Government compliance and governance is Bay's exclusive business focus, it has defined the Bay team and suite of products for over 15 years. During this time we have observed a maturation of the compliance approach and systems used by regulators. As an active and initial sponsor of AELERT – the Australasian Environmental Law Enforcement Regulators Network – Bay has participated in and facilitated the trend towards evidence based regulation and compliance. Importantly, Bay's team also brings an understanding of how government regulators work, how they think, how they operate, and what is important to them.
CIRAM is a widely used Commercial off the Shelf (COTS) compliance system. CIRAM is installed exclusively in government regulatory environments and has been designed, built and enhanced in conjunction with a number of government departments over the years.
Key Aspects of CIRAM
Work is allocated through a team or work unit with initial assignment of new work to a work unit manager. The manager allocates to a work unit member or assigns work to another work unit. Staff who frequently work for many teams are added with roles in different work units. The work unit forms the base security structure with case access restricted to allocated work unit members.
Knowing the time and cost of activities is an important aspect of resource management. Staff administrative levels and nominal hourly rates are setup in administration this data is used when recording time spent on case work. Expenses associated with case investigation are also recorded.
A case timing report details time spent in each phase of all cases from allocation, investigation and endorsement. This is combined with case type and priority information and gives a manager insight to how long investigations are taking. Combined with time and cost reporting the manager has the tools to assist with resource management.
Every investigation incorporates a secure running log which safeguards integrity of all information entered, it is not possible to change entries made. As well as helping to protect vital information, the running log ensures information can be called on as legally-admissible evidence.
Many documents are managed in an investigation or compliance activity, the attachment collection of each case provides categorisation of documents and version control. Documents can be created and populated with case and person data through administrable Word templates.
Support for corporate Electronic Document Records Management Systems (EDRMS) is provided through the optional DMI adapter, seamlessly storing documents in an EDRMS such as TRIM or OpenText. The user experience in CIRAM is not altered and relevant RM categorisation is applied automatically for the user.
Follow up Actions
During a case an officer may require additional assistance or wish to set future task reminders, activities provide reminders as single or recurring events allocated to work unit members. An activity can be added to the case or a document used for follow up on notices issued.
At the core of CIRAM is the entity subsystem which stores information on persons of interest, property, vehicles, licences and products. A key aspect of entities is they exist once in the system and are re-used many times, building the history of activities with each entity.
Entities can be related to each other to provide further intelligence information. The types of relationships are administrable, as relationships change over time the period and currency of relationships is also maintained.
Viewing the detail of an entity shows all associated relationships, currency of relationships, matters involved in and their role in those matters. The roles a person or company may have include witness, applicant, suspect, involved party, etc.
CIRAM holds the source of truth of the entity as it relates to regulatory matters but other systems may hold more information. Web links are provided from each entity type, accessing other systems to retrieve detailed information. Company detail data is sourced from the Australian Business Register (ABR) or could be an internal system instead.
Risk and Prioritisation
CIRAM uses a risk assessment function in its alleged offence (enforcement) process to prioritise cases. This is an administration defined objective assessment allowing creation of many categorisers with multiple criteria.
Each criterion is given a weight and selected criterion from all categories resolve to a score. The score is used to assign a priority based on a range of values qualified by the context – for example a context could be an Act, geographical location, an industry segment or even an industry participant. Note criterion weightings may be +ve or –ve allowing a very complete risk assessment process to identify existence of risks and recognise and score absence of risk or risk mitigation. This contributes to transparent, evidence based decision making in the compliance domain. This is described in more detail in the section below.
Security is controlled through assigning roles to people in work units and the security system. The security system provides fine control of rights available to a role in a work unit and the case workflow state. This allows investigators to have full rights to cases in their work unit while in the investigation phase. Investigators outside of the work unit have read only access. When the case moves to endorsement, the investigators receive read only rights.
Another layer of security is applied through the optional Secured Rights module (SRSM) which adds security caveats and security clearance management.
All data in the system is available through the search screens. Each entity has a search function to assist in selecting the correct person or licence. The main search screen presents the structured data and entities in one place.
When looking for names an exact, then partial, then phonetic search is done and results ranked in exactness order. Text fields are searched using partial matching, administered drop downs are an exact search. Date searching can be either an exact date or a date range. All fields selected are ANDed together.
A free text search is provided to create complex search expressions using Boolean operators and parenthesis for expression bracketing. The search results indicate the CIRAM area of the match; a comment field, case data, attachments, activities, etc. The free text and structured searches can be used together for further refining results.
Two types of reports are available, standard reports and user built reports. The standard reports are listed below.
A report builder allows creation of reports on either an ad-hoc basis or as new business reports published for common use through the report screen. Two versions of the report builder are available; one for simple charts and tables and one for complex multi-table and multi-chart output.
All reports can be exported to Web, Excel, PDF, CSV and Word.
Reports are delivered through the Microsoft SQL Server Reporting Services (MSSRS) tool in SQL server. The type of report builder available is based on the version of SQL server.
Matters having similar information as incidents can be reported from many sources over time. A nightly process finds cases that match on key criteria and marks these as potential duplicates.
The format of the data is checked before a form can be submitted and includes formats for;