Inappropriate behavior 2

[lespaul]

What would you do if you found that personnel in the IT department (your co-workers) have been using their access to the tables to enter falsified time clock entries?

The HR department is aware of some activities (within IT and in other departments) that have been taking place within the "Time Clock Supervisor" program. This program is designed to allow a supervisor to fix/add time entries. When these changes/additions are made to the table, the record stores who made the change.

However, a particular person, who also has inappropriate modifications made through the supervisor program and had made inappropriate modifications for others, has been told that no more changes can be made. Since (s)he has been restricted from the program, s(he) has started inserting records directly in the table unaware that it is obvious when looking directly at the table that these records were inserted out of order.

For instance:

EMPSSN      ClockDate         TimeIN         TimeType
123456789   20050330          700             IN
987654321   20050330          702             IN
456789123   20050330          704             IN
[b]258369147   20050329         1600            OUT
258369147   20050330          700             IN[/b]
147369258   20050330          706             IN

Now, I have considered this person to be my friend, but this is just WRONG! What would you do? I believe that I am not the only person in the department that realizes these activities are taking place, but don't know what the other who might know has done or said to anyone about the situation.

thanks for any insights.

les

 

[CajunCenturion]

There are lots of factors that could come into play.

[li]How did you stumble across this situation?[/li]
[li]Who has, and what are, the reporting requirements?[/li]
[li]What is your relationship with your supervisor?[/li]
[li]What is the relationship between the offender and the supervisor?[/li]
[li]What other political relationships might be in play?[/li]

Good Luck
--------------
To get the most from your Tek-Tips experience, please read FAQ181-2886
As a circle of light increases so does the circumference of darkness around it. - Albert Einstein

 

[MasterRacker]

This person was restricted because they were violating company policy. They are now disregarding explicit instructions and essentially "hacking" your system. Whoever is in charge of security and/or data integrity (sounds like it is you) now has a duty to bring this up with HR and/or management.

<sub>Jeff
[purple]It's never too early to begin preparing for [/purple]International Talk Like a Pirate Day

I was not born cynical - I earned my cynicism through careful observation of the world around me.</sub>

 

[manarth]

Lol, short of dropping the table and rebuilding it each time with the falsified records in the appropriate sequence, the only way this could be falsified without a trail is if the records were manually inserted at the relevant time - in which case, seeing as you're there, you might as well clock in correctly!

I would suggest you let this person know you know, explain how you know, and point out that the risks of someone else spotting the discrepency. If they've any sense, this person will wise up.

Of course, I could point out another hack: find someone who clocked out at your clocking out time, and switch the employee ID around. But that really would be unethical.

IT people have too much responsibility to break trust this way. But then, only people you trust can break trust.

<marc>

 

[dkediger]

Because of the extended situation you are now in is why this person should have been booted the First time this was caught.

Doesn't help the situation now any, but I'm surprised that after the first time that some extra controls and monitoring weren't implemented.

Be careful about talking to the person involved...I would keep it at a generic "There's some talk going around - you better be keeping your nose clean." Say anything more specific, you also become obligated to inform your employer, otherwise you could be dragged into this under "Aiding and Abetting.

 

[lespaul]

How did you stumble across this situation?
Little things that combine to a whole:
1. I received the email indicating that all future time modifications have to go through the head of the department.
2. The co-worker that designed the time clock/time clock supervisor programs told me in conversation that HR had requested information regarding modifications of times and who has been doing it and that the information he produced may have had something to do with the new modification restriction.
3. I am currently re-designing our database structure and as part of that I am analyzing all the tables in the current database. As part of that analysis I noticed the out of order records.
4. This person left one day while I was on break, when I asked "Are you leaving?", the answer was "No, just going to get a snack". Never returned that day, never clocked out that day, next morning I checked the table and saw the records as indicated in my initial posting.

Who has, and what are, the reporting requirements?
I'm not sure what the reporting requirements are. I have mentioned some of this to a friend who works in HR, but I don't know what they are going to do. They are currently investigating another employee for different time clock violations (which was what prompted the request above).

What is your relationship with your supervisor? Casual, not real close, sometimes strained

What is the relationship between the offender and the supervisor? Very close, best buddies, spend lots of time in boss' office talking.

What other political relationships might be in play?
Lots of other political fallout. From what I can see, the head administrator has it in for my boss. There are several others in the department that have mentioned things about this person to HR (more regarding disruptions than anything unethical or illegal).

Whoever is in charge of security and/or data integrity (sounds like it is you)

no luckily it's not me!!

One of the major tasks in the new design is to verify that all records are timestamped through triggers & stored procedures. The current system's "security" is lacking throughout!

IT people have too much responsibility to break trust this way.

That's my belief as well. No one would trust us to do anything if we all acted in this manner!

The current rules are if you are more than 5 minutes late, you have to use leave. So if you get in when the time clock reads: 7:05:56 then you're fine, if it's 7:06:02, well now you have to use 6 minutes of leave. The other issue is leaving and then "fixing" the time so no leave was used. I was told that altering the times is a 4th degree felony. I'm sorry, it's not worth my job and felony charges to save 6 minutes of leave!

 

[chiph]

Is it possible that another worker is making the changes "as a favor" to the suspected party?

If not, then they've gone past the "word to the wise" approach, and HR needs to get involved again. Sucks, but if they won't learn, there's not much you can do.

Chip H.


____________________________________________________________________
If you want to get the best response to a question, please read FAQ222-2244 first

 

[dkediger]

Sounds like things are already being looked in to. You want be as far away from your friend when - that's When, not If - it gets discovered.

Your concern is what to do about the out of sequence entries you have knowledge of. You've already dropped it to your HR acquaintance. If you've got an up-level report on your table reviews, you probably need to mention it there as well. Don't speculate about it, just report the fact.

Friendships sometime demand tough actions from one party to another.

 

[ecobb]

I would suggest you let this person know you know, explain how you know, and point out that the risks of someone else spotting the discrepency. If they've any sense, this person will wise up.

But "wising up" could also mean that he/she continues doing it, but starts hiding it better since you've now told this person how you found out. He/she may feel like they have an insider looking out for them and will help them not to get caught. Especially since you consider each other friends. Just a thought...



Hope This Helps!

ECAR
ECAR Technologies, LLC

http://www.ecartech.com

"My work is a game, a very serious game." - M.C. Escher

 

[SantaMufasa]

Geez, folks, this is outright corporate fraud we're talking about here. Friends or no friends...politics or no politics...it is downright wrong and illegal...it is a prosecutable offense...those who are aware of the fraud, but do not report it, could be prosecuted as indicted or unindicted co-conspirators after the fact. This type of behaviour is how we ended up with Enron and Worldcom. Anything less than termination/prosecution hurts many people at so many levels.

I would not "warn" any of the perpetrators. I would ensure that the appropriate corporate officers are aware of the problem/descrepancies, then leave it up to the officers/authorities while staying as far away from the problem as possible.


Mufasa
(aka Dave of Sandy, Utah, USA)

http://www.dasages.com

Do you use Oracle and live or work in Utah, USA?
Then click here to join Utah Oracle Users Group on Tek-Tips.

 

[lespaul]

those who are aware of the fraud, but do not report it, could be prosecuted as indicted or unindicted co-conspirators after the fact

which is why I covered my a** by informing my HR friend (who is the Asst Dir of the division) of what was going on. HR has asked for additional information (not sure what specifically) but my boss is stalling. Not sure if it's because he knows that this other stuff has been occurring or just because he likes to exert his "power" by withholding or providing services to our users.

 

[dkediger]

I think you've done your part at this point - if your confident your HR contact will back you up. Since this is a recurring incident, after an edict went out, the fertilizer is about to go through the impeller in grand fashion - or at least it should. Stuff is going to get flung far and wide - the safest spot is off to the side.

IMO - your boss is really playing with fire either way on this.

 

[willir]

First, I feel IT, especially those with "keys to the kingdom", are ethically bound to a high level of integrity. It comes with the hat we wear in IT. A person who can not wear the halo should not be wearing the hat.

I have seen several "friends" get the boot because they did not show themselves worthy on the turst given to them. Can you imagine loosing a $100+K job by stealing a $50 item -- just plain stupid!

Next, your example is precisely why Access is not a great database for storing important or sensitove information. I love using Access, but I certainly understand the limitations of using Access.

Third, security and audits are always a good thing. Besides catching the bad guys (and gals?), it demonstrates due diligence. Among other things, there are certain things you can use an audit table that tracks who did what and when through the front end application.
- Any item not in the audit trail is going to be suspect.
- You can get more "inventive" by having two backend databases. One that is obvious and another that is more "hidden". Entries in one database and missing in another are also sucpect
- Date stamp your transactions using Now() as the default value.
- You can capture the login making the data entry using environ("username" and environ("workstation")

Why am I spending time show some audit tricks? Well knowing that someone tampered with the data is one thing. If this thing ever ends up in court, you need evidence.

...The last thing is how you react to this situation. It has already been stated that you are legally liable since you "know". I have had a few friends who did not make the best choices in life. You love them as a friend, but you have to let them know that you do not agree with their choices. In the situation you presented, I feel this is where you have to be a professional first, and a friend second.

 

[lespaul]

Next, your example is precisely why Access is not a great database for storing important or sensitove information. I love using Access, but I certainly understand the limitations of using Access.

It's actually an IBM AS400/iSeries. But there's minimal (ie NONE) security/auditing processes in the system.

So, at this point should I say something? dkedigger is right about

the fertilizer is about to go through the impeller in grand fashion

Should I let this person know, they're watching, even though it's probably too late?

 

[rosieb]

This is not a minor issue, it's systematic fraud and, by the nature of your work you are aware of it, so if you don't handle it properly you are at risk of being seen as an accomplice.

I'm not sure that a quiet word to a contact in HR is adequate. I think you should go through the official channels. Don't make accusations, simply inform your boss in writing (and keep a secure copy) of the data anomalies you have observed. It's then up to them to react.

If there is an enquiry, you have done, and been seen to have done the right thing.

It's a horrible thing to have to expose a friend, but what if this is not their only infringement? If they are messing with their time recording, is it possible that they are into other systems?



Rosie
"Never express yourself more clearly than you think" (Niels Bohr)

 

[willir]

Does advsiing your friend compromise your professional job, and does it risk the investigation? The safe answer is to stay away. But if the person is really a good friend, then you have a tough decision to make.

Good luck Leslie

 

[CajunCenturion]

There is no question about what you have to do, as SantaMufasa already said. The tough part is how to do it without killing yourself in the process.

What is the relationship between the offender and the supervisor? Very close, best buddies, spend lots of time in boss' office talking.

You have to tread softly and not push the issue. If you can't absolutely prove that this was deliberate and not an accident, or maybe an action implicity approved by the boss (I'll let you do it just this once), then by championiong this cause I feal that in the long run, you'll be the loser.

I think your best best is to continue to help HR in their investigation, making sure that they are aware of this discrepancy, but let HR do the investigation and if need be, level the allengation. You do, of course, have whistle blower protection, but it may end up being a phyrric victory.

Good Luck
--------------
To get the most from your Tek-Tips experience, please read FAQ181-2886
As a circle of light increases so does the circumference of darkness around it. - Albert Einstein

 

[SantaMufasa]

Should I let this person know, they're watching, even though it's probably too late?

I don't care how good a friend they are...their actions have betrayed the company, and because you are aware of their behaviour, your are now at risk, thus they have compromised you, as well. If you give them any "heads-up" that someone is on to them, then you give the prosecution great ammunition to rope you in, as well, even if you are the whistle blower. Such behaviour is "aiding and abetting".

If this guy/gal is your friend, it's time to go down to the "New Friend" store. These are not the kind of "friends" you should seek after. If you are afraid that they will call you a "rat" or a "tattle-tale", that's much better than them calling you "cell-mate".

Mufasa
(aka Dave of Sandy, Utah, USA)

http://www.dasages.com

Do you use Oracle and live or work in Utah, USA?
Then click here to join Utah Oracle Users Group on Tek-Tips.

 

[harebrain]

I wholeheartedly agree with Mufasa. Furthermore, if the boss has condoned this, he is also guilty of fraud. Companies have appropriate procedures for making warranted corrections to these kinds of records: subverting the system is not an appropriate method.

 

[ttmac]

You have to ask yourself what you would do if the offender were unknown to you? Would you be agonizing over what to do? Would you be faced with the same difficult decision?

In the interest of equality you owe it to all of your colleagues to act in a responsible manner. You have a responsibility to the company because they pay your wages, your colleagues because this will impact on everyone and everybody using the time and attendance system will be tarred with the same brush and yourself because it is putting your job at risk.

If you don’t act on this, where does it leave your relationship with the company? You have a position of trust in the company and are expected to work in a certain fashion. If you do not act and deal with this, will any and all decisions you make in the future be subject to question?

If you don’t deal with this what impact will this have on your career? Not meaning to seem mercenary, what impact will it have on your career if you do deal with it? You will prove that you can make difficult decisions despite your personal circumstances and involvement. Your friend and colleague who placed you in this difficult situation is probably for the high jump anyway, don’t let them take you with them.

It seems very unlikely but have you considered that this might be something that has been conjured up to test your integrity? If you look at it from that perspective, what would you do?