ARCHIVED - MAF Assessment: Military Police Complaints Commission - 2008

The Military Police Complaints Commission (MPCC) was established in December 1999 as a quasi-judicial tribunal, under the National Defence Portfolio, with a mandate to provide independent, civilian oversight of the Canadian Forces military police. The Commission oversees and reviews complaints about the conduct of members of the military police in the performance of their policing duties and functions. It also handles complaints of interference from members of the military police who believe that another member of the Canadian Forces or a senior official of the Department of National Defence has improperly interfered with, or attempted to influence, a police investigation. The MPCC has a staff of approximately 18, with an annual budget of $3.4M.

The Treasury Board Portfolio (TBP) recognizes that small agencies do not have the resources to implement and monitor an extensive management framework. Consequently, for this round of Management Accountability Framework (MAF) assessments, the Commission was treated as a micro-agency and responded to a questionnaire (responses attached at Annex A). The TBP assessment below is based on the questions put to the MPCC in the questionnaire and TBP’s knowledge of the organization.

Overall, the TBP’s observations of the MPCC’s management capacity are generally positive and denote improvement since the organization’s last assessment three years ago. The previous MAF assessment suggested a number of management improvements for the MPCC, most notably the development of quality results information for its PAA and reports to Parliament, development of an integrated business and human resources plan and enhancement of its procurement and contract management.

Over the past three years, the MPCC has made progress on all fronts. The Commission has developed a performance measurement framework in support of its PAA and has developed an integrated business and human resources plan. The Commission placed an emphasis on improving its control framework for asset, financial and IT management, establishing an evergreen program for replacement of its informatics assets and audio-visual equipment. In addition, a new organization structure was implemented whereby all corporate responsibilities now reside with the Chief of Staff, while the General Counsel is responsible for operations. This clear delineation of responsibilities will facilitate management accountability, risk management and performance measurement.

In addition to the progress indicated above, the Commission demonstrated sound management in a number of areas (see full assessment below for details):

Values-based Leadership and Organizational Culture – The MPCC continues to demonstrate strong values and ethics as senior management engages regularly with employees on values and ethics. All employees are evaluated on values and ethics through performance management assessments and performance evaluations.

Official Languages – While the Commission has only 18 employees, the organization fosters a bilingual workplace environment and has the requisite linguistic capacity to meet its program requirements.

Continuous Learning and Career Development – The results of the 2008 Public Service Employee Survey were favourable in the areas of continuous learning and career development. The MPCC scored “strong” in these areas based on the methodology developed for this area of management (AoM).

Performance Management Program for Executives – The MAF assessment noted that a best practice review mechanism exists to ensure internal equity and consistency in determining performance ratings for executives.

The Commission could still make progress in a number of areas:

Management, Resources and Results Structure (MRRS) – The MPCC is encouraged to review its MRRS to ensure that result statements are clear and measurable. In addition, some of the performance indicators lack clarity and, as a result, their alignment to expected results and outputs is not always evident. At the time of this assessment, the MPCC was amending its performance measurement framework as part of the 2010-2011 MRRS Change Process.

Evaluation – The MPCC has made it a priority to improve the effectiveness and efficiency of the complaints resolution process (its one program activity). Since the last MAF assessment, the Commission examined its complaints-handling process and established performance metrics on service delivery timelines. While this is positive, the MPCC is encouraged to place similar emphasis on evaluating the effectiveness and relevance of its program. In addition, the MPCC is encouraged to develop a formal evaluation plan of its direct program spending.

Corporate Risk Management – The MPCC should finalize its draft Risk Management Framework. While the draft framework has good elements (e.g., identification of risk tolerance levels), there are areas for improvement (e.g., some of the identified risks seem to be performance objectives). The Commission is encouraged to consult with TBS in the finalization of its Risk Management Framework to ensure it fosters the monitoring and mitigation of program risks.

Financial Controls – The MPCC’s results from a horizontal audit on the Travel and Hospitality in Small Departments and Agencies indicated that expenses are not always authorized in advance and lack the requisite documentation. The MPCC should ensure that these deficiencies in its financial controls have been addressed.

The next few years could be challenging for the MPCC. The Chair has called a public interest hearing into the transfer of Afghan detainees, believing that certain government departments have limited his access to information. The hearing is currently the subject of a judicial review in Federal Court. The MPCC has never conducted a public interest hearing of this magnitude. While the Commission has received significant new funding to conduct the hearing, its financial and human resources will be stretched thin as it undertakes a hearing of this magnitude and simultaneously continues to make improvements to its management control framework. In addition, the number and complexity of complaints the Commission investigates continue to increase. As noted in its 2008 Annual Report, the number of case files opened reached a total of 92, the highest volume in the Commission’s 10-year history. Management performance during these challenging times will inform the Commission’s next MAF assessment.

TBP Assessment

Public Service Values & People (AoM # 1, 10, & 11)

In its last MAF assessment, the MPCC was commended for its efforts to embed values and ethics in the everyday practice of the organization. The Commission continues to foster values and ethics, with senior management regularly engaging with employees on values and ethics issues. Initial one-on-one briefs are conducted with new staff, and senior management routinely includes discussion of hypothetical and real values and ethics scenarios at staff meetings. This emphasis on values and ethics is important given the sensitive nature of the information employees handle on a daily basis.

The Commission is presently drafting a new Code of Conduct, in accordance with the Public Servants Disclosure Protection Act. An action plan to draft and implement the new code will be developed in 2009-2010.

Like all small organizations, the MPCC has difficulty attracting and retaining staff. Since the last MAF assessment, the Commission has placed an emphasis on fostering a workplace that makes the organization an employer of choice. As of November 2008, 100% of Executives, those in supervisory functions and those that provide personal and central services met the language requirements of their positions. 100% of employees occupying bilingual positions meet the linguistic profile for their position. Employees are encouraged to use their preferred language in operations, meetings and e-mails, and work instruments and IT systems are available in both languages. The Commission, however, remains under-represented in one or more of the four employment equity designated groups (i.e., visible minorities and aboriginal representation).

The Commission has recognized the need to create a work environment where employees can develop and use their skills. In the 2008 Public Service Employee Survey, greater than 65% of employees indicated that they receive the necessary job training and have opportunities to develop and apply their skills. A similar percentage of employees felt encouraged to be innovative or take initiative in their work. The Commission has also instituted an awards and recognition program. In the 2008 survey, 70-75% of employees felt they received meaningful recognition from their immediate supervisor.

The MPCC is encouraged to continue to make itself an employer of choice.

Governance & Strategic Direction (AoM # 2, 3 and 4)

The MPCC has met its requirements under the TBS MRRS Policy: Treasury Board-approved Program Activity Architecture (PAA) and performance measurement framework. The Commission’s one strategic outcome is aligned to its mandate. While the description of its one program activity provides a clear understanding of the program’s rationale and target group, the Commission could further clarify how the program works and how funds are used. As noted in the summary, improvements can be made to the clarity of the performance measurement framework.

The corporate governance structure is fully aligned to the PAA and senior management oversight of the organization is evident, particularly through the Executive Committee and Operations Committee. In fact, as a small organization, senior management is engaged in all levels of the corporate governance structure. As suggested in its last MAF assessment, the Commission developed an integrated business and human resources plan, which is reviewed annually. While priorities, results and performance indicators are identified, the plan does not highlight the risks to achieving the priorities or any mitigation strategies. The current version of the Commission’s draft Risk Management Framework does not provide clear linkages between the risks and corporate plan priorities. Completion of the Risk Management Framework, in consultation with Treasury Board Secretariat, and enhancement of performance measurement will help the Commission to further its decision-making abilities.

With regard to participation in horizontal initiatives, the MPCC is a member organization of the Small Agencies Administrator’s Network, which provides opportunities for sharing information and practices on issues facing small organizations. The MPCC is also a member of the Personnel Advisory Group, which promotes the effective management of human resources to support the needs of small departments and agencies. The Commission is also actively involved in a number of other interdepartmental communities.

In support of Public Service Renewal, the Commission has developed its Integrated Business and Human Resources Plan. As outlined above, the Commission has also placed an emphasis on staffing, linguistic capacity and employee performance. The MPCC has instituted a learning policy and learning plans are developed to support career development.

Treasury Board Submissions (AoM #5)

*. MPCC engaged early with TBS staff in the development of that submission and comprehensive financial information was provided. The quality of the submission could have been improved in its discussion of risks and mitigation strategies.

Results and Performance (AoM # 6 & 7)

As a small agency, the MPCC does not have a separate evaluation function. Rather, the responsibility for the coordination of evaluations and audits rests with the Chief of Staff. The Commission has yet to implement a formal evaluation plan. In 2004-2005, the Commission conducted an organizational review and workload assessment. In 2008, senior management undertook a review of its service delivery timelines and established performance metrics on its complaint review process. These reviews indicate that the Commission engages in a number of performance measurement activities that have the potential to support an evaluation; however, much of the focus to date has been on efficiency issues and the Commission is encouraged to broaden its scope to include program effectiveness and relevance. The Commission has indicated that a formal evaluation plan will be developed in accordance with the Treasury Board Directive on the Evaluation Function. This evaluation plan will include coverage of direct program spending.

The 2007-2008 Report on Plans and Priorities (RPP) and Departmental Performance Report (DPR) were developed in accordance with TBS guidelines. The RPP identified priorities, plans, results and performance metrics. Risks to achieving priorities were identified and risk mitigation strategies discussed. The DPR included a discussion of the results achieved for the plans outlined in the RPP; however, linkages between program activity-level performance and the achievement of the organization’s one strategic outcome were not consistently made. For future reports, the Commission could strengthen these linkages. In addition, the DPR could be enhanced by incorporating more objective, evidence-based performance information, including the source of information (e.g., audits, evaluations, internal reviews), into the performance story.

Change and Risk Management (AoM # 8 & 9)

As a small organization, the MPCC is largely focused on maintaining its staffing levels and ensuring employees have the proper skill sets. To that end, employees’ annual performance reviews include discussion of learning plans to encourage continuous learning.

The Commission has also focused on its complaints review process, undertaking a review in 2008 to improve service delivery timelines. Improvement and innovation are part of continued efforts to provide a faster, more streamlined complaints resolution process.

A Risk Management Framework has been drafted, but has yet to be finalized and approved. The framework assigns responsibility for mitigation of key risks to the Chair of the MPCC. This seems reasonable given the size of the organization, the involvement of the Chair in the MPCC’s governance structure and the frequency with which the Chair receives briefings on operations. TBP has noted areas for improvement in the risk management framework and the Commission is encouraged to consult TBS prior to finalizing the framework, which is scheduled for end of fiscal year 2009-2010.

Stewardship & Accountability (AoM # 12-19 & 21)

With regard to information management, the Chief of Staff is the Chief Information Officer. The MPCC has established a number of information management policies, including Management of the Complaints Commission’s Information and Data Security. The MPCC has also instituted a retention and disposal schedule for its documents and records. In terms of its obligations under the Access to Information Act and Privacy Act, the Commission submitted its annual reports to Parliament; however, these reports did not address all mandatory reporting requirements. For example, the annual report to Parliament on the administration of the Privacy Act did not address whether the organization instituted any new data-matching and sharing activities, or whether personal information was disclosed under subsection 8 (2) (e), (f), (g) and (m) of the Act. In addition, the majority of the Class of Records descriptions in the Commission’s chapter in Info Source: Sources of Federal Government Information do not describe the records that are created, collected and maintained as evidence of the Commission’s mandated programs and activities. The Commission is encouraged to review its information in Info Source.

An Information Technology (IT) Specialist/Security Officer is responsible for the IT infrastructure and reports directly to the Chief of Staff. The Executive Committee is the decision-making body for the Commission’s IT. The Commission participates in a number of interdepartmental communities, including the Federal Council of Security Officials.

Given the size of the MPCC, the organization is not required to submit a long-term capital plan to Treasury Board for approval; however, the MPCC plans for its capital investments in an acceptable manner. Since the last MAF assessment, the MPCC has instituted an “evergreen program” that schedules the replacement of its capital IT assets based on life-cycle estimates. This program enables better financial planning as cash flow requirements are predictable well into the future. Replacement of these assets is part of the annual budget planning cycle. While likely sufficient for its small number of assets, the MPCC must also consider that indicators other than age may inform the optimal replacement schedule of IT equipment (e.g., functionality and reliability). Lastly, assets are tracked electronically through a system called Track IT. The system is able to track all capital assets, although computers, laptops, blackberries and the like form the bulk of the Commission’s assets.

The MPCC undertakes very few projects. Most projects involve the replacement of computer hardware or software upgrades. The Commission recently upgraded its Microsoft Office software and its electronic document management system (Foremost/Documentation). Both upgrades were successful. Projects are planned and managed using organizational resources, with the assistance of consultants as required. There are no examples of the Commission exceeding its project approval authority.

In the last MAF assessment, deficiencies were noted in the area of procurement and contract management. At the time, the MPCC did not demonstrate that there was adequate oversight, monitoring and on-going review of procurement and contracting functions and processes. In response, the MPCC conducted a management review of procurement practices. The Chief of Staff is now responsible for reviewing all acquisition requests, and major acquisitions are brought to the Executive Committee for approval. The MPCC was the subject of a horizontal review conducted by the Office of the Comptroller General on contracting practices in small departments and agencies. The results of this review have not yet been finalized and will inform future MAF assessments.

With regard to financial management and control, 100% of Public Accounts plates were received on time. The Chief of Staff is the organization’s Senior Financial Officer and reports directly to the Chair. The Chief of Financial Services is a qualified Chartered Accountant and has section 33 authority and audits all financial transactions. All payments are verified against an account verification process checklist. The accuracy, scope and frequency of internal reporting to senior management are adequate. The MPCC uses the Common Departmental Financial System under a Memorandum of Understanding with Public Works and Government Services Canada.

The MPCC was the subject of a horizontal review conducted by the Office of the Comptroller General on Travel and Hospitality in Small Departments and Agencies. Of the 15 criteria assessed in the areas of governance, internal control – travel, internal control – hospitality and risk management, the MPCC met approximately 10. The MPCC did not meet the following criteria:

• Pre-authorization of expenditures and Financial Administration Act (FAA) section 32 for travel and hospitality – Requirement for expenses to be authorized in advance in accordance with the provisions of Treasury Board policies; and
• Authorization of expenses/FAA section 34 and 33 – Requirement for expense claims to be properly authorized and supported by the requisite documentation and information for account verification (s. 34) and funds release (s.33) by delegated officers.

The MPCC has advised TBS that the deficiencies noted in the audit findings have been addressed through the improvement of its management control framework.

As a small agency, the MPCC is not required to establish its own audit function. The MPCC has recently agreed to the formation of the Departmental Audit Committee, as recommended by the Office of the Comptroller General. This committee was established as a way for small agencies to meet their obligations under the 2006 Policy on Internal Audit.

The Chief of Staff is the MPCC’s security officer and reports directly to the Chair. The IT Specialist/Security Officer is responsible for monitoring and briefing senior management on compliance with the Management of Information Technology Security (MITS) standard. With regard to security briefings, the Privy Council Office provides employees with initial security briefings on the Government Security Policy at the time of hire. The MPCC provides subsequent security briefings as issues arise. For example, the public interest hearing into the transfer of Afghan detainees has necessitated a greater and more rigorous handling of secret material.

The MPCC approved a Business Continuity Plan in February 2008 and is scheduled to test the plan in fiscal year 2009/2010. The plan touches on pandemic preparedness and IM/IT continuity and disaster recovery planning.

The MPCC has demonstrated solid performance in the area of performance management for executives. Executives sign annual performance agreements and progress against deliverables is reviewed semi-annually. A best practice review mechanism exists to ensure internal equity and consistency in determining ratings.

Citizen-focused Service (AoM # 20)

The MPCC was not applicable for assessment with regard to the consideration of public/client views in the development of services, programs or policies. The program and activities of the MPCC are derived from Part IV of the National Defence Act.

As previously noted, the MPCC has strong linguistic capacity. 100% of employees providing services to the public meet the linguistic requirements of their positions.