Skip to main content Skip to office menu Skip to footer
3 golden objects Minnesota Legislature

Office of the Legislative Auditor - Financial Audit Division

Report Summary
Departments of Employee Relations, Finance, and Administration
SEMA4 Information Technology Audit

 

Financial Audit Division Report 04-36 Released August 31, 2004

Key Conclusion:

  • The departments of Employee Relations and Finance implemented controls to ensure that employee pay rates are correct, and that payroll is accurately processed and recorded in the state’s accounting system. The departments also worked with the Department of Administration to implement security controls that protected the integrity of SEMA4 payroll and human resources data.
Key Finding:

The departments did not have appropriate controls to authenticate the identity of many people with access to SEMA4’s self-service environment, where employees can enter various payroll and personnel information. As a result, it would be easier for unscrupulous persons to potentially guess passwords and gain access to the system.

The audit report contained five findings relating to computer security weaknesses.
   Audit Scope:

Audit Period:
As of June 2004

Selected Audit Areas:
  • Security Controls
  • Application Controls

Background:

This information technology audit assessed the adequacy of key controls over the State Employee Management System (SEMA4). SEMA4 is an integrated human resources and payroll system that is used by more than 90 state agencies. During fiscal year 2004, the system processed payroll and human resources transactions for over 62,000 employees, resulting in total payroll and business expenses that exceeded $3 billion.

The Department of Employee Relations provides support for human resources functions, and the Department of Finance oversees payroll processing for the entire state. Information technology professionals in these two departments work closely to maintain the SEMA4 system. To fulfill their responsibilities, the departments rely on assistance from the Department of Administration’s InterTechnologies Group.

Office of the Legislative Auditor, Room 140, 658 Cedar St., St. Paul, MN 55155 : legislative.auditor@state.mn.us or 651‑296‑4708