Mismanagement of CAT.. A Setback for IIMs
The failure of the online CAT system has thrown the
reputation of IIMs to winds. As premier management institutes of the
country, graduates of IIM are expected to manage challenges and crisis in
the industry scenario. However, the way IIM has handled the transition from
paper-based CAT to online CAT has left everyone wondering about the ability
of IIMs.
Even when online CAT was announced, it was clear to any
IS professional that the biggest challenge is not how the functionality of
the online examination system was to be managed but the security of the
system. It could also be a easliy anticipated that being the premier
examination in the country attracting over 2 lakh participants, it would be
a target for various kinds of cyber offenders including Cyber terrorists.
It could also be foreseen that CAT database would also be a target for data
thieves. Everybody was also aware of the difficulties arising out of the
sheer volume of transactions and the possibility of technical failure
arising out of server crash since it frequently occurs whenever university
results are announced. We also knew how the Electronic voting system
frequently faced the problem of untrained personnel. Virus is too familiar
to be ignored as a risk.
Under the circumstances, it was critical that IIMs had
to take all reasonable steps necessary to protect the systems from the kind
of troubles that we have seen now. This was not only business prudence and
commonsense but also “Due Diligence” under law.
Exposing 2.4 lakh students to the trauma of a mismanaged
examination is a serious crime committed by the IIMs.
The IIM management has now come-up with a weak argument
that there were viruses in the machines. This ridiculous.
The management needs to explain and provide answers to
the following questions that arise out of the present situation.
Was there was an attempt at “Virus sanitization” as a part of the IS
protocol for this exercise? If not why not?
Was there an IS audit prior to the
planning? Did IIMs get any report from competent IS professionals about
the risk assessment and how they can be mitigated and was there a risk
management team in place before the examination started?
Was there a DRP and BCP plan? What
happened to the “Disaster Management” and “Crisis Management” components
of the plan?
It is unthinkable that IIM management team could have
approached the whole exercise without “Planning”, “Risk Assessment”, “Risk
Mitigation Plan” and “Crisis Management Plan”. These are basic lessons of
management.
Why did IIMs betrayed such a shameful exhibition of lack
of managerial talent?
Is it because they were arrogantly negligent? Is it
because it was managed by one of the IIMs and others did not cooperate? Is
it because they entrusted the examination system to a foreign company for a
exorbitant price tag (US $ 40 million? or around Rs 200 crores?) without
making a due diligence check?
These need answers.
It is also impossible to digest that IIM had not done a
dry run of the system before launching.
It is also stated that the technology used was primitive
in the sense that the entire paper was to be downloaded to the local
machine and it was not “Really online”. Ideally, each question should have
been downloaded in realtime from a network of distributed servers,
dynamically balanced for data traffic congestions along with an algorithm
which manages the question paper pattern. At the end of each question, the
answer should have flown back into the server and triggered the next
question download. On the other-hand it is stated that in the current
system, the entire question paper was downloaded and re-uploaded after the
answer. When the server crashed in the meantime, the entire work was lost.
This system also meant that the entire question paper resided in the local
cache memory and was amenable for copying.
Another intriguing point is that the test was spread
over 10 days and across many centers and therefore there were only about
25000 students per day spread across more than 360 centers in 104
locations. It was not therefore a server load problem of insurmountable
dimensions.
Some security experts are of the view that the two
viruses named by the IIM director for the problem are Conficker and Nimda
are easily detected by existing anti virus programmes and are not zero day
codes unknown to the community. At present there is no indication of any
Cyber terrorist or deliberate outsider attack. (We may recall that the
recent failure of IGNOU examination system was blamed on sabotage by some
vendors who failed to get the contract.)
Some of the students had the following to say about
their experience
“if
we click to any question we have 2 answer that one . we cannot think of
not doing that question. 2. if we click end button the test will get over
suddenly without any confirmation n the monitor will get turned off. 3.
its really difficult to understand the programming. 4. the persons
standing there to help us are also confused , very rude and very
unfriendly.”
“Could not complete the exam… I clicked on
review… end of the review exited my test. my test ended in 5 mins. I was
shocked to see i have completed my exam in 5 min.. no one could help me.
Such a painful situation, because of issues i could not complete once in
year exam.”
“i cud attend only 15 questions n den it
has been quited suddenly……d examiners whoever der at site did not take
care of my problem i have lost my exam completely…is there any facility
to re write d exam again please help me out……..”
These comments made at one of the websites indicate that
the issue was that the system design itself was faulty and had been
inadequately planned.
Now that the problems have occured what is the remedy?
CAT administrators are suggesting that re-examination
would be conducted for those who had the problem. Is this sufficient? How
can this compensate those who have clash of examination dates and are lost
because of the bizarre experience they were made to go through?
CAT administrators have been careful enough to invoke
legal provisions and threaten the students and IIM coaching centers through
the following notice on their website.
“Disclosing, publishing, reproducing, transmitting, storing, or
facilitating transmission and storage of the contents of the CAT or any
information therein in whole or part thereof in any form or by any means,
verbal or written, electronically or mechanically for any purpose, shall
be in violation of the Indian Contract Act, 1872 and/or the Copyright
Act, 1957 and/or the Information Technology Act, 2000. Such actions
and/or abetment thereof as aforementioned may constitute a cognizable
offence punishable with imprisonment for a term up to three years and
fine up to Rs. two lakhs. Candidates who want to appear for CAT have to
agree to a Non-Disclosure Agreement at the time of the test.”
Well, this indicates that CAT administrators are ready
to invoke law in their protection. Are they ready to face law for their
gross negligence and putting the career of so many aspirants to risk?. Have
they not caused “Wrongful Loss” to hundreds of candidates by not following
“reasonable securirty practices” and allowed for contravention of “section
43″ and “Section 66″ of ITA 2008 to take place? Are they not vicariously
liable under Section 85 for these contraventions? These are the questions
which CAT administrators have to answer.
How can CAT administrators convince the students that
the system was fair? and it gave equal opportunities to all candidates?
These are the issues some legal persons have already raised as stated in
this
article
in Times of India
There is no doubt that sufficient cause can be found to
question the validity of the examination system given the lack of
preparedness evidenced by the events of the last few days. Though
“Computer Based Tests” are an established mode and cannot be rejected
per-se, if the conduct of the test indicates gross negligence and lack of
competence as shown by the current ProMetric test centers used by IIMs,
there is every reason to doubt the integrity of the examinations.
Instead of standing on false prestige and supporting the
ego of some of the persons involved in this sad episode, the IIM directors
of all IIMs should call for an emergency meeting and should take the bold
decision to scrap the online test for the current year and plan a paper
based test at the earliest.
It is better if the agony is not continued for all the
ten days of the proposed test plus a few re examinations and then face a
possible Court action to withhold the results. A quick “Cut the losses”
strategy would be the best option for the IIMs. This would save the time so
that the comprehensive re-examination can be conducted without causing harm
to the next academic year of IIMs.
Additionally it is necessary to black list the service
provider involved in the conduct of the exam and recover the payments made
to them.
Can we atleast see a display of a bold decision making
character of IIMs now?
In case IIMs continue to hide behind “Viruses” and try
to cover their inefficiency and protect the financial interests of the
service providers, it is necessary for public spirited lawyers to invoke
the intervention of the judicial system to seek justice to the number of
candidates who would have been adversely affected during this year’s
examination.
Naavi
Naavi
December 1 ,2009
Related Articles:
Now Anyone Can challenge CAT. TOI
Firm IIMs hired to hold online CAT test has failure record.. HT
Comments are Welcome at
naavi@vsnl.com