Nice of them to lump these gits all into one.

See the numbers are on the rise again!

So, lets get this straight access to download data to disc is assigned per role. But it would be a disproportionate cost to say how many individuals are assigned a role with this permission?

Is it me or does no one at HMRC have a basic grasp _STILL_ of SQL - the same people who sent personal details on a disc because removing them would be too costly?!?

Does the HMRC have a CIO, if so HE/SHE should answer these questions.

Imagine working all day in a boring job you hate, and theres a button at the top of your screen and you know if you click it you will be fired, maybe if I just have a quick look no one will know, no no its too risky, click click oh shit I didn't mean it.

May as well get my coat now maybe I will take a few other coats as well no no too risky oh f.... it.

Let's face it, employment in the public sector pretty much only exists to serve those who are unable to get or hold down a job in the private sector.

Paris because she's probably done more work than most public sector workers

the people that have access to most of the data are, generally, morons.

The jobs are all based in a city which is entirely propped up by the government, the talent has moved away leaving the local workforce a little "skill shy".

Also, most of these jobs are call centre type stuff, so why would you want to employ and pay for clever people.

think some of you might think before you comment, lest you too become a moron.

mine's the one with the tickets back to london in the pocket.

If anybody wants to know how the civil service is run simply watch Yes, (Prime) Minister. It may be 30 years old, but it's exactly the same today with 1 major exception. It's no longer just politicians trying to chop the civil service, Civil Service chiefs are out to screw their staff too.

" MPs were told it was not possible to provide information on how many staff had that access, or how many had received training because such information "could be collated only at a disproportionate cost.". "

I don't know how many offices HMRC has, but lets see, one phone call to each HR bod at each location, HR bod looks at their invoices for training and counts them, HR bod phones whichever IT bod is responsible for maintaining the Active Directory server and gets them to email a breakdown of user roles. If that can't be done it's because the answer to the training question is "none whatsoever" and the 'access by user role' statement is a flat out lie.

I see they are still clinging to the "disproportionate cost" whinge, no doubt a remnant of the many FOIA requests they have turned down on this basis, but since when was that a valid response to a question by parliament ? Tossers.

And do we expect the hordes surrounding the all-seeing ID Card database to be any different?

And will the checks and controls be any better?

Seriously, lets face it half of government cock-ups these days are down to badly implemented IT. We should have an IT minister who should be expected to answer questions on these subjects to a reasonable level - hell, I could do it, so could any other half-decent IT director in the UK.

How do we go about getting one? These news items on el Reg are getting ever more common.

Paris, cos she could do a better job as Minister for IT than anyone currently in the big house.

"MPs were told it was not possible to provide information on how many staff had that access, or how many had received training because such information "could be collated only at a disproportionate cost." "

Clicking on the user list for security access is disproportionate?

Right. This is a lie, straight out, and the response to this assertion should be the individual in charge being fired immediately.

I'm fed up with the incompetent and overstaffed public sector always hiding its screw ups.

Which party do I vote for to get a small government that'll trim all the tax-sucking wastrels?

No not everyone is - trouble is any sign of competence is usually misunderstood as being a rebel and they will attempt to drive them out, insane or they just give up because banging one's head on brick walls all the time hurts

information "could be collated only at a disproportionate cost.".

Translation " If we told you the truth you would laugh at us "

Access by user role :

Translation " They all can stupid or they wouldn't be working here "

I have tried to think of one valid reason why anyone needs to have a working CD writer usb ports enabled etc etc on any of their machines and i cant come up with a decent answer.

No one needs any abilty to transfer data in this way NO ONE !!!!!

The data base design should prevent all access to unauthorised intrusion and these are the same mutton heads who are designing the all singing all dancing ID database.............i think they need a few more meetings before going any further down that road !!!!

It is incompetence from the very top time a few top names were given their marching orders.

"Odd that. I worked in Local government for 4 years and got fed up. I moved to a large international company and have less work, more pay and am doing very well."

I spent three years in local govt [left for the same reasons as you - fed up], a year in a school [never again] and now I work in Central Govt, have lost *another* £1/hr and am having to look at going back to rent a room just to make ends meet, which is pretty embarassing frankly.

Where are these jobs with large companies where I can get back into proper support with reasonable pay and less strange expectations?

Anon, because my bosses read this...

"And don't forget total lack of job security, when your job can go at the whim of the PM when he thinks that what your doing dosen't get him enough votes."

Actually, no. A lot of criticism of civil service staff on this thread may be unfairly generalising, but this is just plain wrong. It is almost impossible to get sacked from the HMRC unless you are actually convicted of taking bribes, or of breaking the confidentiality protocols. Since the latter are now being busily eroded by "information sharing" initiatives from SOCA, Cabinet Office, MinJ and so on, it will soon be difficult for anyone except too-greedy special investigators to lose their jobs.

Coming from another arm of the Civil Service I can't say for sure whether it's the case for HMRC, but where I'm at there are a lot of 'fixed-term-appointments' and employees on 'casual contracts' (most of whom are anything but since they like the job and want to keep it - it's the old timers who get too comfortable that are causual). I'd imagine that this is where the problem lies.

It's the 'had access' that's key here. Being able to say who 'has' access ought to be trivial, but who 'has had' access over the period is different. For us, staffing levels are determined against perceived demand over a period to keep things as lean as possible and often the same people are re-employed over the course of a few years so that you cannot accurately say just by reference to head-counts as you may be double counting. Add to that the fact that HR records get old so that there may be no valid reason for keeping the information which means it needs to be destroyed under the DPA as there's no reason to hold the information.

I've no doubt however that the HMRC systems contain the very same, if not stronger audit trails built into the systems we use. Systems I might add that have been evolving for a long long time.

It's all very well mouthing off about how databases should be designed and this and that should be so easy but you can't even be certain that it's actually an SQL database under the hood! Even if it is, data needs to purged at some point - why keep information relating to someone who's no longer working there - there's certainly less chance of someone not employed gaining access if they no longer exist on the system.

The auditing is good - that's why so many people get caught. Some systems will stop you and ask you to justify accessing a particular record randomly to discourage peeking.

You'll also find it's usually someone trying to work out a potential partner / child's partner's income rather than James Bond trying to bring down the economy.

As for idlers and the like - yeah you get them, you get them in any job or business I've worked with plenty, but gone are the days of infinite sickies. People are regularly dismissed for pulling sickies and for not meeting the performance targets set.

Yep, the Civil Service is well and truly in the 21st Century (or the part I exist in anyway) and my managers are good people who'll do anything to keep their staff in jobs because they have a real passion about what they do and why they do it. Of course there are wankers who are cruising toward retirement but with every passing day there's less of them and their place is filled with someone who deserves the job.

People like my colleagues and I are care as much about the taxes we pay as you do and we want value for money and the best we can get.

You never know the use of a good thing until you've lost it and if the focus groups are full of people who don't understand what the Civil Service does for them then they'll be the ones crying when the big private companies come along and spunk everything up - and there'll be no turning back 'cause all the good guys will be gone and we'll all be stuck with the likes of Crapita making profit from our taxes (if anyone can work out how a profit provides better value for money than non-profit I'd love to hear it - none of us want to be privatized so we strive to make sure there's no profit to be had in our business - don't be surprised if you hear about Civil Servants telling the Private Sector how to run a call centre at some point in the future).

Don't kill the goose that laid the golden egg.

AC because it's about getting things done - not glory.

..."If you have nothing to hide, you have nothing to fear", eh?