Skip to content Skip to institutional links

Common menu bar links

Management Accountability Framework

ARCHIVED - MAF Assessment: Privy Council Office - 2008

Warning This page has been archived.

Archived Content

Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.

* An asterisk appears where sensitive information has been removed in accordance with the Access to Information Act and Privacy Act.

This document provides a Treasury Board Secretariat assessment of the department's performance against specific areas of management only. It does not present an assessment of management quality beyond these areas of management, nor does it reflect the level of effort a department may be making towards improving the quality of its management. The MAF assessments use standardized language to ensure consistent descriptions and characterizations. This assessment may not reflect the latest information available. Some departments and agencies have provided updated information in the form of a management response. Where management responses have been prepared, the link to the response is posted below the assessment.

Context

This year’s observations by the Treasury Board Portfolio related to the Privy Council Office (PCO) are generally positive. In total, for the 21 areas of management against which the department was assessed, it received 19 “acceptable” ratings, one “opportunity for improvement” rating, and one area of management was left "unrated". Overall PCO obtained two lower ratings and one higher rating since the 2007 Management Accountability Framework (MAF) assessment.

PCO has stabilized its activities since its restructuring exercise in 2006-07 and despite experiencing a federal election during the MAF assessment period PCO has continued to make progress in the development and refinement of several management initiatives. PCO should be recognized for its work to improve management in the following areas:

Effectiveness of the Corporate Management Structure – PCO completed an integrated business plan for its Corporate Branch, which will enable it to clearly align resources, activities, and priorities, including HR, IM/IT and communications. Moving forward, PCO will build on this exercise and develop and implement integrated business plans for all other branches within the organization.

Managing Organizational Change – consistent with recommendations made in the MAF Round V assessment, PCO has undertaken to develop a formal change management framework for use with any future change management initiative.

Further, PCO should be congratulated for improvements it has made related to management priorities identified in last year’s MAF assessment including:

Effective Management of Security and Business Continuity – PCO has a fully developed departmental security program and significant progress was made since MAF Round V in the establishment of a Business Continuity Planning program. PCO is encouraged to continue efforts in this regard, finalize and obtain funding and approval for recovery strategies, complete development of business continuity plans, and conduct exercises to validate and test these plans.

There are areas, however, where PCO should continue to make further progress and which have been identified as management improvement priorities for the coming year:

Quality and Use of Evaluation – PCO began to establish its own audit and evaluation division in 2007-08. Given the nature of PCO's activities and current transition to its own audit and evaluation function, it was not possible to attest to the quality of evaluation conducted by the department during this MAF exercise. PCO is encouraged to continue efforts in this regard and consult the new Treasury Board Policy on Evaluation (2009) for 2009-10 evaluation requirements and in future years.

Effectiveness of Internal Audit Function - While the majority of audits planned in 2007-08 were completed and progress was made in the implementation of a Departmental Audit Committee, it is recommended that PCO submit to TBS in a timely manner an approved Risk-Based Audit plan for 2009-10. As well, the Chief Audit Executive should provide regular updates on the progress of management actions plans to the internal audit committee.

1. Values-based Leadership and Organizational Culture

Acceptable

Highlights	Opportunities
1.1 Leadership: Acceptable Executive leadership regularly communicates and encourages ongoing dialogue on public service values and ethics among employees. 1.2 Infrastructure: Acceptable Regarding Values and Ethics Plans, the organization is maintaining its Round V (2007-08) assessment of Strong. It has submitted a Management Assertion to CPSA that no significant changes have occurred within the organization to affect this rating. Risks in regard to possible breaches in public service values and ethics are regularly assessed, documented and followed up with mitigation plans and action by management. 1.3 Culture: Strong Regarding the Current State of Organizational Values and Ethics, the organization is maintaining its Round V (2007-08) assessment of Strong. It has submitted a Management Assertion to CPSA that no significant changes have occurred within the organization to affect this rating.
Recommendations

Highlights

Opportunities

1.1 Leadership: Acceptable

Executive leadership regularly communicates and encourages ongoing dialogue on public service values and ethics among employees.

1.2 Infrastructure: Acceptable

Regarding Values and Ethics Plans, the organization is maintaining its Round V (2007-08) assessment of Strong. It has submitted a Management Assertion to CPSA that no significant changes have occurred within the organization to affect this rating.
Risks in regard to possible breaches in public service values and ethics are regularly assessed, documented and followed up with mitigation plans and action by management.

1.3 Culture: Strong

Regarding the Current State of Organizational Values and Ethics, the organization is maintaining its Round V (2007-08) assessment of Strong. It has submitted a Management Assertion to CPSA that no significant changes have occurred within the organization to affect this rating.

Recommendations

2. Utility of the Corporate Performance Framework

Acceptable

Highlights	Opportunities
2.1 PAA Consistency: Acceptable The Strategic Outcome statement(s) can be understood within and outside the department as a benefit to Canadians, however its/their clarity should be improved. 2.2 Measurability: Acceptable An adequate Program Activity Architecture has been developed with some issues to be resolved. 2.3 Quality: The performance indicators are not clear and cannot be used for data collection to provide reliable insight into program effectiveness.	PCO has engaged with TBS to improve its Program Activity Architecture and address areas of concern, and it is expected that work will continue in this direction. PCO should continue to refine its Program Activity Architecture so as to more accurately portray its work; program titles and descriptions could better communicate the content, rationale and benefits of programs. The organization should continue to refine its Performance Measurement Framework (PMF) to bring it in line with the standards set out in the MRRS Instructions. The organization should also ensure that actual data for the indicators in its PMF are being collected and analyzed to gain insights into program performance and to validate the indicators.
Recommendations

Highlights

Opportunities

2.1 PAA Consistency: Acceptable

The Strategic Outcome statement(s) can be understood within and outside the department as a benefit to Canadians, however its/their clarity should be improved.

2.2 Measurability: Acceptable

An adequate Program Activity Architecture has been developed with some issues to be resolved.

2.3 Quality:

The performance indicators are not clear and cannot be used for data collection to provide reliable insight into program effectiveness.

PCO has engaged with TBS to improve its Program Activity Architecture and address areas of concern, and it is expected that work will continue in this direction.
PCO should continue to refine its Program Activity Architecture so as to more accurately portray its work; program titles and descriptions could better communicate the content, rationale and benefits of programs.
The organization should continue to refine its Performance Measurement Framework (PMF) to bring it in line with the standards set out in the MRRS Instructions. The organization should also ensure that actual data for the indicators in its PMF are being collected and analyzed to gain insights into program performance and to validate the indicators.

Recommendations

3. Effectiveness of the Corporate Management Structure

Acceptable

Highlights	Opportunities
3.2 Governance Structure: Acceptable Adequate management oversight of the organization's program activities and underlying programs is evident. Organization's corporate governance structure is generally aligned to the organization's PAA. Recordkeeping is generally complete and current. (minutes of meetings and records of discussion, decision, and follow-up). Senior corporate management structure (e.g., committees) interacts with and provides oversight to the supporting governance structure. Senior corporate management structure or subordinate governance structure (e.g., committees) meet regularly.	It is recommended that PCO continue to make progress on integrated planning and roll-out branch plans. Continued progress and demonstration of results in this area could assist PCO in receiving a higher rating in this Area of Management.
Recommendations

Highlights

Opportunities

3.2 Governance Structure: Acceptable

Adequate management oversight of the organization's program activities and underlying programs is evident.
Organization's corporate governance structure is generally aligned to the organization's PAA.
Recordkeeping is generally complete and current. (minutes of meetings and records of discussion, decision, and follow-up).
Senior corporate management structure (e.g., committees) interacts with and provides oversight to the supporting governance structure.
Senior corporate management structure or subordinate governance structure (e.g., committees) meet regularly.

It is recommended that PCO continue to make progress on integrated planning and roll-out branch plans. Continued progress and demonstration of results in this area could assist PCO in receiving a higher rating in this Area of Management.

Recommendations

4. Effectiveness of Extra-organizational Contribution

Acceptable

Highlights	Opportunities
4.1 Leadership of Priority Initiatives: Acceptable The organization is effectively leading its priority interdepartmental initiatives. 4.2 Participation in Priority Initiatives: Acceptable The organization's commitments are clear and are consistent with its role. TBS has assessed PCO with regard to its leadership of the Afghanistan (Acceptable) and Public Service Renewal (Acceptable) initiatives, and its participation in the Web of Rules effort (Acceptable).	Ensure all participants are given the opportunity to contribute to the development of the forward agenda for Public Service Renewal. Determine the expectations and future accountability of separate employers with regard to Public Service Renewal. Ensure accountability for meeting benchmarks has been clearly established amongst participating departments in the Afghanistan Initiative.
Recommendations

Highlights

Opportunities

4.1 Leadership of Priority Initiatives: Acceptable

The organization is effectively leading its priority interdepartmental initiatives.

4.2 Participation in Priority Initiatives: Acceptable

The organization's commitments are clear and are consistent with its role.

TBS has assessed PCO with regard to its leadership of the Afghanistan (Acceptable) and Public Service Renewal (Acceptable) initiatives, and its participation in the Web of Rules effort (Acceptable).

Ensure all participants are given the opportunity to contribute to the development of the forward agenda for Public Service Renewal.
Determine the expectations and future accountability of separate employers with regard to Public Service Renewal.
Ensure accountability for meeting benchmarks has been clearly established amongst participating departments in the Afghanistan Initiative.

Recommendations

5. Quality of Analysis in TB Submissions

Acceptable

Highlights	Opportunities
5.1 Supporting Information: Acceptable Adequate information is submitted for business cases. Organization has established a capacity to assemble usually accurate, reliable and complete supporting information in TB submissions. Policy and budget authorities are usually identified. Response to TBS comments is appropriate. Submission contains an adequate level of detail. The organization is highly responsive to TBS feedback. 5.2 Analysis: Acceptable Established capacity for appropriate responses to TBS comments is acceptable. Established capacity in the understanding of external pressures exists. Established capacity to analyze value for money, effectiveness and efficiency is evident. The correct policy authorities are used. 5.3 Consultations: Acceptable Established capacity to initiate consultations with TBS with sufficient lead time is evident. 5.4 Quality control: Acceptable All important information is usually included in the first draft. Established capacity for consistency of information throughout documents is evident. Generally rigorous and effective quality control process is in place and is usually followed for TB submissions. Good writing and translation standard have been used. TBS feedback is usually fully addressed.
Recommendations

Highlights

Opportunities

5.1 Supporting Information: Acceptable

Adequate information is submitted for business cases.
Organization has established a capacity to assemble usually accurate, reliable and complete supporting information in TB submissions.
Policy and budget authorities are usually identified.
Response to TBS comments is appropriate.
Submission contains an adequate level of detail.
The organization is highly responsive to TBS feedback.

5.2 Analysis: Acceptable

Established capacity for appropriate responses to TBS comments is acceptable.
Established capacity in the understanding of external pressures exists.
Established capacity to analyze value for money, effectiveness and efficiency is evident.
The correct policy authorities are used.

5.3 Consultations: Acceptable

Established capacity to initiate consultations with TBS with sufficient lead time is evident.

5.4 Quality control: Acceptable

All important information is usually included in the first draft.
Established capacity for consistency of information throughout documents is evident.
Generally rigorous and effective quality control process is in place and is usually followed for TB submissions.
Good writing and translation standard have been used.
TBS feedback is usually fully addressed.

Recommendations

6. Quality and Use of Evaluation

Highlights	Opportunities
6.1 Quality: No evaluation was shared or submitted to TBS for review. 6.3 Coverage: No evaluation plan has been developed or shared with TBS.
Recommendations

Highlights

Opportunities

6.1 Quality:

No evaluation was shared or submitted to TBS for review.

6.3 Coverage:

No evaluation plan has been developed or shared with TBS.

Recommendations

7. Quality Reporting to Parliament

Acceptable

Highlights	Opportunities
7.1 MRRS Basis: Acceptable If any changes in plans are apparent, the DPR discusses some of them and how they affected performance. Some performance is reported against plans and expected results from the RPP. 7.2 Credible information: Acceptable DPR generally provides independently verifiable evidence-based performance information. Some information on the validity and credibility of data used is provided. DPR is not sufficiently based on the PAA, i.e. performance is not reported consistently by Program Activity (PA) or at the PA level. Informative financial tables are included and explained with text, as necessary. 7.3 Context: Acceptable Comparisons are generally effectively and consistently used in the DPR. DPR is not balanced – a few negative aspects of performance may be reported but insufficient explanation is provided.	The Report could have incorporated both negative and positive performance aspects to ensure a more balanced report. The inclusion of negative aspects in the Report will allow for a complete discussion of lessons leaned and corrective actions.
Recommendations

Highlights

Opportunities

7.1 MRRS Basis: Acceptable

If any changes in plans are apparent, the DPR discusses some of them and how they affected performance.
Some performance is reported against plans and expected results from the RPP.

7.2 Credible information: Acceptable

DPR generally provides independently verifiable evidence-based performance information. Some information on the validity and credibility of data used is provided.
DPR is not sufficiently based on the PAA, i.e. performance is not reported consistently by Program Activity (PA) or at the PA level.
Informative financial tables are included and explained with text, as necessary.

7.3 Context: Acceptable

Comparisons are generally effectively and consistently used in the DPR.
DPR is not balanced – a few negative aspects of performance may be reported but insufficient explanation is provided.

The Report could have incorporated both negative and positive performance aspects to ensure a more balanced report. The inclusion of negative aspects in the Report will allow for a complete discussion of lessons leaned and corrective actions.

Recommendations

8. Managing Organizational Change

Acceptable

Highlights	Opportunities
8.1 Change plan: Acceptable The organization has the capacity to evaluate whether or not change is required. 8.2 Engagement: Acceptable Employees are engaged in the strategy development phase. 8.3 Assessment: Acceptable Change plans and strategies are included in Performance Management Agreements of Senior Executives. Change plans and strategies are priorities across the organization.	It has been noted that PCO is aiming to complete its change management framework in fiscal year 2009-2010. In order to maintain its current rating for the next round of MAF assessments, it is expected that PCO provide evidence of the completion and steps towards the implementation of this framework.
Recommendations

Highlights

Opportunities

8.1 Change plan: Acceptable

The organization has the capacity to evaluate whether or not change is required.

8.2 Engagement: Acceptable

Employees are engaged in the strategy development phase.

8.3 Assessment: Acceptable

Change plans and strategies are included in Performance Management Agreements of Senior Executives.
Change plans and strategies are priorities across the organization.

It has been noted that PCO is aiming to complete its change management framework in fiscal year 2009-2010. In order to maintain its current rating for the next round of MAF assessments, it is expected that PCO provide evidence of the completion and steps towards the implementation of this framework.

Recommendations

9. Effectiveness of Corporate Risk Management

Acceptable

Highlights	Opportunities
9.1 Engagement: Acceptable Accountability for key risks appears to be inconsistently assigned to senior management. Senior management encourages effective Risk Management and a risk-smart culture. Senior management ensures that the organization’s Risk Management approach is tailored to the specific needs of the organization. Senior management has reviewed/approved the Corporate Risk Profile within the past year. Senior management reviews the organization’s Risk Management approach within the current three-year planning cycle. The organization has a common risk assessment approach and it has been approved by senior management. 9.2 Implementation: Acceptable Risk Management guidance and tools that enable the organization’s risk management approach are made available to staff. The Corporate Risk Profile is systematically (horizontally and vertically) implemented into most operational levels across the organization. The organization’s Risk Management approach is inconsistently communicated to staff and stakeholders. 9.3 Integration: Acceptable It is not evident that the organization makes course corrections based on Risk Management performance and new information. Operational level risks are prioritized into key risks. Risk information and Risk Management principles are adequately captured in senior management reporting. Risk information and Risk Management principles influence planning and resource allocation decisions. Risk information is adequately consulted for senior management decision-making. The organization makes adequate course corrections based on Risk Management performance and new information. 9.4 Continuous Improvement: Acceptable Corporate risks are inconsistently linked to the organization’s strategic outcomes. Key risk information was adequately gathered from internal sources of the organization for preparing the CRP. Most relevant external sources are consulted during the development of the organization’s CRP. The CRP provides a reliable assessment of the quality of risk information used. The organization adequately builds on past experience, better practice, and adjusts to fit any changes in management structures, priorities or strategic direction. The organization has implemented most recommendations provided during its last MAF assessment. The Privy Council Office should be recognized for focusing its risk management efforts over the past year on completing an update of the organization’s Corporate Risk Profile. This iteration of the CRP included consultation with a number of individuals from senior management as well as an assessment of the organization’s risk tolerance in key risk areas.	With the completion of the update of the organization’s CRP, PCO should focus its efforts on clearly articulating the organization’s overall approach to Risk Management. This should be supplemented by ensuring that senior management further encourages and participates in a risk-smart culture. While it is evident that risk information is an input into certain aspects of senior management decision making, planning and reporting, the organization should document these processes in order to explicitly embed risk information and risk management principles within all components of its planning and reporting activities.
Recommendations

Highlights

Opportunities

9.1 Engagement: Acceptable

Accountability for key risks appears to be inconsistently assigned to senior management.
Senior management encourages effective Risk Management and a risk-smart culture.
Senior management ensures that the organization’s Risk Management approach is tailored to the specific needs of the organization.
Senior management has reviewed/approved the Corporate Risk Profile within the past year.
Senior management reviews the organization’s Risk Management approach within the current three-year planning cycle.
The organization has a common risk assessment approach and it has been approved by senior management.

9.2 Implementation: Acceptable

Risk Management guidance and tools that enable the organization’s risk management approach are made available to staff.
The Corporate Risk Profile is systematically (horizontally and vertically) implemented into most operational levels across the organization.
The organization’s Risk Management approach is inconsistently communicated to staff and stakeholders.

9.3 Integration: Acceptable

It is not evident that the organization makes course corrections based on Risk Management performance and new information.
Operational level risks are prioritized into key risks.
Risk information and Risk Management principles are adequately captured in senior management reporting.
Risk information and Risk Management principles influence planning and resource allocation decisions.
Risk information is adequately consulted for senior management decision-making.
The organization makes adequate course corrections based on Risk Management performance and new information.

9.4 Continuous Improvement: Acceptable

Corporate risks are inconsistently linked to the organization’s strategic outcomes.
Key risk information was adequately gathered from internal sources of the organization for preparing the CRP.
Most relevant external sources are consulted during the development of the organization’s CRP.
The CRP provides a reliable assessment of the quality of risk information used.
The organization adequately builds on past experience, better practice, and adjusts to fit any changes in management structures, priorities or strategic direction.
The organization has implemented most recommendations provided during its last MAF assessment.

The Privy Council Office should be recognized for focusing its risk management efforts over the past year on completing an update of the organization’s Corporate Risk Profile. This iteration of the CRP included consultation with a number of individuals from senior management as well as an assessment of the organization’s risk tolerance in key risk areas.

With the completion of the update of the organization’s CRP, PCO should focus its efforts on clearly articulating the organization’s overall approach to Risk Management. This should be supplemented by ensuring that senior management further encourages and participates in a risk-smart culture.

While it is evident that risk information is an input into certain aspects of senior management decision making, planning and reporting, the organization should document these processes in order to explicitly embed risk information and risk management principles within all components of its planning and reporting activities.

Recommendations

10. Extent to which the Workplace is Fair, Enabling, Healthy and Safe

Acceptable

Highlights	Opportunities
10.1 Fair: Acceptable Organization is undertaking action to improve the classification program in accordance with its level of risk. Evidence shows that labour relations matters are consistently and appropriately managed/addressed. Evidence shows that the organization exceeds standards of timeliness in payments to employees. Evidence shows that the organization is in compliance with Labour Relations and Compensation Operations direction (terms and condition of employment, collective agreements and/or applicable legislation). 10.2 Enabling: Strong Organization demonstrates the necessary linguistic capacity to provide personal and central services and supervision in both official languages. Organization is representative of all four employment equity designated groups. Promotions among employment equity groups are greater than or equal to previous year's performance. Separations among employment equity groups are equal or greater than previous year's performance. Work instruments, electronic systems and communications with employees are always or nearly always available in both official languages. 10.3 Healthy and safe: Opportunity for Improvement Evidence indicates that the organization fails to put in place a managed program to protect employees' occupational health and safety. The majority of employees feel recognized for positive performance.	Take action to ensure Occupational Health and Safety programs are well managed.
Recommendations

Highlights

Opportunities

10.1 Fair: Acceptable

Organization is undertaking action to improve the classification program in accordance with its level of risk.
Evidence shows that labour relations matters are consistently and appropriately managed/addressed.
Evidence shows that the organization exceeds standards of timeliness in payments to employees.
Evidence shows that the organization is in compliance with Labour Relations and Compensation Operations direction (terms and condition of employment, collective agreements and/or applicable legislation).

10.2 Enabling: Strong

Organization demonstrates the necessary linguistic capacity to provide personal and central services and supervision in both official languages.
Organization is representative of all four employment equity designated groups.
Promotions among employment equity groups are greater than or equal to previous year's performance.
Separations among employment equity groups are equal or greater than previous year's performance.
Work instruments, electronic systems and communications with employees are always or nearly always available in both official languages.

10.3 Healthy and safe: Opportunity for Improvement

Evidence indicates that the organization fails to put in place a managed program to protect employees' occupational health and safety.
The majority of employees feel recognized for positive performance.

Take action to ensure Occupational Health and Safety programs are well managed.

Recommendations

11. Extent to which the Workforce is Productive, Principled, Sustainable and Adaptable

Acceptable

Highlights	Opportunities
11.1 Productive: Strong A significant number of employees indicate their organization supports their career development and learning needs. 11.2 Principled: Acceptable Communications with and services to the public in both official languages are always or nearly always available. Employees consider that they always or nearly always can communicate in the official language of their choice within their organization and work instruments, electronic systems and communications in both official languages are always or nearly always available. Necessary linguistic capacity is in place as is shown by the vast majority of incumbents of bilingual positions who meet the language requirements of their position. Progress against the previous year's performance on recruitment, promotion and separation for employment equity groups is less than the organization's average for all employees. Promotions among employment equity groups are greater than or equal to representation. 11.3 Sustainable: Acceptable Evidence indicates human resources planning integrated with business planning is generally in place and governance/organizational infrastructure generally exists to support it. 11.4 Adaptable: Acceptable A sufficient number of employees indicate their organization encourages continuous learning, improvement and innovation.
Recommendations

Highlights

Opportunities

11.1 Productive: Strong

A significant number of employees indicate their organization supports their career development and learning needs.

11.2 Principled: Acceptable

Communications with and services to the public in both official languages are always or nearly always available.
Employees consider that they always or nearly always can communicate in the official language of their choice within their organization and work instruments, electronic systems and communications in both official languages are always or nearly always available.
Necessary linguistic capacity is in place as is shown by the vast majority of incumbents of bilingual positions who meet the language requirements of their position.
Progress against the previous year's performance on recruitment, promotion and separation for employment equity groups is less than the organization's average for all employees.
Promotions among employment equity groups are greater than or equal to representation.

11.3 Sustainable: Acceptable

Evidence indicates human resources planning integrated with business planning is generally in place and governance/organizational infrastructure generally exists to support it.

11.4 Adaptable: Acceptable

A sufficient number of employees indicate their organization encourages continuous learning, improvement and innovation.

Recommendations

12. Effectiveness of Information Management

Acceptable

Highlights	Opportunities
12.1 Governance: Acceptable IM requirements are integrated as a part of the approval, development, implementation, evaluation, and reporting of departmental policies, programs, services, or projects. IM is represented in the corporate-wide governance structure and / or in the corporate-wide governance or approval committee(s). Responsibilities are identified for IM policy development and implementation consistent with the GC IM Strategy and policy instruments. Extensive participation is evident in GC-wide approaches and initiatives related to developing, implementing, sharing, and leveraging IM policies and practices. 12.2 Strategy: Acceptable A current and active IM strategy identifies support to business priorities and operations, information needs and accountabilities, IM policy considerations and is partially integrated with other corporate strategies, plans and planning cycles. An IM strategy implementation plan, including some timelines and resources, is underway and some achievements to date are identified. An IM awareness campaign or strategy is underway and all staff and executives are informed of their IM roles, responsibilities and accountabilities, and most have attended awareness / training sessions. 12.3 Privacy Act: Acceptable Organization submitted an Annual Report to Parliament but did not address all of the mandatory reporting requirements. Some collections of personal information under the control of the organization have not been appropriately identified or described in accordance with the Privacy Act. 12.4 Access to Information Act: Acceptable Most of the organization's functions, programs, activities and related information holdings have been appropriately identified and described in its 2008 Chapter of Info Source: Sources of Federal Government Information. Organization submitted an Annual Report to Parliament but did not address all of the mandatory reporting requirements. Organization‘s 2008 Chapter in Info Source: Sources of Federal Government Information meets most of Treasury Board Secretariat requirements.	Strengthen corporate governance structures to ensure IM supports business outcomes. More wholly integrate IM requirements into the planning, approval, management, operational and evaluation activities. Improve reporting and monitoring on the IM strategy initiatives to ensure they are aligned with the organization’s business strategy. Develop and register Personal Information Banks and/or Classes of Personal Information to ensure all personal information under institution's control is appropriately described in accordance with Privacy Act. Ensure all information relevant to institution's functions, programs, activities and related information holdings is described in the Info Source publications. Address all mandatory reporting requirements in Annual Reports to Parliament.
Recommendations

Highlights

Opportunities

12.1 Governance: Acceptable

IM requirements are integrated as a part of the approval, development, implementation, evaluation, and reporting of departmental policies, programs, services, or projects.
IM is represented in the corporate-wide governance structure and / or in the corporate-wide governance or approval committee(s).
Responsibilities are identified for IM policy development and implementation consistent with the GC IM Strategy and policy instruments.
Extensive participation is evident in GC-wide approaches and initiatives related to developing, implementing, sharing, and leveraging IM policies and practices.

12.2 Strategy: Acceptable

A current and active IM strategy identifies support to business priorities and operations, information needs and accountabilities, IM policy considerations and is partially integrated with other corporate strategies, plans and planning cycles.
An IM strategy implementation plan, including some timelines and resources, is underway and some achievements to date are identified.
An IM awareness campaign or strategy is underway and all staff and executives are informed of their IM roles, responsibilities and accountabilities, and most have attended awareness / training sessions.

12.3 Privacy Act: Acceptable

Organization submitted an Annual Report to Parliament but did not address all of the mandatory reporting requirements.
Some collections of personal information under the control of the organization have not been appropriately identified or described in accordance with the Privacy Act.

12.4 Access to Information Act: Acceptable

Most of the organization's functions, programs, activities and related information holdings have been appropriately identified and described in its 2008 Chapter of Info Source: Sources of Federal Government Information.
Organization submitted an Annual Report to Parliament but did not address all of the mandatory reporting requirements.
Organization‘s 2008 Chapter in Info Source: Sources of Federal Government Information meets most of Treasury Board Secretariat requirements.

Strengthen corporate governance structures to ensure IM supports business outcomes.
More wholly integrate IM requirements into the planning, approval, management, operational and evaluation activities.
Improve reporting and monitoring on the IM strategy initiatives to ensure they are aligned with the organization’s business strategy.
Develop and register Personal Information Banks and/or Classes of Personal Information to ensure all personal information under institution's control is appropriately described in accordance with Privacy Act.
Ensure all information relevant to institution's functions, programs, activities and related information holdings is described in the Info Source publications.
Address all mandatory reporting requirements in Annual Reports to Parliament.

Recommendations

13. Effectiveness of Information Technology Management

Acceptable

Highlights	Opportunities
13.1 Leadership: Strong The senior official has responsibility and accountability for the full scope of information technology responsibilities and ensures that information technology supports organizational outcomes. Organization actively participates and demonstrates leadership in setting government-wide directions for information technology. 13.2 Planning: Acceptable Acceptable information technology plan is in place that aligns with the government-wide directions for information technology and departmental business needs. Organization has aligned corporate and information technology governance structures and has an integrated planning process. 13.3 Value: Opportunity for Improvement Organization is making efforts to appropriately use and plan for further use of information technology shared services. Organization devotes adequate management attention to service costing, asset management, performance measurement and reporting to ensure value delivery.	Continue to strengthen the integrated set of processes and practices for governance, planning and benefits realization in order to monitor and oversee the delivery of business value from IT investments. Strengthen the qualitative and quantitative set of Key Performance Indicators and techniques to assess performance that provide metrics to guide better decision making, increase performance levels and enable continuous improvement.
Recommendations

Highlights

Opportunities

13.1 Leadership: Strong

The senior official has responsibility and accountability for the full scope of information technology responsibilities and ensures that information technology supports organizational outcomes.
Organization actively participates and demonstrates leadership in setting government-wide directions for information technology.

13.2 Planning: Acceptable

Acceptable information technology plan is in place that aligns with the government-wide directions for information technology and departmental business needs.
Organization has aligned corporate and information technology governance structures and has an integrated planning process.

13.3 Value: Opportunity for Improvement

Organization is making efforts to appropriately use and plan for further use of information technology shared services.
Organization devotes adequate management attention to service costing, asset management, performance measurement and reporting to ensure value delivery.

Continue to strengthen the integrated set of processes and practices for governance, planning and benefits realization in order to monitor and oversee the delivery of business value from IT investments.
Strengthen the qualitative and quantitative set of Key Performance Indicators and techniques to assess performance that provide metrics to guide better decision making, increase performance levels and enable continuous improvement.

Recommendations

14. Effectiveness of Asset Management

Acceptable

Highlights	Opportunities
14.1 Investment Planning: Acceptable The investment planning process integrates investments decisions across all asset classes. The organization’s investment planning document has not been approved by the proper authority. The organization’s investment planning process considers investments over multiple years. 14.3 Materiel Management: Acceptable All elements of a materiel management framework are evident. Comprehensive internal policies are documented and disseminated. Governance structures, approval processes and authority limits are documented and disseminated. Some indicators of materiel performance are monitored. 14.3 Materiel Management PCO has a reliable materiel management information system. Though not fully integrated, it is appropriate in relation to the size and complexity of the organization.	The Privy Council Office should ensure its planning documents are approved by the Deputy Head. PCO is encouraged to begin its transition to the new Policy on Investment Planning - Assets and Acquired Services. Proceed with the planned review of the Asset Management Policy Framework and the Inventory Management Services, Procedures document.
Recommendations

Highlights

Opportunities

14.1 Investment Planning: Acceptable

The investment planning process integrates investments decisions across all asset classes.
The organization’s investment planning document has not been approved by the proper authority.
The organization’s investment planning process considers investments over multiple years.

14.3 Materiel Management: Acceptable

All elements of a materiel management framework are evident.
Comprehensive internal policies are documented and disseminated.
Governance structures, approval processes and authority limits are documented and disseminated.
Some indicators of materiel performance are monitored.

14.3 Materiel Management PCO has a reliable materiel management information system. Though not fully integrated, it is appropriate in relation to the size and complexity of the organization.

The Privy Council Office should ensure its planning documents are approved by the Deputy Head.
PCO is encouraged to begin its transition to the new Policy on Investment Planning - Assets and Acquired Services.
Proceed with the planned review of the Asset Management Policy Framework and the Inventory Management Services, Procedures document.

Recommendations

15. Effective Project Management

Acceptable

Highlights	Opportunities

Recommendations

16. Effective Procurement

Acceptable

Highlights	Opportunities
16.1 Governance and Oversight: Acceptable Effective and accountable procurement management processes and controls are in place (e.g., contract review mechanisms, documented decision making, guidance documents, appropriate delegation instruments or proper use of delegated authorities). 16.2 Meeting Operational Requirements: Acceptable Informed decision making and oversight exist. Results and reviews are used to continuously adjust current procurement management activities and future procurement plans. Efficient and integrated procurement information systems and processes are in place. Procurement processes that contribute to cost savings and value for money are in use. Consistent procurement training is evident. Clear links to human resources planning are established (e.g., succession planning and recruitment strategies for procurement staff). Qualified procurement human resources exist. Some staff enrolled in the Professional Development and Certification program. Timely and accurate procurement financial and non-financial reports have been submitted. During the review period, PCO introduced a number of procurement improvements. It reviewed and renewed its Contract Review Committee, updated its Policy on Service Contracts, posted a new Contracting Guide for Managers on its Intranet site and launched training sessions for operational managers.	PCO could devote more effort to identifying procurements during the business planning process with a view to producing a procurement plan. PCO could consider posting its contracting decisions on its Intranet site for the purpose of building a body of knowledge on the treatment of procurement.
Recommendations

Highlights

Opportunities

16.1 Governance and Oversight: Acceptable

Effective and accountable procurement management processes and controls are in place (e.g., contract review mechanisms, documented decision making, guidance documents, appropriate delegation instruments or proper use of delegated authorities).

16.2 Meeting Operational Requirements: Acceptable

Informed decision making and oversight exist.
Results and reviews are used to continuously adjust current procurement management activities and future procurement plans.
Efficient and integrated procurement information systems and processes are in place.
Procurement processes that contribute to cost savings and value for money are in use.
Consistent procurement training is evident.
Clear links to human resources planning are established (e.g., succession planning and recruitment strategies for procurement staff).
Qualified procurement human resources exist.
Some staff enrolled in the Professional Development and Certification program.
Timely and accurate procurement financial and non-financial reports have been submitted.

During the review period, PCO introduced a number of procurement improvements. It reviewed and renewed its Contract Review Committee, updated its Policy on Service Contracts, posted a new Contracting Guide for Managers on its Intranet site and launched training sessions for operational managers.

PCO could devote more effort to identifying procurements during the business planning process with a view to producing a procurement plan.
PCO could consider posting its contracting decisions on its Intranet site for the purpose of building a body of knowledge on the treatment of procurement.

Recommendations

17. Effectiveness of Financial Management and Control

Acceptable

Highlights

Opportunities

17.1 Authorities and Policies: Acceptable

Audit report results show evidence of good financial management practices.
Departmental procedures, tools, training and support for those individuals delegated with Section 34 authority show evidence of good financial management practices.
Departmental processes for classification of moneys, internal controls for receiving and recording money and depositing money show evidence of solid financial management practices.
Departmental processes for informing those delegated with Section 33 authority of their responsibilities and dealing with requests for payments that are problematic show evidence of deficiencies that are of some concern.
Departmental processes to provide individuals delegated Section 33 authority with the information necessary to assess and approve transactions and to assess the adequacy of Section 34 account verification show evidence of good financial management practices.
The reporting of external user fee information shows some omissions in relation to reporting guidelines.

17.2 Public Accounts Reporting: Strong

Greater than 97% (Grade A) of Public Accounts plates completed on time.
Several Financial Management Reporting System (CFMRS) coding errors.

17.3 Management Capacity: Strong

A reasonable proportion of FIs and management team members in the financial management organization have current, approved learning plans.
A significant amount of training is provided for the financial management organization.
Many processes in support of a sound succession plan for key positions are in place.
Positions, the duties of which are being performed by an individual indeterminately appointed to that position, comprise all, or almost all, of the FI segment of the financial management organization.
Positions, the duties of which are being performed by an individual indeterminately appointed to that position, comprise all, or almost all, of the positions on the management team of the financial management organization.

17.4 Financial Statements: Strong

The Financial Statements are compliant with Treasury Board Accounting Standard 1.2 – Departmental and Agency Financial Statements and reporting deadlines were met.
There is no known financial internal control weaknesses.
Voluntary participation in the audited departmental financial statements initiative as evidenced by a strong departmental commitment and an existing detailed action plan.

17.5 Internal Reporting: Strong

The internal financial reporting package is accompanied by a comprehensive discussion and analysis.
The internal financial reporting package is presented to senior management less than 15 calendar days after period end.
The internal financial reporting package is presented to senior management ten or more times per year.
The process for reviewing information before it is presented to senior management to ensure no material errors or omissions is weak.
The scope of the internal financial reporting package is comprehensive.

17.6 Other Initiatives: Acceptable

The organization has identified financial management initiatives in such areas as policies, reporting, systems and community development.

While the PCO maintained an overall rating of Acceptable it made significant improvements in the quality, timeliness and accuracy of reporting for the Public Accounts and in the strength of its financial management capacity.

Recommendations

18. Effectiveness of Internal Audit Function

Opportunity for Improvement

Highlights

Opportunities

18.1 Internal Audit governance: Opportunity for Improvement

There is an approved Internal Audit Charter in line with the 2006 Policy on Internal Audit.
The Implementation Plan for the required policy elements does not exist.
Absence of ongoing monitoring of the Implementation Plan and/or progress is not being achieved.
Chief Audit Executive reports solely and substantively to the Deputy Head.
An independent Departmental Audit Committee has either recently been established or is scheduled to be in place and is on track with planned timelines.
There is a Departmental Audit Committee Charter in line with the 2006 Policy on Internal Audit.

18.2 Internal Audit Professional Practices: Opportunity for Improvement

The Risk-Based Audit Plan was approved by the Deputy Head and sent to the Office of the Comptroller General in an untimely manner.
Annual Risk-Based Audit Plan methodology is, for the most part, evident and applied.
There is evidence of preparation to provide for holistic assurance.
There is limited information of the planned use of all audit function resources.
No identification of post-engagement follow-up activities.
Vast majority of planned work is on audit assurance versus other types of activities.
No identification of continuity with previous year’s work.
Approved assurance products are consistent with policy and internal audit standards requirements.
Reasonable completion rate of assurance products (number of assurance audit reports) against 2007-2008 Risk-Based Audit Plan.
Internal Quality Assurance and Improvement Program is well documented and in place.
Assurance products (reports) are produced in a reasonably timely manner.
Approved assurance products are made accessible to the public in a reasonably timely manner.
Post-engagement follow-up process is in draft or partially documented, and some recommendations are followed up using a risk-based approach.
The department or agency provides notification to the Treasury Board Secretariat on issues of importance on an ad hoc basis or is aware of this requirement.
The department or agency provides sufficient advanced notification to the Treasury Board Secretariat of the posting of reports.

18.3 Administration of the Internal Audit Function: Acceptable

Some elements of a comprehensive Human Resources Plan have been documented, and evidence of recruitment and external resourcing activity exists.
Planned spending, * was given to the Office of the Comptroller General. When comparing current spending of 2008-2009 with planned financial resources of 2007-2008, resource levels identified exceeds the resource level identified in 2007.
Planned FTEs dedicated to internal audit have been maintained comparatively to 2007-2008. They meet the resource level identified in the planned internal audit function’s budget for 2008-2009.

18.4 Internal Audit Performance: Acceptable

A Chief Audit Executive Annual Report for 2007-2008 was presented to the Departmental Audit Committee and the Deputy Head and submitted to the Office of the Comptroller General.
Limited periodic reporting on the follow-up of Management Action Plans.

The organization has an approved Internal Audit Charter and the Chief Audit Executive reports solely and substantively to the Deputy Head. Progress is being made on implementing the Departmental Audit Committee and the majority of audits planned in 2007-2008 were completed.

The Implementation Plan should be provided and identify the elements that have not yet been implemented. These elements should be tracked for progress. The Chief Audit Executive should provide regular reporting on the follow-up of Management Action Plans (MAPs) to the Internal Audit Committee.

Recommendations

PCO should submit the approved Risk-Based Audit Plan for 2009-2010 in a timely manner.

19. Effective Management of Security and Business Continuity

Acceptable

Highlights

Opportunities

19.1 Departmental Security Program: Acceptable

Organization has in place a fully developed security program that comprises key policy elements and is administered by an appointed Departmental Security Officer (DSO) who is positioned to provide strategic advice and guidance to senior management.
No significant deficiencies in meeting key policy requirements for the departmental security program.
Organization's security strategy is completely aligned and integrated with its corporate priorities and business plan.

19.2 Management of IT Security (MITS): Acceptable

Organization has achieved the three priority objectives that form the foundation for Management of Information Technology Security (MITS) and complies with most MITS requirements.
No significant deficiencies in meeting key MITS requirements.

19.3 Business Continuity Planning (BCP): Opportunity for Improvement

Organization has partially developed measures to provide for the continuity of critical business operations and services.
Business Continuity Planning (BCP) program governance has been established.
Business Impact Analysis (BIA) has been completed to identify and prioritize the organization's critical services and assets.
Significant deficiencies in establishing business continuity plans and arrangements.
Maintenance cycle has been put in place to review, test and audit business continuity plans.
Completed and approved plans are in place for Pandemic and Information Management / Information Technology emergency preparedness.

Pursue ongoing initiatives to continue improving the departmental security program, including the modernization of the emergency management and business continuity planning programs, addressing deficiencies in the areas of security training and incident management, and assessing compliance and effectiveness of measures in place.
Maintain ongoing efforts to achieve and sustain MITS compliance, including addressing minor deficiencies related to risk management and incorporating security in the system development lifecycle.
Continue activities currently underway related to business continuity planning including finalization, funding and approval of recovery strategies, development of business continuity plans, conduct of exercises and audit of the BCP Program.

Recommendations

20. Citizen-focused Service

Acceptable

Highlights

Opportunities

20.1 Management Engagement – Service and CLF: Acceptable

There are expectations set by senior management for an institutional focus on meeting the needs of clients, specifically with respect to service standards and client satisfaction measurement.
There are priorities and goals for service, but not always at the institutional level; these limited priorities and goals are set by senior management based on the use of limited performance evidence.
There is a committee at the institutional level, composed of senior management accountable for service, which has a documented and communicated responsibility for making decisions about the overall management of service.
There is limited monitoring of progress by senior management towards the achievement of the goals for service, making course correction difficult.
There is little monitoring by senior management to ensure that the requirements of CLF 2.0 are being met institution-wide; there is limited information on which to make decisions and course correction.

20.2 Public/client views: Acceptable

Evidence of incorporating feedback in the implementation of its services, programs, policies or initiatives.
Little evidence of making consultation results available to the public.
Many tools are used to obtain views from some clients.
There are plans to obtain views from clients.
There is a clearly identified target clientele for public consultations.

20.3 Official Languages: Strong

Analysis of the Annual Review on OL shows the institution is fully meeting its obligations.
Audits reveal very good performance in active offer and service delivery in both OL.
No complaint or minimal number of founded complaints exits.
The institution has the necessary linguistic capacity to serve the public in both OL.

TBS encourages PCO to:

Measure the satisfaction of its clients.
Provide a channel for clients to provide feedback.
Make its major consultations available on the Canada site and post results of its consultation activities.

Recommendations

21. Alignment of Accountability Instruments

Acceptable

Highlights	Opportunities
	All departments and agencies should place a heightened focus on clear accountabilities, face to face, mid-year review and performance improvement plans.
Recommendations