ARCHIVED - MAF Assessment: Veterans Affairs Canada - 2008

1.1 Leadership: Strong

• Executive leaders engage employees and stakeholders on an ongoing basis in ethical discussions and openly address organizational ethical issues through public statements and internal messaging.

1.2 Infrastructure: Strong

• Organization monitors risks in regard to possible breaches of public service values and ethics, and risk management is integrated into decision making.
• Values and ethics plans or strategies are tailored to an organization's work, span several years, and measure results and are used to inform senior management on the state of the organization's values and ethics.

1.3 Culture: Strong

• Mechanisms are in place to promote public service values and ethics and are reflected in organization practices and employee behaviour.
• Organization, on an ongoing basis, uses employee feedback from across the entire organization to measure its values and ethics culture and employee engagement.

2.1 PAA Consistency: Strong

• The Strategic Outcome(s) is/are measurable and represents an end-state.

2.2 Measurability: Acceptable

• An adequate Program Activity Architecture has been developed with some issues to be resolved.

2.3 Quality:

• Expected results are not clear and distinct, and are not appropriate to their respective program descriptions.
• The performance indicators are not clear and cannot be used for data collection to provide reliable insight into program effectiveness.

3.1 Business Plan: Acceptable

• Corporate business plan generally integrates human resources, IM/IT, communications or other key corporate plans.
• Corporate business plan generally aligns resources and accountabilities to priorities.
• Sector or branch business plans are generally aligned with the corporate business plan.

3.2 Governance Structure: Acceptable

• Organization's corporate governance structure is generally aligned to the organization's PAA.
• Recordkeeping is generally complete and current (minutes of meetings and records of discussion, decision, and follow-up).
• Senior corporate management structure (e.g., committees) interacts with and provides oversight to the supporting governance structure.
• Terms of reference are generally current and complete.

4.2 Participation in Priority Initiatives: Acceptable

• Senior management actively steers the initiatives engages participants and responds proactively to participant feedback.
• Senior management is actively engaged in the initiatives and is supporting the respective leads.
• The organization shows strength in its participation in Public Service Renewal.

4.3 Portfolio Coordination: Acceptable

• Adequate attention paid to developing coherent policy or program approaches across portfolio.
• The Department’s portfolio coordination is effective.

TBS has assessed Veterans Affairs Canada with regard to its participation in the Public Service Renewal (Strong) and Web of Rules (Acceptable) initiatives.

5.2 Analysis: Opportunity for Improvement

• Appropriate and complete links to MRRS, strategic objectives, etc., are used.
• Established capacity in the understanding of external pressures exists.

5.3 Consultations: Acceptable

• Submissions are usually on time (six weeks before TB meetings).

6.1 Quality: Acceptable

• All evaluations submitted to TBS include a management response and an action plan detailing implementation strategies, timelines and management accountabilities.
• Evaluations sometimes have findings, conclusions and recommendations that are not supported by the evidence found in the evaluation report.
• Evaluations submitted to TBS discuss in a cursory way the limitations of the methodology and data sources used.
• Evaluations submitted to TBS sometimes use multiple lines of evidence. Evaluations sometimes reflect the diversity and perspectives of multiple program stakeholders.
• The majority of evaluations submitted to TBS consistently employ appropriate methodologies to gather data and inform the analysis.

6.2 Neutrality: Acceptable

• All resources dedicated to evaluations are directed by the Head of Evaluation.
• Evaluation function resourcing is not commensurate with the organizational evaluation plan.
• Head of Evaluation has explicit authority to submit evaluation reports directly to the deputy head. Head of Evaluation has access to the deputy head, as required.
• Senior management committee is in place to support, oversee and monitor the evaluation function and management accountabilities arising from evaluations and evaluation related products. The committee is chaired by the deputy head or senior level designate. The committee meets regularly during the year.

6.3 Coverage: Opportunity for Improvement

• Option 1: The organization has committed to moving toward full evaluation coverage of their program base (e.g. over a five year cycle). However, relatively low number of evaluations are completed each year and they cover less than 10%.
• The organization has committed to moving towards full evaluation coverage of all ongoing programs of grants and contributions over a five year cycle as per 42.1 of the FAA. However, relatively low number of evaluations of G&Cs are completed each year and they cover less than 10%.
• The organization has shared its multi-year, risk-based evaluation plan with TBS. The evaluation plan has information on evaluations planned, completed and carried over. It also includes links to the organization's PAA. As well, there is evidence to indicate that the organization has calibrated its evaluation efforts and/or approaches according to program context.

6.4 Usage: Acceptable

• Active, systematic and regular tracking of management action plans arising from evaluation recommendations is in place.
• Evaluation commitments, plans and requirements are delivered on time or extensions are due to circumstances beyond the department's control. Organization occasionally requests extension from TBS.
• Some evaluations submitted to TBS incorporate data from a performance measurement system to support the evaluation. Submitted evaluations usually cite data availability and/or quality as constraints.
• The results of evaluations are sometimes brought for consideration in TB submissions, Memorandum to Cabinet, RPPs, DPRs and Strategic Reviews.

7.1 MRRS Basis: Acceptable

• Good links between performance and plans are present.
• Linkages between resources and results are adequately demonstrated in the reports.

7.2 Credible information: Opportunity for Improvement

• DPR is not sufficiently based on the PAA, i.e. performance is not reported consistently by Program Activity (PA) or at the PA level.
• The DPR occasionally provides independently verifiable evidence-based performance information.

7.3 Context: Acceptable

• DPR is not balanced – the positive performance reported is not well- substantiated and few negative aspects of performance are reported.

8.1 Change plan: Acceptable

• The organization has the capacity to evaluate whether or not change is required.

8.2 Engagement: Opportunity for Improvement

• Engagement of employees is limited.

8.3 Assessment: Acceptable

• Change plans and strategies are included in Performance Management Agreements of Senior Executives.

9.1 Engagement: Acceptable

• Senior management reviews the organization’s Risk Management approach within the current three-year planning cycle.
• The organization has a common risk assessment approach and it has been approved by senior management.
• Senior management ensures that the organization’s Risk Management approach is tailored to the specific needs of the organization.
• Senior management has reviewed/approved the Corporate Risk Profile within the past year.
• Senior management encourages effective Risk Management and a risk-smart culture.
• Accountability for key risks appears to be inconsistently assigned to senior management.

9.2 Implementation: Acceptable

• The organization’s Risk Management approach is inconsistently communicated to staff and stakeholders.
• The Corporate Risk Profile is inconsistently implemented into operational levels across the organization.
• Risk Management guidance and tools that enable the organization’s risk management approach are inconsistently made available to staff.

9.3 Integration: Opportunity for Improvement

• Risk information is inconsistently considered and consulted for senior management decision-making.
• Risk information and Risk Management principles somewhat influence planning and resource allocation decisions.
• Operational level risks are prioritized into key risks.
• Risk information and Risk Management principles are adequately captured in senior management reporting.
• The organization makes inconsistent course corrections based on Risk Management performance and new information.

9.4 Continuous Improvement: Acceptable

• Most relevant external sources are consulted during the development of the organization’s CRP.
• Key risk information was adequately gathered from internal sources of the organization for preparing the CRP.
• Corporate risks are inconsistently linked to the organization’s strategic outcomes.
• The CRP provides a reliable assessment of the quality of risk information used.
• The organization adequately builds on past experience, better practice, and adjusts to fit any changes in management structures, priorities or strategic direction.
• The organization has implemented most recommendations provided during its last MAF assessment.

Veterans Affairs Canada should be commended for its work advancing the organization’s risk management approach. Since MAF Round V, senior management has approved VAC’s Integrated Management of Risk Framework as well as an update of its corporate risk profile. VAC has also developed a Risk Management Action Plan which outlines the activities that are either in progress or have been completed in the current fiscal year.

10.1 Fair: Acceptable

• Organization is undertaking action to improve the classification program in accordance with its level of risk.
• Evidence shows that labour relations matters are consistently and appropriately managed/addressed.
• Evidence shows that the organization exceeds standards of timeliness in payments to employees.
• Evidence shows that the organization is in compliance with Labour Relations and Compensation Operations direction (terms and condition of employment, collective agreements and/or applicable legislation).

10.2 Enabling: Strong

• Organization is representative of all four employment equity designated groups.
• Promotions among employment equity groups are greater than or equal to previous year's performance.
• Separations among employment equity groups are less than or equal to previous year's performance.
• Work instruments, electronic systems and communications with employees are always or nearly always available in both official languages.
• Organization demonstrates the necessary linguistic capacity to provide personal and central services and supervision in both official languages.

10.3 Healthy and safe: Opportunity for Improvement

• Employees feel recognized for positive performance.
• Evidence shows that the organization has an inadequately managed program to protect employees' occupational health and safety.

11.1 Productive: Acceptable

• A sufficient number of employees indicate their organization supports their career development and learning needs.

11.2 Principled: Acceptable

• Communications with and services to the public in both official languages are generally available.
• Employees consider that they generally can communicate in the official language of their choice within their organization and work instruments, electronic systems and communications in both official languages are generally available.
• Necessary linguistic capacity is in place as is shown by the vast majority of incumbents of bilingual positions who meet the language requirements of their position.
• Progress against the previous year's performance on recruitment, promotion and separation for employment equity groups is less than the organization's average for all employees.
• Promotions among employment equity groups are greater than or equal to representation.

11.3 Sustainable: Acceptable

• Evidence indicates human resources planning integrated with business planning is generally in place and governance/organizational infrastructure generally exists to support it.

11.4 Adaptable: Opportunity for Improvement

• An insufficient number of employees indicate their organization encourages continuous learning, improvement and innovation.

12.1 Governance: Strong

• IM requirements are fully integrated as a part of the approval, development, implementation, evaluation, and reporting of departmental policies, programs, services, and projects and mechanism are in place to continuously evaluate and modify the requirements.
• IM is fully represented in the corporate-wide governance structure and in the corporate-wide governance or approval committee(s).
• Responsibilities are identified for IM policy development and implementation is wholly consistent with the GC IM Strategy and policy instruments.

12.2 Strategy: Acceptable

• A current and active IM strategy identifies support to business priorities and operations, information needs and accountabilities, IM policy considerations and is partially integrated with other corporate strategies, plans and planning cycles.
• An IM strategy implementation plan, including some timelines and resources, is underway and some achievements to date are identified.
• IM awareness activities are underway in the department to help staff and executives understand their IM roles, responsibilities and accountabilities.

12.3 Privacy Act: Acceptable

• Most of the organization’s collections of personal information are described in registered Personal Information Banks and/or Classes of Personal Information in accordance with the requirements of the Privacy Act.

12.4 Access to Information Act: Acceptable

• Most of the organization's functions, programs, activities and related information holdings have been appropriately identified and described in its 2008 Chapter of Info Source: Sources of Federal Government Information.

13.1 Leadership: Strong

• The senior official has responsibility and accountability for the full scope of information technology responsibilities and ensures that information technology supports organizational outcomes.
• Organization actively participates and demonstrates leadership in setting government-wide directions for information technology.

13.2 Planning: Strong

• A comprehensive information technology plan is in place and it aligns with the government-wide directions for information technology and with departmental business needs.
• Organization has aligned corporate and information technology governance structures and has an integrated planning process.

13.3 Value: Acceptable

• Organization is making efforts to appropriately use and plan for further use of information technology shared services.
• Organization devotes adequate management attention to service costing, asset management, performance measurement and reporting to ensure value delivery.

14.1 Investment Planning: Acceptable

• The organization has a current long-term investment planning document that has been approved by the proper authority.
• The organization has a planning document that ranks priority investments.

14.2 Real Property Management: Acceptable

• Some elements of a real property management framework have been implemented.
• Certification of information in the FCSI is not received and accepted.

14.3 Materiel Management: Acceptable

• All elements of a materiel management framework are evident.
• Governance structures, approval processes and authority limits are documented and disseminated.
• Comprehensive internal policies are documented and disseminated.

14.2 Real Property Management
Certification of information in the DFRP is received and conditionally accepted.

15.1 Governance and Oversight: Acceptable

• Business cases, which define expected outcomes, are required to support proposals for major projects.
• There is evidence of formal project governance and oversight mechanisms and that approved projects are generally linked with the strategic plans and priorities of the organization through established organization-wide procedures. Approval and corrective action decisions are documented.
• There is no evidence that the organization has exceeded Treasury Board approval limits.

15.2 Effective Management of Project Resources: Acceptable

• Adequate processes/procedures exist to ensure that planned projects have the required resources to achieve expected outcomes.
• The organization recognizes project management as a discipline and most employees with project management responsibilities have completed relevant project management training.
• There is evidence that most project managers prepare a staffing plan to secure authorization for necessary resources prior to project execution.
• There is no evidence that the organization has failed to meet TB conditions regarding projects.

15.3 Effective Management of Project Results: Acceptable

• There is evidence of organization-wide procedures and processes which communicate project monitoring and performance information to project managers and project oversight mechanisms.
• There is no requirement for business cases that define project outcomes and few projects are subject to a review.
• While lessons learned are used to improve project management governance and oversight in some instances, there is no formal or organization-wide mechanism which supports continuous improvement.
• While there is evidence of project monitoring and reporting activities, there is no evidence that these activities are ongoing or that the information is used to support corrective action.
• While there is evidence that project milestones, deliverables and outcomes are documented for some projects, it is not a requirement across the organization.

16.1 Governance and Oversight: Acceptable

• Clear links have been established between procurement activities and the organization-wide program plans, priorities and long-term investments.
• Some procurement planning.

16.2 Meeting Operational Requirements: Acceptable

• Consistent procurement training is evident.
• Informed decision making and oversight exist.
• Lack of appropriate links to human resources planning is in place (e.g., little to no succession planning and recruitment strategies for procurement staff).
• Qualified procurement human resources exist.
• Timely and accurate procurement financial and non-financial reports have been submitted.

17.1 Authorities and Policies: Opportunity for Improvement

• Audit report results show evidence of deficiencies that are of some concern.
• Departmental procedures, tools, training and support for those individuals delegated with Section 34 authority show evidence of deficiencies that are of serious concern.
• Departmental processes for classification of moneys, internal controls for receiving and recording money and depositing money show evidence of solid financial management practices.
• Departmental processes for informing those delegated with Section 33 authority of their responsibilities and dealing with requests for payments that are problematic show evidence of deficiencies that are of some concern.
• Departmental processes to provide individuals delegated Section 33 authority with the information necessary to assess and approve specific transactions and to assess the adequacy of Section 34 account verification show evidence of solid financial management practices.
• Insufficient response to management letter recommendations.

17.2 Public Accounts Reporting: Acceptable

• Minimal Central Financial Management Reporting System (CFMRS) coding errors.
• No accounting period 13 adjustments.
• No errors found during the course of the OAG Public Accounts audit.

17.3 Management Capacity: Acceptable

• A significant amount of training is provided for the financial management organization.
• All, or almost all, FIs and management team members in the financial management organization have current, approved learning plans.
• Positions, the duties of which are being performed by an individual indeterminately appointed to that position, comprise a reasonable proportion of the FI segment of the financial management organization.
• Positions, the duties of which are being performed by an individual indeterminately appointed to that position, comprise a reasonable proportion of the positions on the management team of the financial management organization.
• Some processes in support of a sound succession plan for key positions are in place.
• There is an acceptable functional relationship between the CFO/SFO and FI positions that exist outside the financial management organization. *This row is only applicable where the department or agency indicates there are FI positions outside the financial management organization.
• There is not a position established in the financial management organization that is dedicated to community management and development.

17.4 Financial Statements: Opportunity for Improvement

• All concerns identified in the audit readiness assessment are addressed in a detailed action plan.
• The Financial Statements are compliant with Treasury Board Accounting Standard 1.2 – Departmental and Agency Financial Statements and reporting deadlines were met.
• There are significant unremedied known financial internal control weaknesses.

17.5 Internal Reporting: Acceptable

• The internal financial reporting package is accompanied by a good discussion and analysis.
• The internal financial reporting package is presented to senior management less than one month after period end.
• The internal financial reporting package is presented to senior management ten or more times per year.
• The process for reviewing information before it is presented to senior management to ensure no material errors or omissions is well established.
• The scope of the internal financial reporting package is reasonable.

The department saw its overall rating decrease to an OFI as a result of significant issues raised both in internal audit reports and in the OAG's management letter.

18.1 Internal Audit governance: Strong

• There is an approved Internal Audit Charter in line with the 2006 Policy on Internal Audit.
• The Implementation Plan covers all of the required policy elements.
• Ongoing monitoring of, and progress in implementing, key elements of the plan are on track with planned timelines.
• Chief Audit Executive reports solely and exclusively to the Deputy Head.
• An independent Departmental Audit Committee is in place.
• There is a Departmental Audit Committee Charter in line with the 2006 Policy on Internal Audit.
• There is an approved Departmental Audit Committee Annual Plan for fiscal year 2008-2009.
• The Departmental Audit Committee will have met at least four times within twelve months of its inception.
• There is a written statement indicating that a Departmental Audit Committee Annual Report will be produced for fiscal year 2008-2009 and future years.

18.2 Internal Audit Professional Practices: Acceptable

• The Risk-Based Audit Plan was approved by the Deputy Head and sent to the Office of the Comptroller General in a timely manner.
• Annual Risk-Based Audit Plan methodology is, for the most part, evident and applied.
• There is evidence of preparation to provide for holistic assurance.
• Most post-engagement follow-up activities are identified.
• There is complete and comprehensive identification of planned use of all audit function resources.
• Majority of planned work is on audit assurance versus other types of activities.
• Continuity of previous years work is clearly identified with status and rationale.
• Approved assurance products are not consistent with policy and internal audit standards requirements, containing one key methodological deficiency.
• Reasonable completion rate of assurance products (number of assurance audit reports) against 2007-2008 Risk-Based Audit Plan.
• Internal Quality Assurance and Improvement Program is well documented and in place.
• Assurance products (reports) are produced in a reasonably timely manner.
• Approved assurance products are made accessible to the public in a reasonably timely manner.
• Post-engagement follow-up process is well documented, and all recommendations are followed up using a risk-based approach.
• The department or agency provides limited notification to the Treasury Board Secretariat on the posting of reports.

18.3 Administration of the Internal Audit Function: Acceptable

• The Internal Audit Human Resources Plan is linked to the business plan, and includes an elaborated recruitment action plan and an external resourcing strategy that are being actioned in a formal manner.
• Investment in Certified Internal Auditor certification, learning and training does not meet the basic requirement of 4% of FTE salaries.
• Planned spending, *, was given to the Office of the Comptroller General. When comparing current spending of 2008-2009 with planned financial resources of 2007-2008, resource levels identified maintain the resource levels identified in 2007.
• Planned FTEs dedicated to internal audit have grown comparatively to 2007-2008. They exceed the resource level identified in the planned internal audit function’s budget for 2008-2009.

18.4 Internal Audit Performance: Acceptable

• A Chief Audit Executive Annual Report for 2007-2008 was presented to the Departmental Audit Committee and the Deputy Head and submitted to the Office of the Comptroller General.
• Limited periodic reporting on the follow-up of Management Action Plans.

The Departmental Audit Committee is in place with three external members. The Chief Audit Executive reports solely and exclusively to the Deputy Head.

19.1 Departmental Security Program: Acceptable

• Organization has in place a fully developed security program that comprises key policy elements and is administered by an appointed Departmental Security Officer (DSO) who is positioned to provide strategic advice and guidance to senior management.
• No significant deficiencies in meeting key policy requirements for the departmental security program.

19.2 Management of IT Security (MITS): Acceptable

• Organization has achieved the three priority objectives that form the foundation for Management of Information Technology Security (MITS) and complies with most MITS requirements.
• No significant deficiencies in meeting key MITS requirements.

19.3 Business Continuity Planning (BCP): Acceptable

• Organization has in place measures to provide for the continuity of critical business operations and services, and is compliant with most or all the policy requirements.
• Some deficiencies in meeting key BCP program requirements.
• Business Continuity Planning (BCP) program governance has been established.
• Business Impact Analysis (BIA) has been completed to identify and prioritize the organization's critical services and assets.
• Business continuity plans and arrangements are in place and approved by senior management.
• Maintenance cycle has been partially put in place to review, test and audit business continuity plans.
• Completed and approved plans are in place for Pandemic and Information Management/Information Technology emergency preparedness.

20.1 Management Engagement – Service and CLF: Strong

• There are clear expectations set by senior management for an institutional focus on meeting the needs of clients, specifically with respect to service standards and client satisfaction measurement.
• There are generally documented and communicated priorities and goals for service at the institutional level; these priorities and goals are generally set by senior management based on the use of performance evidence.
• There is a well-established committee at the institutional level, composed of senior management accountable for service, which has a fully documented and communicated responsibility for making decisions about the overall management of service.
• There is limited monitoring of progress by senior management towards the achievement of the goals for service, making course correction difficult.
• There is routine monitoring by senior management to ensure that the requirements of CLF 2.0 are being met institution-wide; this information is used to make timely and proactive decisions or course correction.

20.2 Public/client views: Acceptable

• Evidence of making consultation results available to the public.
• Little evidence of incorporating feedback in the implementation of its services, programs, policies and initiatives.
• Many tools are used to obtain views from some clients.
• Minor plans to obtain views from clients.
• There is a clearly identified target clientele for public consultations.

20.3 Official Languages: Acceptable

• Analysis of the Annual Review on OL shows the institution is generally able to meet its obligations.
• Audits reveal very good performance in active offer and service delivery in both OL.
• Small number of complaints deemed founded by the Commissioner of Official Languages.
• The institution has the necessary linguistic capacity to serve the public in both OL.