The Analysis and Use of Evidence Award Shortlist

Audit Trail Analysis Team, Jobcentre Plus

Government departments must meet stringent security standards in storing and processing personal data. Jobcentre Plus holds the personal data of millions of customers. As part of its regime to protect that data, it undertakes significant random access checks on its systems to deter and detect inappropriate access and misuse – costing over £11m per year and with minimal detection rates

A new system to record and analyse system audit logs will be introduced in 2012 with the capability to generate targeted checks. Jobcentre Plus created the Audit Trail Analysis Team to pilot targeted checking in an operational business. The team worked with stakeholders across the business to design, test and evaluate checks based on high-risk business events. The new checks provide greater detection capability and consume much less resource. The team has undertaken 17,000 checks in 11 months and found 350 cases for investigation.

The team analysed the outcomes from random access checks to demonstrate that they were ineffective in detecting and deterring inappropriate access and abuse. Many other cases had been detected by other means, suggesting that the deterrent effect was minimal. This analysis formed the case for change.

The pilot has been so successful that Jobcentre Plus has ceased some random checks and redeployed around 100 people on operational delivery, saving nearly £3m per year and enhancing customer service. Further planned changes will save a total of almost £10m per year.