

The single, key factor that made this complex implementation successful is
not the technology, but rather the unprecedented cooperative relationships
between campus administrators, internal auditors, and the administrative
computing department. This unique partnership was required in order to
convince the University community that such changes are valuable,
achievable, and sensible.


IMPLICATIONS

The issues presented in this article can have significant implications for
other institutions that face similar problems. We believe that challenging
the traditional approval and access control processes can be valuable for
many organizations, not only throughout the higher education community, but
also across a large range of private and public industries. Following are a
few general guidelines that are based on our experience:

   * Do not shy away from radical concepts if they are believed to have
     significant value to the organization. With the right approach and good
     teamwork, it is possible to implement systems that may be considered
     unthinkable by many people.
   * Communicate the content and value of the new concepts throughout the
     organization. Radical concepts usually sound strange to people when
     first introduced. Continuous discussions and strong belief in the ideas
     are critical.
   * Employ prototyping tools to allow for quick adaptation of the system.
     These prototypes also serve as excellent communication tools that give
     skeptics the opportunity to "see" what the system does and how the
     concepts are implemented.
   * Be aware of the personal fears and political implications resulting
     from the recommended processes. It is very important to address those
     issues and identify acceptable alternatives without compromising the
     basic principles.
   * Develop and deliver the best possible training program. User training
     is crucial to the successful implementation of any system, but it is
     even more critical when processes are altered and responsibilities
     change.


SUMMARY AND CONCLUSIONS

The conceptualization and implementation of post-audit principles and new
distributed security practices at UCLA can have far-reaching implications to
institutions in numerous education and business sectors. This article
describes a complicated process that resulted in a fundamental cultural
change and significant cost savings using information technology tools.

To the best of our knowledge, UCLA was the pioneer in the implementation of
the post-audit philosophy, and the University of California is probably
still the only institution that has implemented this approach on a
large-scale production environment. This concept has proven to be successful
and has practically become a cultural "way of life" within just a few years.

We hope that the reader is able to identify with at least some of the
cultural and transformation challenges presented here. We believe that
comparable "illusion of control" situations can be found in practically
every business. Post-audit and distributed access control solutions may be
applicable to many of them.

Our journey toward a transformed University administration still has a long
way to go. It is clear that information technology will play an even greater
role in this challenging process. We hope to be able to continually
introduce innovative and extraordinary solutions.


=============================================================

ENDNOTES:

[1] Charles E. Young, "Transforming Administration at UCLA-A Vision and
Strategies for Sustaining Excellence in the 21st Century," unpublished
internal document, September 1991.


[2] Michael Hammer, "Reengineering Work: Don't Automate, Obliterate," Harvard
Business Review, July-August 1990, 104-112.


This article was a winner of the 1995 Society for Information Management
(SIM) Paper Award Competition, honoring outstanding work in the field of
information systems and technology. More information about the project
described in this article is available at http://www.ais.ucla.edu


************************************************************************

Elazar Harel (elazar@ucla.edu) is currently Director of Administrative
Information Systems at UCLA with overall responsibility for campuswide
administrative computing. Over the past few years, he has been responsible
for leading numerous technology-based processes geared toward a fundamental
transformation of the UCLA administration. Additionally, Dr. Harel teaches
at the Anderson School of Management at UCLA and is a member of several
international organizations including the Society for Information Management
(SIM) and CAUSE.

Greg Partipilo (acgp0@ais.ucla.edu) is a Special Project Manager in
Administrative Information Systems at UCLA. He has over twenty-five years
experience in a wide variety of application areas, including not only all
varieties of financial systems, but also such diverse areas as
telecommunications, community safety, and storehouse operations. He is very
experienced in most system implementation life cycle stages and techniques,
and is also a documentation and training specialist who has been responsible
for much of the training, user documentation, and development of online help
facilities in support of many reengineered business practices on campus.