Follow-up Audit Management Action Plan (2007) for the First Nations Policing Program
Audit Report - June 2010
Table of contents
- 1.0 Executive Summary
- 2.0 Background
- 2.1 Audit Objectives
- 2.2 Scope
- 2.3 Approach
- 2.4 Audit Opinion
- 2.5 Statement of Assurance
- 2.6 Findings, Recommendations and Management Response
- Appendix A – Audit Criteria
Acknowledgements
The audit team would like to thank those individuals who contributed to this project and, particularly, employees who provided insights and comments as part of this audit.1.0 Executive Summary
1.1 Background
The federal government introduced the First Nations Policing Policy in 1991 as the framework for the implementation of tripartite policing agreements in Canada’s First Nations and Inuit communities. This program was a direct result of the work of the 1990 Task force Report, which undertook a review of the Indian Policing Policy which found that Aboriginal communities do not have the same access to policing service as non-Aboriginal communities.
Public Safety Canada (PS) is committed to increasing the resiliency of the First Nations Communities by building and maintaining relationships, negotiating and renewing policing agreements, and monitoring and evaluating the First Nations Policing Program (FNPP). Through this contribution program, PS negotiates partnership agreements, which enhance the funding of dedicated police services, in order to provide First Nations and Inuit communities with access to police services that are professional, effective, culturally appropriate and accountable to the communities that they serve.
Following a 2007 audit of the First Nations Policing Program, the Aboriginal Directorate (APD) focused on stabilizing the organization. The Directorate operated for over a year without a Director General position that was finally staffed in the fall of 2008. APD has been making efforts to rebuild and stabilize its capacity.
In the spring of 2009, PS was directed to undertake a comprehensive review of the Program, including an examination of service delivery models, funding mechanisms and policy guidelines and to bring forward recommendations pertaining to the future of the Program. It is expected that the review will take approximately one year to complete. The outcome of the review will include the development of options that will address the relevance, effectiveness and sustainability of the FNPP. It is projected that this final phase of the review will conclude in early fall 2010.
1.2 Why it’s Important
Transfer payments, which include grants and contributions, are one of the government's key instruments in furthering its broad policy objectives and priorities. The government is committed to ensuring that transfer payments are managed in a manner that respects sound stewardship and the highest level of integrity, transparency, and accountability.
An audit of the FNPP conducted in March 2007 identified significant weaknesses and proposed forty-six recommendations to which the APD responded with sixty-two actions. Progress on the FNPP management action plan to address the audit recommendations was reported, however given the inherent risks of the program and an overall risk exposure of high resulting from the risk-based planning exercise, an audit priority was directed to the FNPP management action plan.
The FNPP serves approximately 400 First Nation and Inuit communities in Canada with over 1200 police officers. These policing services are either administered by First Nation communities, while others are managed through the Royal Canadian Mounted Police (RCMP) or Provincial policing services. In 2008-2009, approximately 168 contribution agreements were administered and actual expenditures incurred were $106.5M, which represents approximately 40% of the total PS grant and contribution expenditures.
1.3 Audit Objective and Scope
The purpose of the follow-up audit was to assess the progress of the implementation of the Management Action Plan in response to the March 2007 FNPP Audit Report. Assurance is provided on the progress of the identified actions as of March 31, 2009; these actions relate primarily to the completion and communication of foundational documents, processes and tools, (such as standard agreements, standard operating procedures, etc), which form part of the management control framework of the program. In this context, this follow-up audit assessed the general environment, within which the FNPP operates, to ensure no major changes had occurred that would have significantly impacted the actions listed in the MAP.
1.4 Audit Opinion
The APD has made moderate progress in the implementation of the actions indentified in response to the March 2007 FNPP Audit Report. While some actions have been completed, the majority remain in various stages of work in progress. Significant progress was made in the standardization of the SA national agreements and monitoring and communication mechanisms for non-financial information have been strengthened. The key outstanding actions include the continued development and communication of a risk management framework, policies and procedures and an assessment of reporting and monitoring requirements.
1.5 Summary of Audit Findings
Progress has been made in standardizing the SA national agreement and improving communication channels between the recipient, the regional offices and National Headquarters. However, the majority of operational policies and procedures have not been finalized, including the financial monitoring procedures. A high-level, agreement specific, risk assessment tool was developed and implementation had begun, however it continues to be strengthened as it did not readily facilitate the determination of operational site visits which is a key monitoring activity to ensure compliance. Further, the overall monitoring and reporting requirements were not sufficiently defined and their respective procedures were not fully complete. In conjunction with these monitoring and reporting requirements, APD continues to further develop the APD database and its applicable policies and procedures to ensure that appropriate, complete and accurate information is readily available to support management decision making.
1.6 Summary of Audit Recommendations
The recommendations from this follow-up audit supersede the 46 recommendations from the original 2007 audit and their associated 62 actions, and will be the basis for future follow-up activities.
- Under the direction of the ADM of the Community Safety and Partnerships Branch (CSPB), APD should continue to document their program and operational risks and where applicable put in place cost-effective mitigation processes.
- Under the direction of the ADM CSPB, APD should develop and document key monitoring procedures and reporting requirements to ensure that program activities are conducted in accordance with the PTP and FAA.
- Under the direction of the ADM CSPB, APD should continue to work with the RCMP to ensure timelier and appropriately approved expenditure management information.
- Under the direction of the ADM CSPB, APD in partnership with the Chief Information Officer Directorate and the Corporate Management Branch should continue to develop a long-term information technology and information management strategy supported by operational policies and procedures, aligned with departmental policies, for historical data transition, ongoing data integrity validation, and system access.
- Under the direction of the ADM CSPB,APD should continue to strengthen the standard SA agreement by clarifying the recipient deliverables and eligible expenditures, and the oversight mechanisms by ensuring sufficient documentation is available to support compliance with the agreements.
1.7 Management Response
Management agrees with the five identified recommendations. Since the last audit period, the APD focused its efforts on maximizing the capacity of the Directorate. To this end, managers succeeded in staffing key vacancies. The stabilization of the Directorate enabled the development of effective management systems; a clarifying of roles and responsibilities; and the development of IT solutions. The Directorate is committed to further improving risk management processes, codifying APD monitoring and financial accountability practices, and strengthening the partnership with the RCMP. Through the identified deliverables, APD will continue to work towards cost-effective and efficient solutions in administering the First Nations Policing Program.
Approved By:
Rosemary Stephenson
Chief Audit Executive
2.0 Background
The federal government introduced the First Nations Policing Policy in 1991 as the framework for the implementation of tripartite policing agreements in Canada’s First Nations and Inuit communities. This program was a direct result of the work of the 1990 Task force Report, which undertook a review of the Indian Policing Policy which found that Aboriginal communities do not have the same access to policing service as non-Aboriginal communities.
Public Safety Canada (PS) is committed to increasing the resiliency of the First Nations Communities by building and maintaining relationships, negotiating and renewing policing agreements, and monitoring and evaluating the First Nations Policing Program (FNPP). Through this contribution program, PS negotiates partnership agreements, which enhance the funding of dedicated police services, in order to provide First Nations and Inuit communities with access to police services that are professional, effective, culturally appropriate and accountable to the communities that they serve.
The FNPP is delivered by the Aboriginal Policing Directorate (APD) within the Community Safety and Partnerships Branch (CSPB), with staff both at the National Headquarters (NHQ) and in the Regions. Regional Managers (RM) are the primary support for the Aboriginal communities and for the management of the agreements.
The FNPP serves approximately 400 First Nation and Inuit communities in Canada with over 1200 police officers. These policing services are either administered by First Nation communities, while others are managed through the Royal Canadian Mounted Police (RCMP) or Provincial policing services. In 2008-2009, approximately 168 contribution agreements were administered and actual expenditures incurred were $106.5M, which represents approximately 40% of the total PS grant and contribution expenditures.
Effective October 1, 2008, the Treasury Board approved a new Policy on Transfer Payments (PTP). This policy supported “strengthened accountability for public monies and better results for Canadians”. This requires that transfer payments be managed in a manner that is sensitive to risks, that strikes an appropriate balance between control and flexibility, and that establishes the right combination of good management practices, streamlined administration and clear requirements for performance. APD made a decision to delay the development and implementation of key policies and procedures to ensure compliance with this new PTP.
Following a 2007 audit of the First Nations Policing Program, APD focused on stabilizing the organization. The Directorate operated for over a year without a Director General position that was finally staffed in the fall of 2008. APD has been making efforts to rebuild and stabilize its capacity.
In the spring of 2009, PS was directed to undertake a comprehensive review of the Program, including an examination of service delivery models, funding mechanisms and policy guidelines and to bring forward recommendations pertaining to the future of the Program. It is expected that the review will take approximately one year to complete. The outcome of the review will include the development of options that will address the relevance, effectiveness and sustainability of the FNPP. It is projected that this final phase of the review will conclude in early fall 2010.
Service Delivery
Type of Agreement | Description | Number of Agreement as at March 31,20091 | Actual Expenditures 2008-2009 (‘000’s) 1 |
---|---|---|---|
Self-Administered Agreements (SA) | SAs are negotiated among the federal government, the participating province or territory and First Nations or Inuit communities, and municipalities where applicable. Under such an agreement, the First Nations or Inuit community is responsible for managing the police service. These agreements are cost shared with the province or territory at the rate of 52% for Canada and 48% for the province or territories. | 43 | $68,508 |
Community Tripartite Agreements (CTA) | CTAs are negotiated among the federal government, the participating province or territory and First Nations or Inuit communities. Under such an agreement, the First Nations or Inuit community has dedicated officers from an existing police service, such as RCMP or Provincial Police. These agreements are cost shared with the province or territory at the rate of 52% for Canada and 48% for the province or territories. | 113 | $36,8372 |
Bilateral Contribution Agreements (BC) for Specific Initiatives | BCs can be signed for specific projects or initiatives related to research and development, policing standards, police governance, recruitment training, career development for police officers, conferences, evaluation, etc. The projects related to the bilateral contribution agreements must contribute to the mandate of the FNPP. These agreements can be funded up to 100% by Canada. | 12 | $1,163 |
Note:
- Data provided by APD directorate
- Amount is an estimate of expenditures as actual information not available at time of audit.
Eligible Recipients
Contributions may be provided for funding under the FNPP to the following recipients:
- Band Councils, governments of self-governing First Nations and Inuit communities, representative organizations of First Nations and Inuit communities and not-for-profit organizations mandated on behalf of First Nations and Inuit communities;
- Provincial, territorial and local governments; and
- Third party manager appointed on behalf of the recipient pursuant to the terms and conditions of the tripartite agreement to administer the recipient's funding and obligations.
Crown corporations, other federal departments and for-profit entities are not eligible for funding under the FNPP.
Audit History
Between January and March 2007, an audit was conducted which covered all of the contribution agreements issued up to the date of the audit. The objectives of the audit were to determine to what extent the management of the FNPP was in compliance with the PTP and APD had the capacity to deliver and administer the program effectively. In addition, specific objectives included the assessment of the Management Control Framework, program administration and monitoring, and risk management strategies and practices. The audit found the following general areas required improvement:
- Guidelines and procedures specific to FNPP administration and monitoring;
- Inclusion of standard clauses in all contribution agreements pertaining to FNPP, as prescribed by the PTP;
- Reporting requirements to measure performance objectives achieved by recipients;
- Maintaining proper program records and relevant documents to provide evidence that recipients have complied with the terms set in contribution agreements prior to the payment issuance; and
- Integration of monitoring activities within a formal risk management framework.
Based on these findings the audit formulated forty-six overall recommendations, which APD accepted and a Management Action Plan (MAP) was developed. See Appendix A for MAP.
This carry-over follow-up audit, to provide assurance on the progress made in the implementation of the MAP, was identified on the Risk-based audit plan, approved by the Internal Audit Committee in June 2008.2.1 Audit Objective
The purpose of the follow-up audit was to assess the progress of the implementation of the MAP in response to the March 2007 FNPP Audit Report approved by the former Internal Audit Committee. Assurance is provided on the progress of the identified actions; related primarily to the completion and communication of foundational documents, processes and tools, (such as standard agreements, standard operating procedures, etc), which form part of the management control framework of the program. In this context, this follow-up audit assessed the general environment, within which the FNPP operates, to ensure no major changes had occurred that would have significantly impacted the actions listed in the MAP.
The follow-up audit does not provide assurance with regard to the effectiveness of these actions. In order to provide assurance on the operational effectiveness of the fundamental management control framework components identified in the MAP, it would be expected that, not only all deliverables outlined in the MAP would be completed, but also a reasonable number of activities/transactions/agreements would have been processed through the new framework/controls for a reasonable length of time from which to form an audit opinion. As a number of the activities described in the MAP were not operational for a reasonable length of time, such an opinion cannot be provided at this time.
2.2 Scope
The follow-up audit focused on the fundamental components of the MAP developed, approved, and communicated up to March 31, 2009. The follow-up audit reviewed final approved documents as well as those draft documents which were identified as substantially completed.
2.3 Approach
The audit was planned and performed in such a way as to obtain reasonable assurance that the audit objective was achieved. The audit included various activities, as considered necessary, to provide such assurance. These activities included, but were not limited to, interviews, observations, walkthroughs, review of supporting documentation, sampling of transactions and analytical reviews.
The recommendations from this follow-up audit supersede the 46 recommendations from the original 2007 audit and their associated 62 actions, and will be the basis for future follow-up activities.
2.4 Audit Opinion
The APD has made moderate progress in the implementation of the actions indentified in response to the March 2007 FNPP Audit Report. While some actions have been completed, the majority remain in various stages of work in progress. Significant progress was made in the standardization of the SA national agreements and monitoring and communication mechanisms for non-financial information have been strengthened. The key outstanding actions include the continued development and communication of a risk management framework, policies and procedures and an assessment of reporting and monitoring requirements.
2.5 Statement of Assurance
In the professional judgment of the Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered, to provide reasonable assurance of the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria. The criteria (See Appendix A) were based on the TBS Management Accountability Framework (MAF) and the Canadian Institute of Chartered Accountants “Criteria for Control” (COCO) model. The opinion is applicable only to the entity examined.
2.6 Findings, Recommendations and Management Response
Criteria 1: Appropriate monitoring tools and documentation processes have been established including an integrated risk management framework.
2.6.1 The monitoring approach was not driven by an integrated assessment of risk.
Based on the MAP, the audit expected to find a comprehensive risk management framework that included the identification of the fundamental activities of the FNPP program, a risk score, mitigating actions, and the applicable documented monitoring controls and, policies and procedures. This would ensure an effective operational processing and oversight approach based on risk and provide sufficient information from which management could make informed decisions.
APD did implement several risk management activities/tools during the audited period however an end-to-end integrated assessment of risk was not done. APD informed us that there is limited direction and support from the department on risk management. Among the risk-management activities implemented, was the establishment of a Risk Committee whose primary mandate is to “enhance coordination and communication among APD divisions in planning and conducting activities related to the assessment and mitigation of risk”. A key deliverable of this committee in support of its mandate was the development of a risk assessment tool. As such, a risk questionnaire and applicable risk score were designed and automated within the APD database which was to be completed by each RM for each FNPP agreement. As committed by APD in their MAP, the audit expected that this risk tool would identify the operational risks for all aspects of the program delivery, and provide clarity as to when to conduct on-site visits with each agreement recipient. However, the tool is focused on general program delivery elements as opposed to operational deliverables and primarily facilitated the overall prioritization of work for APD. Further, while training had been provided on this automated risk tool, at the time of the audit, RM’s had only completed risk assessments on 40% of their agreements, which prevented APD management from effectively monitoring all aspects of the program. Subsequent to the audit, a Monitoring and Audit Risk Assessment (MARA) tool was implemented, which should address the operational risks, and provide clarity on when to conduct on-site visits.
APD has made progress drafting policies and procedures in regard to the monitoring requirements however at the time of the audit they remained incomplete. Further it was noted that while high-level deliverables and activities were articulated at the operational level, management reporting requirements and the need for sufficient and appropriate evidence should also be clearly defined and stated. These draft documents did not identify the overall management oversight controls.
2.6.2 Financial monitoring procedures and required supporting evidence were not sufficient.
Based on the MAP, the audit expected to find clearly defined financial processes for each stage of the expenditure lifecycle including budgeting, forecasting, payment approvals, and monitoring. Further it was expected that roles and responsibilities in regard to these financial activities would be defined and documented.
The audit found that APDhas strengthened the financial monitoring processes through such means as:
- Establishing a financial analyst role who is responsible for the financial activities including the reconciliation of expenditures and commitments to the financial system; and for the financial support to the RM;
- Providing three general training sessions for all APD employees, which included communication of the requirements for payment certification;
- Ensuring the completion of the Delegation of Financial Authorities and PTP training for those managers exercising these authorities.
However, there were limited roles, responsibilities, and accountabilities defined and documented for these financial activities. Further, no policies and procedures were developed specific to financial monitoring.
While APD is in the process of finalizing the operating procedures there were only general financial procedures and guidance in the draft documents and in some cases they were silent on key activities such as NHQ Financial Analyst operational procedures.
APD had committed to developing procedures to integrate the collection, review, and follow-up of key financial and non-financial performance deliverables which would provide appropriate support for payment certification, however they were not completed. Examples include:
- an internal checklist demonstrating the status of key deliverables;
- the recipient Audited Financial Statement review procedures providing clarity on the methodology to be used; and,
- a sufficient tracking and follow-up mechanism for non-conformity financial issues.
Based on the MAP, APD stated: “In order to comply with section 34 of the Financial Administration Act (FAA), it is recommended that all invoices be certified in conformity with the Delegation of Financial Signing Authority before releasing the payment”. To accomplish this action plan, APD centralized the exercising of this authority to the Senior Director of Operations and deemed this control sufficient to ensure compliance with the FAA and did not implement any random quality assurance file audits as committed to in the MAP. While centralization to one individual is an acceptable approach, APD will need to ensure that the RM maintains the relevant documentation and the Senior Director has sufficient information, including evidence of performance delivery by the recipient, to effectively exercise this authority and ensure compliance.
Specific to the CTAs, which provide Aboriginal communities with police services that are delivered and managed directly by the RCMP, APD had committed to improve the expenditure management activities of these agreements. Through continued discussions with the RCMP, APD was to obtain actual financial cost information on a timelier basis to support the advance payments made by APD to the RCMP for the delivery of these policing services. Therefore, the audit expected to find appropriate, sufficient, and timely financial forecasting information, validation of actual expenditures, and reconciliation of surplus recovery costs. While progress had been made in obtaining prior years actual expenditures and APD has designated an NHQ employee to review the information, further improvements are required:
- Timely receipt of forecasted and actual expenditure analysis still remains a challenge. As an example the fiscal year 2008-2009 expenditure information had not been received from the RCMP as of November 2009.
- There was no standardized format for provincial expenditures which made the overall reconciliations difficult (i.e. Information presented by community versus agreement). No reconciliation to the overall budget transfer was done. There was no evidence of appropriate approval by the RCMP of the information provided to APD which could result in disputes if APD calculated a surplus recovery that was in disagreement with the RCMP, and limits both organizations` accountability for the delivery of the actual results.
- There were no specific policies and procedures in regard to the financial reconciliation of the RCMP information. The audit observed a duplication of effort and unclear accountabilities as both the RM and NHQ have informal responsibilities to review the information.
- There was no evidence that APD validated the CTA budget transfers on agreement totals reported by the RCMP.
2.6.3 Non-financial monitoring procedures and communication mechanisms have been strengthened.
Generally, APD has strengthened the communication and monitoring channels through the implementation of the following committees and activities:
Mechanism | Purpose |
---|---|
Mandate Committee | To review new agreement requests |
Directives Review Committee | To review proposed directives compiled by the Policy Unit |
Risk Committee | To enhance coordination and communication among APD divisions in planning and conducting activities related to the assessment and mitigation of risk |
Database Working Group and central repository | To enhance coordination and communication among various APD divisions in development, training and regular utilization of the APD Database |
2008 Internal APD Survey | To assess progress made in regard to key issues identified in previous audits and evaluations |
2 National training conferences | To train all APD staff on various agenda topics including new Directives, Risk Assessment tool |
APD weekly management meetings | To allow an opportunity for all regional, NHQ staff and Management to discuss priority issues on a regular basis |
The committees were found to have appropriate representation from key functional areas, draft Terms of Reference, and were generally documenting meeting minutes. As these committees mature, they may want to consider developing criteria and documentation standards to further support their decision making and monitoring activities.
Recommendations:
1. Under the direction of the ADM CSPB, APD should continue to document their program and operational risks and where applicable put in place cost-effective mitigation processes.
2. Under the direction of the ADM CSPB, APD should develop and document key monitoring procedures and reporting requirements to ensure that program activities are conducted in accordance with the PTP and FAA.
3. Under the direction of the ADM CSPB, APD should continue to work with the RCMP to ensure timelier and appropriately approved expenditure management information.
Management Action Plan | Completion Date |
---|---|
Management agrees with the recommendations. | |
1. The following steps will be actioned by the Aboriginal Policing Directorate: | |
|
September 2011 contingent on approved Departmental documents |
2. The following steps will be actioned by the Aboriginal Policing Directorate: | |
|
April 2012 |
3. The following steps will be actioned by the Aboriginal Policing Directorate: | |
|
October 2011 |
Criteria 2: Procedures have been developed to identify fundamental information requirements. Further, processes and tools have been established to collect this information and appropriate communication channels to key stakeholders are in place.
Based on the MAP, the audit expected to find an overall information strategy. The fundamentals of this strategy would identify not only, what and how information would be collected and when it would be reported, but also the long-term maintenance and database support roles and responsibilities, and how the database integrates with the departmental systems and Information Management / Information Technology (IM/IT) strategy. Specifically the audit expected to find a complete and comprehensive centralized APD database through which core documents would be readily accessible by the relevant APD staff.
2.6.4 APD needs to further develop information management systems, policies, and procedures.
As per the MAP, APD had committed to the continued development of a central database, which would contain all information related to each stage of the program delivery. The database would have the required controls for data input and historical data transfer, as well as controls to facilitate the reporting and reconciliation with PS’s financial system. In response to this commitment, APD completed a requirements assessment and made the decision to design and implement an internal customized Access database.
APD informed us that due to network capacity limitations, the RMs were unable to access all of the information referenced within the APD database. As a result, information stored in the Departmental Records and Documentation Information Management System (RDIMS), was not easily retrievable. At the time of the audit, a workaround solution requiring the continued use of a shared network drive and RDIMS was put in place. This solution duplicates the data capture efforts, increases the likelihood of mismatched data sources and will undermine the efficiencies gained from centralization within the APD database. Subsequent to the audited period, APD revised the APD database to improve the efficiencies in information retrieval.
During the audited period, the technical development of the APD database was the responsibility of one person within APD, the APD Database Co-ordinator, which creates a risk given the amount of customization and the limited internal knowledge of the software. Additionally the ongoing support requirements of the database have not been integrated into the departmental IM/IT plans and strategies.
Further, there were only limited policies and procedures. Activities such as: data transition, validation, and updating; access authorization; and data backup remain informal or ad hoc. While a Database Working Group has been established to define and prioritize developmental requirements, the auditors were told that the significant amount of data to be entered by the APD Database Co-ordinator and the limited authority of the working group to mandate usage has delayed implementation of the database. As a result, the data currently captured has integrity and completeness issues. While the majority of agreements were appropriately identified and referenced within the database, there were significant gaps in other key documents that were required such as risk assessments, on-site visits, financial information, activity reports and recipient correspondence. In addition, it was the intention of APD based on their MAP to use the APD database as a reference point for other internal communications such as directives, training course information and committee meetings decisions where it will be easily retrievable; however, the procedures related to this data capture were not defined or prioritized at this time.
2.6.5 Limited defined performance measures and reporting requirements.
Section 6.5.5 of the PTP states that the department is responsible for “Ensuring that cost-effective oversight, internal control, performance measurement and reporting systems are in place to support the management of transfer payments”. In response to the previous audit recommendation, APD had committed to ensuring they were in place. As such the audit expected to find a defined and comprehensive reporting strategy stating what performance metrics would be measured, how, by whom and when.
The audit found that informal communication channels have been strengthened. However formal reporting was limited. The following are examples of reports that were in development:
- Risk Assessment Report;
- Agreement and Communities Report; and,
- Facilities Report.
However, there were no reports on:
- Recipient performance indicators or follow-up action plans due to non-conformity issues; and,
- On-site visit results.
Given the number and complexity of agreements and communities, a more structured reporting approach would assist with compliance and relevant and timely management oversight and decision making.
Recommendation:
4. Under the direction of the ADM CSPB, APD in partnership with the Chief Information Officer Directorate and the Corporate Management Branch should continue to develop a long-term information technology and information management strategy supported by operational policies and procedures, aligned with departmental policies, for historical data transition, ongoing data integrity validation, and system access.
Management Action Plan | Completion Date |
---|---|
Management agrees with the recommendation. | |
4. The following steps will be actioned by the Aboriginal Policing Directorate: | |
|
December 2011 |
Criteria 3 and 4: Standard Operating Procedures (SOP) manual is comprehensive; addressing all updates and is appropriately communicated. Policies and procedures are appropriately communicated.
As per the MAP, the audit expected to find a comprehensive, accessible, and communicated SOP manual integrating the PTP requirementsand identifying appropriate procedures and processes based on cost-effective management practices including an assessment of risk.
2.6.6 Majority of operational policies and procedures have not been finalized.
The APD team had committed to updating their SOP manual; however a subsequent decision was made to develop individual directives on specific activities instead of updating the SOP manual as this approach was considered to be more efficient. A Directives Review Committee was established for this purpose, with a mandate to review proposed directives compiled by the APD Policy Unit. During the audited period, two directives, Agreement Model File Directive and Isolated Post Directive, were developed and communicated to the APD staff through training sessions. As previously noted some activities identified in the 2007 MAP requiring clarity on policies and procedures were not completed. For those new procedures that were implemented such as the Risk Assessment Committee and the risk assessment tool, appropriate communication and training were done. However, without the formal documentation and integration with the overall program policy, there is a greater chance of misunderstanding and non-compliance. Subsequent to the audit, four more directives were completed.
Criteria 5: Comprehensive, consistent and compliant standard agreements have been developed which are consistent and compliant with all policies.
As per the MAP, APD had committed to standardizing the SA and CTAs agreements, which would clarify the eligibility of the expenditures and various contractual clauses.
2.6.7 Significant progress has been made in standardizing the Self-Administered agreement.
APD has standardized the SA, and at the time of the audit had received approval from two provinces. The standardized agreement improved the clarity of the contractual clauses identified in the 2007 audit. Further, an appendix was added to better define eligible recipient expenditures.
To allow program managers to monitor recipient compliance and better support recipient payments, oversight mechanisms should be strengthened within the restrictions of the applicable provincial policing legislation. Opportunities remain to continue to improve the clarity of the recipient deliverables and expenditure definitions. For example, while the standard SA now requires the recipient to submit regular Activity Reports, APD has not defined what the recipient is to include in the report. As a result, inconsistent or incomplete information within and between agreements may occur.
Since the framework agreements that govern CTA`s are dependent on the Provincial Policing Service Agreements (PPSA) and Territories Policing Service Agreements (TPSA), a decision was made by APD to hold any efforts toward standardization until the PPSA and TPSA have been revised in 2012.
Recommendation:
5. Under the direction of the ADM CSPB, APD should continue to strengthen the standard SA agreement by clarifying the recipient deliverables and eligible expenditures, and the oversight mechanisms by ensuring sufficient documentation is available to support compliance with the agreements.
Management Action Plan | Completion Date |
---|---|
Management agrees with the recommendation. | |
5. The following steps will be actioned by the Aboriginal Policing Directorate: | |
|
April 2012 |
Appendix A – Audit Criteria
The audit assessed progress against each identified management action using the following general audit criteria:
- Appropriate monitoring tools and documentation processes have been established. This includes an integrated risk management framework.
- Procedures have been developed to identify fundamental information requirements. Further, processes and tools have been established to collect this information and appropriate communication channels to key stakeholders are in place.
- Standard Operating Procedures manual is comprehensive addressing all updates, and is appropriately communicated.
- Policies and procedures are appropriately communicated.
- Comprehensive, consistent and compliant National Standard Agreements have been developed.
- Completion of a comprehensive Policy Principles guide.
As APD is undergoing a comprehensive review, therefore Criteria 6: “Completion of a comprehensive Policy Principles guide”, which was identified initially in the scope of the audit, has been removed as there may be revisions to the policy framework.
- Date modified: