2010-2011 III. Exercising responsible and effective governance

Responsible governance implies a set of commitments and practices by which heads of institutions ensure rigorous stewardship of public resources and harmonious working relationships. This includes embracing talent management and employee engagement, providing an enabling and secure infrastructure, and obtaining proper feedback on business risks, processes and controls, while ensuring public accountability through clear and meaningful reporting instruments. Effective governance starts with strategic planning as a guiding vision of what we need to achieve, with what resources and how to maximize their use. The development of our strategic plan as well as our success in maximizing the use and output of our limited resources under fiscal restraint represent our greatest governance achievements for 2010–2011.

Planning for results and impact

In the summer of 2010, we conducted a strategic planning exercise in consultation with key stakeholders to set our priorities and the most efficient course of action for the next three years, given the challenges ahead and resources at our disposal. Based on a comprehensive environmental scan, the process generated a consensus around three key result areas: exemplary service delivery to Canadians; a leading access to information regime; and an exceptional workplace.

Employees took advantage of this process to determine the core values for our organization. They selected four principles and statements to guide our individual and corporate behaviour and decision making.

The Strategic Plan 2011-2014 sets out a number of goals and activities, which we have already put in motion, to bring about a number of essential and interrelated outcomes.

To provide exemplary service delivery, we will continue to conduct efficient, fair and confidential investigations, while managing our caseload strategically, according to priority and complexity. We need to build up our analytical skills and develop tools to keep us abreast of the evolving technicalities of the law. We will use all means the legislation provides to address issues of non-compliance. We will also seek to optimize our capacity to bring complex cases and fundamental points of law before the courts. In pursuing this objective, we aim to re-establish the office as a centre of investigative and legal expertise on access matters.

To foster a leading access to information regime, we provide advice and expertise with a view to reversing the declining trends in timeliness and disclosure of public sector information. A key responsibility is to assist Parliament in modernizing the legislation and the way it is administered. We will complete and follow up on our diagnostic of delay-related issues through our report cards and systemic actions. Through court representation, we want to foster a jurisprudence that widens the scope of access to government information. In everything we do, we intend to maximize the impact of collaborations and stakeholders' engagement in efforts to improve the access regime.

Exemplary service delivery starts at home, predicated on the quality of the workplace and work relations. To ensure an exceptional workplace, we have developed a comprehensive talent management framework, which will integrate performance management and training for all employees in line with operational requirements. We will further develop our infrastructure to provide everyone with the information, tools and systems they need to effectively plan, manage and carry out their duties and functions. Above all, we want to build a work environment that reflects our corporate values.

[D]

Talent management

The year 2010–2011 marked the successful conclusion of a major recruitment campaign we had initiated in 2009 to meet business requirements and fill investigator positions in a high-demand professional group. As a result, the organization is now nearly fully staffed, and the objectives we pursued under our Integrated HR Plan for 2009-2014 have been achieved. We now count 98 indeterminate employees, representing
92 percent of 106 full-time equivalents. By comparison, fewer than 75 percent of all positions were staffed in 2009.

This achievement was crowned by the positive feedback we received in September 2010 on our 2009-2010 Departmental Staffing Accountability Report (DSAR). Every year, the Public Service Commission (PSC) examines institutional DSARs to assess and improve staffing performance across the public service and to report on the health of the appointment system. The assessment for the year in which we engaged in the most intensive recruitment initiative indicates that our staffing system is in very good health and respectful of the Public Service Employment Act and the core staffing values. The PSC did not find any key management area needing improvement.

As part of our strategic planning process, an analysis of our current workforce highlighted the need and requirements for a comprehensive talent management program. As of January 2011, only 19 percent of employees had been with the organization for more than five years. Among investigators, 57 percent had fewer than three years of experience with us. Moreover, the investigator group had the highest number of individuals who will be eligible for retirement in the coming years
(31 percent). Training and knowledge transfer are therefore critical to developing and maintaining expertise in the particulars of our investigative function and tools.

An enabling IM/IT infrastructure

We continued with the implementation of our multi-year strategy to renew our information management and information technology infrastructure. This time, we focused on the development and testing of a new records and case management system for investigations (InTrac) as well as the rollout of an electronic records repository (RDIMS) across the organization.

A key enabler of success, the InTrac project included various activities to standardize business processes and to design and build reporting functionalities. The InTrac system, which is set to be deployed starting in April 2011, is expected to improve workflow, ensure process consistency, and enhance our reporting and analytical capabilities. This will assist decision making on critical operational issues. As a precondition for RDIMS, we identified and described all our records as part of a corporate universal classification system. Both InTrac and RDIMS have involved considerable programming, testing and technical support. We also performed significant network upgrades, which resulted in a 30 percent reduction in service calls to the IT Help Desk.

Training on information management and classification was provided to all employees and managers. The training module has been posted on our website for all interested users. We initiated discussions with a number of small agencies and the Treasury Board of Canada Secretariat on opportunities to share and leverage our IM/IT solutions and experience. We took part in the Ottawa IM Days Conference with a presentation on Management Information for Transparency.

For the first time, in accordance with the National Archivist's Multi-Institutional Disposition Authorities, we disposed of more than 20,000 investigative files and began the disposition of records for common administrative functions. We started transferring records of archival value to Library and Archives Canada to preserve this documentary heritage for Canadians.

The IM/IT division also contributed innovative approaches to enhancing the organization's agility to respond to various business changes and requirements. Given the reduction in access to information and privacy requests this year, analysts were deployed to help with our investigative function and maximize efficiencies. They also participated in the review of extension notices, compilation of data and creation of the electronic template for the notification of time extensions (see Chapter 3).

Engaging through dynamic communications

We revamped our intranet to make it more relevant and user-friendly as an engagement and reference tool. This "one-stop shop" now enables employees to stay informed about various issues and initiatives, to share information and ideas, and to foster team spirit and collaboration across the organization.

Following the launch of our new external website in March 2010, we added new functions, including a consultation capability that enables us to collect comments on a number of issues. For example, we conducted a consultation on time extensions and notifications under paragraph 9(1)(a) and subsection 9(2) of the Act. The input contributed to the development of our advisory notice and proposed notification template (see Chapter 3).

A Facebook page was another welcome addition to our networking tools this year. Although our "wall" is not interactive at this time, the page enables us to quickly relay important information to Facebook users in this age of 24-hour news and web 2.0 expectations.

It was a busier than average year for media relations. We responded to more than 50 calls from the media on various issues pertaining to the access regime in Canada. The Commissioner granted more than 30 media interviews and held two press conferences to discuss her special reports to Parliament.

Security initiatives

As the employer, senior management must ensure that staff and visitors are protected from risks of violence, harassment and intimidation. As a steward of public resources and a service provider, we have a dual obligation to protect assets under our control from theft, damage or disruption. We also have a special responsibility, as an investigative body, to preserve the confidentiality and integrity of the personal and classified information with which we are entrusted.

During 2010–2011, we conducted a comprehensive assessment of all aspects of security management against the 2009 Treasury Board of Canada Policy on Government Security. This assessment confirmed our full compliance with the Treasury Board of Canada Secretariat's (TBS) Standard on Security and Contracting, but revealed several gaps in other areas. We quickly moved to put in place a number of corrective measures to enhance our security infrastructure, including the creation of an organization-wide security program.

As a result, we are now fully compliant with the TBS Standard on Personnel Security Screening. We have completed the implementation of our electronic Personnel Security Database. We also represent small organizations on the Interdepartmental Working Group on Personnel Security.

Taking into account our resources and requirements, we achieved baseline security with respect to physical security. We made a number of improvements and upgrades to secure our premises and prevent any risks or threats against employees. We reinforced security measures for our records area. Through improved infrastructure and procedures, including stocktaking and inventory tracking, we increased the protection of assets and information integrity.

We also devised a strategy to address some of the more complex and costly challenges, including developing the Emergency and Business Continuity Plan and enhancing our information technology security. The updated Risk-Based Audit Plan provides for an audit engagement that will examine and assess the actions taken, their results and status, as well as the overall compliance with security policy. We aim to achieve compliance with the Directive on Departmental Security Management by the June 30, 2012, deadline.

Stringent controls and accountability

Recent improvements in financial reporting enabled us to closely monitor our spending and make the best possible use of our limited resources in this period of fiscal restraint. Our tight and ongoing control over financial management was also instrumental in making a convincing case before Parliament and Treasury Board for additional funding to accommodate the increased workload and financial pressures associated with court proceedings and priority investigations in 2010–2011.

To ensure healthy financial management and compliance with the Policy on Internal Control, we are documenting key processes and controls and to assess their efficiency. We commissioned an external firm to conduct a preliminary review of our controls over salary, operating expenditures and material management. With the exception of the management of assets, which were in the process of being inventoried, only minor improvements were recommended, and they have been implemented. We are also assessing our compliance with various Treasury Board policies, directives and standards to provide a level of assurance on the adequacy of the controls in place.

As an Agent of Parliament, we have our transactions and financial statements audited each year by the Office of the Auditor General (OAG). Once again, for the year ending March 31, 2011, the OAG issued an unqualified audit opinion, providing reasonable assurance that we follow accounting rules appropriately and that our financial transactions comply with the Financial Administration Act and other regulations in all significant aspects.

Finally, we developed and introduced future-oriented financial statements, which are prepared on an accrual basis, starting with our 2011–2012 Report on Plans and Priorities. The introduction of accrual budgeting is the culmination of a series of recommendations by parliamentarians and the Auditor General. General purpose future-oriented financial statements provide information on assets and liabilities, complete revenue information and information on expenses. This additional information is meant to assist parliamentarians in their consideration of the Estimates and departmental requests for expenditure authority.

Managing risks, adding value

As an Agent of Parliament, the office has an obligation to maintain a strong internal audit function. Internal audit provides independent, objective assurance designed to add value and improve operations. Informed by our strategic planning exercise, we updated the list of key risks facing the organization and developed the Risk-Based Audit Plan for 2010–2013.

This plan provides for three important audits that focus on areas of higher risk and significance, namely, the efficiency of business processes for investigations; compliance with security requirements, as mentioned above; and the effectiveness of our information technology systems and information management practices, notably the new InTrac case management system. We will also conduct a follow-up review of the achievements from a previous audit of the Intake and Early Resolution Unit (IERU) and subsequent management action plan. This audit has already widely contributed to our efficiency gains in the timely resolution of administrative complaints.

The audit of the Complaints Resolution and Compliance Branch was under way at the time of writing. It will assess the extent to which business processes, performance metrics and documentation for decision making support efficient and timely case management. It will also determine our level of compliance with legislation and policy directives in completing investigations.

Our Audit Committee oversees the internal audit function and is a critical component of the governance structure. In addition to the Commissioner, the committee includes two experts in institutional and financial management who are external to the federal government, including the chairperson. Throughout the year, the committee provided independent and objective advice regarding risk management, controls and governance arrangements, including reporting. It also advanced our management practices by bringing new perspectives to better mitigate risks and improve performance.

The committee presented its first annual report in 2010–2011 to both the Comptroller General of Canada and the House of Commons Standing Committee on Access to Information, Privacy and Ethics. The report describes the committee's activities from its inception in October 2008 to the end of March 2010. Posted on our website for greater accountability and transparency, the report assesses the effectiveness of internal controls and illustrates how our risk-based and just-in-time audit regime have enhanced operational efficiencies.