• Friday, June 21, 2024
businessday logo

BusinessDay

Why ASUU’s payment platform wasn’t approved – NITDA

Nigeria

The National Information Technology Development Agency (NITDA), on Monday, said it conducted a detailed functionality and user acceptance test on the University Transparency and Accountability Solution (UTAS), a payment platform proposed by Academic Staff Union of Universities (ASUU), and found some fundamental flaws despite the platform recording a 99.3 percent pass.

NITDA said it conducted a total of 687 test cases, in which 529 passed, 156 failed, and two cautionary warnings were recorded.

“As some of the failed cases are critical to the overall functionality of the solution, the agency could not recommend for the solution to be deployed in a production environment. ASUU was, therefore, requested to work on the solution and submit it for further assessment,” NITDA said in a statement.

ASUU has been on strike since February 14, 2022 because the Federal Government is insisting that it would only pay salaries using the Integrated Payroll and Personnel Information System (IPPIS). The striking lecturers are, however, vehement that they would not be subjected to the federal payment platform, and that they would rather prefer to be paid using the UTAS.

ASUU’s insistence on a separate payment platform is due to distrust of the sincerity of the authorities to sufficiently deal with the many problems bedevilling the education system from inception.

Following several interventions from many stakeholders including the National Assembly, the government said it would only accept the UTAS should it pass the functionality and user acceptance test. As a result of the decision, the government turned to NITDA for help on October 14, 2020.

The NITDA Act empowers it to create a framework for the planning, research, development, standardization, application, coordination, monitoring, evaluation, and regulation of information technology practices in Nigeria.

In view of the mandate, the agency has over the years issued a series of regulatory instruments including the Software Testing and Quality Assurance Framework and Guideline, in 2016. The guideline – currently under review – provides for the design, development, and testing of software projects in Nigeria.

Section 10 of the Guidelines for Nigerian Content Development in ICT, 2019, details guidelines and expectations for indigenous software development and software-enabled products and services.

Since NITDA issued the guideline, it has been registering indigenous software solutions, and part of the process requires that solutions are subjected to tests in line with the requirements of the Software Testing and Quality Assurance Framework and Guideline and the Guidelines for Nigerian Content Development in ICT.

Read also: Nigerians fear ASUU strike could lead to academic apathy

It was in this light that NITDA was invited to participate in an interactive session between ASUU, the Federal Government, and the National Assembly at the Conference Hall of the Accountant General of the Federation’s office. The meeting was an opportunity for ASUU to demonstrate the capabilities of the UTAS platform, according to sources.

As part of the government’s conditions for acceptance of the UTAS as a payment platform for public universities, NITDA decided to carry out three out of the eight tests specified in the guidelines. The tests include User Acceptance Test; Stress Test; and Vulnerability Assessment and Penetration Test.

NITDA said its team carried out a series of Vulnerability Assessments and Penetration Tests on the UTAS platform.

It said one of the assessments revealed five high-risk vulnerabilities that are likely to negatively impact the platform if exploited, adding that two low-risk vulnerabilities were identified.

The agency said these were discussed with the ASUU team, and a further assessment was carried out on the updated version of the UTAS, which it said showed that the high-risk vulnerabilities had been addressed.

“However, one medium risk, three low risks, and 44 informational risks were identified,” it said.

NITDA said it also adequately communicated to the relevant stakeholders including ASUU, adding that the entire interaction took about two weeks.

It said, “It is important to note that despite making all efforts to fast-track the exercise, it took the team two weeks of continuous interaction on a daily basis. There is no doubt that the exercise has positively impacted the functionality and robustness of the UTAS platform.

“Furthermore, we believe that the interaction availed ASUU the opportunity to understand and appreciate NITDA’s commitment and level of professionalism exhibited in carrying out its responsibilities.”