Treasury beefs up security

Treasury is poised to go live with its new Web security system CFISnet - which it says will result in 'huge cost and time savings'.

Treasury is poised to go live with its new Web security system CFISnet - which will result in "huge cost and time savings".

CFIS stands for Crown Financial Information System. From launch on December 9 it will collect forecast and actuarial financial information from government departments.

The system was developed in-house at a total estimated cost of $550, 000.

The manager financial management systems for Treasury, Hugh Packer, says massive savings are expected with the implementation of CFISnet, both in time and cost. Packer, however, cannot reveal specific figures as yet.

Key objectives of the project were to streamline existing processes and make the system faster and easier to use. This was facilitated through a single central database and Web technologies.

The five-year-old system that CFISnet will replace is based on maintaining databases in each department and on connecting to the Treasury via modem. Although this system has worked well in the past, it has become increasingly difficult to maintain as departments' IT environments have evolved, says deputy secretary to the Treasury Iain Rennie, budget management branch.

Packer says: "We're [currently] running duplicate systems for our reporting and estimates processes. In terms of process management it's time-consuming. We've also got different databases in different departments, so when there are 49 databases they are quite hard to maintain."

The system operates as users connect with a browser to run reports, view information from Treasury and update data. The user requires a smartcard and digital certificate to access CFISnet.

To send financial data to Treasury, departments use a spreadsheet to map the information from their financial models into the chart of accounts used by Treasury. The spreadsheet posts the data as XML to the CFISnet Web site where it is validated and recorded.

The system makes use of 128-bit encryption, and 1024bit private keys on smartcards for end users. There is a supporting infrastructure of firewalls and intrusion detection.

Users are individually authorised access to restricted information sets. Encrypted digital certificates will be issued by a third-party certification authority.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments