May 21, 2020
Audit and Evaluation Committee (AEC) Meeting
May 21, 2020
9:30 a.m. to 11:30 a.m.
Teleconference
Meeting chair: Graham Fraser Committee secretary: Éloïse Ouellet
Attendees Members:
Graham Fraser, Chair
Caroline Maynard, Information Commissioner David Rattray, External member
Regular attendees:
France Labine, Deputy Commissioner, Corporate Services, Strategic Planning and Transformation Services, Chief Financial Officer and Chief Audit Executive
Layla Michaud, Deputy Commissioner, Investigations and Governance Gino Grondin, Deputy Commissioner, Legal Services and Public Affairs
Stephen Campbell, Associate Director, Strategic Planning, Governance and Audit & Evaluation Services
Guests:
Riowen Abgrall, Principal, Office of the Auditor General of Canada
Sébastien Lafond, Director, Finance, Procurement, Administration and Security James Ellard, Director, Communications and Public Affairs
Serge Galipeau, Director, IM/IT
Record of Decisions
Meeting Summary
- Approval of record of decisions and action items from the meeting of January 30, 2020. Approval of the revised 2020 Forward Calendar.
- Approval of the revised Risk-Based Audit and Evaluation Plan (RBAEP) schedule.
- Discussion on the 2019-2020 Audit Schedule of the Office of the Auditor General of Canada.
- Discussion on the Threat and Risk Assessment (TRA) and the Threat and Vulnerability Assessment (TVA).
- Information update on Finance, Corporate Services, Investigations, Legal Services, Parliamentary Activities and Communication.
Call to Order and Opening Remarks
The Chair welcomed all the participants. With the pandemic, the risk landscape will change. The new normal will be different. Public Service to operate with greater degree of risk and to review and assess the old way of doing things. The pendulum will swing back eventually. As a small organization, the OIC is in a good position to maintain operations and is coping well by being able to work from home. This success is attributable to the support of management to its employees when it comes to family related obligations and ensuring their health and safety. Mr. Fraser shared that he was invited as the Chair of our Audit Committee to attend a OCG
Briefing on May 19th and that he would share his note and a covid-19 document to assess government-wide risks and related internal audit approaches/tools.
Minutes and Action Items from the Meeting of January 30, 2020
The members approved the minutes of the meeting of January 30. 2020. The action items reviewed and approved.
Action required: publication of the minutes of the January 30, 2020 on the OIC website.
OAG Audit Update – presented by R. Abgrall
The current exceptional circumstances have resulted in reduced capacity for the OAG to undertake all of its audits within the expected timelines and hence require a need to prioritize the work. As a result, the OAG made the difficult decision to postpone the audit of the OIC financial statements for an indeterminate period.
R. Abgrall and his OAG staff will work closely with the OIC to develop a coordinated approach to resume the OAG audit work under mutually acceptable adjusted timelines.
Action required: Both the CAE and OAG will discuss new potential date for the year-end audit. (Planning for an October/November time period).
2020 Forward Calendar – presented by G. Fraser
In light of the current exceptional circumstances, the committee revised the 2020 Forward Calendar and agree to continue to meet regularly to discuss any new risks and the impact of Covid-19 on the OIC operations.
Action required: For the Committee members to confirm the changes made to the revised 2020 Forward Calendar discussed and to propose a 2021 Forward Calendar.
Threat and Risk Assessment (TRA) and Threat and Vulnerability Assessment (TVA) – presented by S. Galipeau
S. Galipeau presented the status and the next steps of the Office of the Information Commissioner assessments and an update on the security posture.
The members reviewed and discussed the information presented. The Committee Chair stated that is was excellent timing to improve technology. It was a big challenge during this pandemic to have the staff connected to work from home.
Action required: the consultant will complete the final report before end of June. Unless necessary, no further update is required at this committee on this subject.
Finance update – presented by S. Lafond
S. Lafond the new DCFO presented the preliminary OIC 19-20 financial results as at March 27, 2020 and the OIC 20-21 planned spending. The OIC is expecting an answer rapidly from Finance/TBS on the decision of the 2020 Budget Ask submission that should provide permanent resources for a viable and sustainable investigations program.
The members reviewed and discussed the information presented and noted that the management risk endorser by senior management is acceptable at this point.
Action required: no action required.
Corporate Services update – Presented by F. Labine
F. Labine presented the different files in progress at Corporate Services.
Since March 16, 2020 all of OIC employees are working from home because of the COVID-19 pandemic. Almost all personnel were connected to the network and had the working tools to be up and running from the beginning. The Business Continuity Plan was activated on March 13th. The SMC and BCP team meet weekly to review all decision and discuss the impacts related to Covid-19.
A change to the calendar for the Risk-Based Audit and Assessment Plan (RBAEP) was proposed, namely, to extend the duration of the Evaluation of Investigations planned for fiscal 20-21 to fiscal year 21-22, and to reschedule the Performance and Talent Management Review to 21-22.
Given unprecedented circumstances of covid-19, the OIC has experienced procurement delays however there may be an opportunity to develop/improve plans to ensure both a smooth transition and an adoption of more efficient processes. Therefore, these changes would be more beneficial and valuable, as it will produce better results.
The members discussed and accepted the proposed schedule changes.
Action required: update the Risk-Based Audit and Evaluation Plan (RBAEP) on the Office of the Information Commissioner’s website.
Investigations update – Presented by L. Michaud
L. Michaud presented a 19-20 update on the investigative priorities, statistics, and the strategies put in place to achieve the priorities.
The priorities established at the start of the fiscal year for investigations have been surpassed. Sound inventory management, constantly evolving processes and optimal human resources management have enabled investigators to achieve these results. The full commitment of managers, as well as the collaboration developed with legal and corporate services, also contributed to this success.
The members reviewed and discussed the information presented.
Action required: no action required.
Legal Services update – Presented by G. Grondin
G. Grondin updated the committee on current litigation files and the latest court decisions affecting the Office of the Information Commissioner.
The members reviewed and discussed the information presented. Action required: no action required.
Parliamentary Activities and Communication update – Presented by J. Ellard
J. Ellard provided an update on Policy and Parliamentary Affairs, Communications, conferences and presentations, and ATIP that continued to maintain a 100% compliance rate.
Action required: no action required.
In camera session
A brief in camera discussion was held with the Commissioner, the Chair and the external member.
Next meeting
The next meeting will be scheduled for October 2020 due to delays of the pandemic situation. Meanwhile, if a brief meeting is required for urgent files it will either be by email or via a teleconference call meeting for the review of the Departmental Results Report or any other important files over the summer period (July to September).