Auditor General report rips into outdated Nira

FForty-one entities “connect and share” citizenry data from the National Security Information System (NSIS) despite not having a memorandum of understanding with the National Identification Registration Authority (Nira), the latest Auditor General report has revealed.
The NSIS was first implemented by the Directorate of Citizenship and Immigration Control (DCIC) under the auspices of the Internal Affairs ministry. It cost the taxpayer €64.231 million (about Shs256 billion). The Auditor General’s report for the Financial Year 2021/2022 spotlighted several “glaring issues” with the NSIS.
The NSIS is among several Nira internal systems that were called into question, with the report’s findings dismayed by the outdated approach used by the government agency.

READ: Report: Shs1m lost to corruption each hour

Manual data upload
Established after the Nira Act, 2015, came into place, Nira still relies on humans to manually record, capture and upload the data of applicants.
“There were no SLA (Service Level Agreements) between Nira with various providers of the critical systems used within the organisation such as the National Security and Identification System (NSIS), the Mobile Vital Records System and the Birth Death Adoption and Registration (BDAR) system,” the report reads in part.
On January 1, 2016, Nira started discharging duties such as registration of births, deaths, and adoption, events that were previously entrusted to the care of the Uganda Registration Bureau Services Bureau (URSB). The shade the latest Auditor General report paints of Nira is of an agency stuck in a time warp.
“There are unnecessary delays in the transfer of information from the registration kit to the server; the filled data is uploaded onto the server at the end of the day if not week depending on the availability of the information technology officer (ITO)/ district registration officer (DRO),” the report revealed.
It added: “The upload of a filled application to the central server is done using a flash disk, which is prone to theft and errors at the enrolment and processing/decoding using the manual server upload.”
Nira’s failure to automate its information sharing processes “despite the heavy investments in ICT solutions” also, the report reckons, sticks out like the metaphorical sore thumb. It specifically highlights the process of “registering childbirth for birth certificates [where] the registration officer re-keys the child and parent’s information into the BDAR system yet the same information is resident in NSIS.”

No interfaces
On the whole, the report warns that this “lack of proper interfaces [of Nira’s architecture] with the other critical systems hinders government effectiveness and efficiency in providing services.” 
This, the report goes on to note, “may lead to multiple inconsistent information in different systems and delay of services since procedures are repetitive.”
Nira says it cannot operate as the Auditor General wishes because the NSIS is “vendor locked.”
Mr John Muwanga, the Auditor General, insists that the NSIS is vitally crucial, and failing around it should not just be treated lightly. “The NSIS did not have active interfaces with other government key systems such as URA’s E-tax systems that process data relating to government Non-Tax Revenue (NTR) generated from services offered by NIRA, IFMS and IPPS/HCMS which process government critical information related to civil servants and other government suppliers, including the banking sector.”

Alternative strategy
Elsewhere, the Auditor General also discovered that Nira is unable to put Plan B into action in case a crisis blips on the radar. It was discovered that the government agency has not undertaken “comprehensive testing of the procedures for back-up data recovery, had not been conducted to establish the effectiveness of data recovery.”
“The authority did not have a disaster recovery plan in place as required by industry practice,” the report states, adding, “Considering the degree of the country’s reliance on data from NIRA, any disaster may lead to major disruptions in the economy, including loss of data and revenue.”
Nira’s top brass told the Auditor General’s office that there was a disaster recovery plan that was being implemented in phases at the time although an updated draft awaited board approval then.
“In spite of management’s assertion, a disaster recovery was not provided for review,” the report further states.

Shs500b loss
The report’s findings also call out Nira for failing to collect Shs518.07 billion or $14.780 million from a registration exercise of foreigners that were in need and qualified to get the identification card. The money “was budgeted NTR (Non-Tax Revenue).”
Mr Muwanga also established that in some cases where registration attempts were kick-started, the processes only stopped at data processing and assigning Alien Identification Number to the foreign applicants.
Up to 10.8 million Ugandans are yet to pick their national identification cards. The Auditor General’s office said Nira attributed this to the fact that its “current system was offline between the kit and the district server, and it was because at the time of the acquisition of the current NSIS system connectivity infrastructure in Uganda had a limitation.”