Skip to content Skip to institutional links

Common menu bar links

Management Accountability Framework

ARCHIVED - Library and Archives Canada

Warning This page has been archived.

Archived Content

Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.

* An asterisk appears where sensitive information has been removed in accordance with the Access to Information Act and Privacy Act.

This document provides a Treasury Board Secretariat assessment of the department's performance against specific areas of management only. It does not present an assessment of management quality beyond these areas of management, nor does it reflect the level of effort a department may be making towards improving the quality of its management. The MAF assessments use standardized language to ensure consistent descriptions and characterizations. This assessment may not reflect the latest information available. Some departments and agencies have provided updated information in the form of a management response. Where management responses have been prepared, the link to the response is posted below the assessment.

Context

During the MAF assessment period, a new Librarian and Archivist of Canada was appointed.

Under the guidance of the new Deputy Head, Library and Archives Canada (LAC) has identified new strategic directions for the organization and implemented a change management agenda. More broadly, LAC continues to adapt to technological changes in dealing with its mandate to preserve and make available the documentary heritage of Canada. LAC has commenced a modernization initiative and has also established a "Documentary Heritage Management Framework" to meet the challenges of collecting and preserving information in an environment that is transitioning from analogue production to digital production.

This year's observations by the Treasury Board Secretariat relating to LAC's Management Accountability Framework (MAF) are mixed. In total, for the fourteen Areas of Management (AoMs) on which the department was assessed, LAC received seven "Acceptable" and seven "Opportunity for Improvement" ratings. LAC has made progress in four areas in comparison with last year's assessment, while performance has worsened in two areas. In one Area of Management there was significant decrease, from "Strong" to "Opportunity for improvement".

In terms of the core areas, the organization's performance in the area of public service values, people management, financial controls, and internal audit remained unchanged since the previous MAF assessment, but slipped in its ability to meet the assessment standards of corporate risk management. Overall, the organization received an "Opportunity for Improvement" in four of the six core areas, an indication that additional management attention should be paid to these areas.

Quality and Use of Evaluation (AoM 6), "Opportunity for Improvement":

LAC has established a good foundation for governance of its evaluation function; however, due to unavailability of evaluation reports for assessment, this rating remains at "opportunity for improvement". LAC is encouraged to continue with its efforts to improve availability of performance data to effectively support evaluation.

Effectiveness of Corporate Risk Management (AoM 9), "Opportunity for Improvement":

LAC has established an adequate Integrated Risk Management (IRM) approach that is tailored to the needs of the organization and addresses key risk areas; however, more evidence of ongoing senior management leadership and support for IRM implementation is required. It is also recommended that LAC improve internal communications on risk management more broadly across the organization.

Effectiveness of Financial Management and Control (AoM 17), "Opportunity for Improvement":

LAC requires improvements in a number of areas including: compliance with Treasury Board policies, costing practices, and strengthening internal controls over financial reporting. LAC is encouraged to undertake the necessary work to address these deficiencies.

Effectiveness of Internal Audit Function (AoM 18), "Opportunity for Improvement":

While progress has been made in meeting key expectations of the 2009 Treasury Board Policy on Internal Audit, such as the development of a Risk-Based Audit Plan, it is recommended that LAC continue efforts to fully implement the Policy on Internal Audit to ensure that progress is made to increase results and capacity of the Internal Audit function.

Two areas have been identified as fundamental to the mandate of the organization. LAC has maintained an "Acceptable" rating for Information Management but its rating for Management of Security and Business Continuity has dropped from "Strong" to "Opportunity for Improvement".

Effectiveness of Information Management (AoM 12), "Acceptable":

LAC has in place a three-year Recordkeeping and IM Strategy. LAC also has an IM Strategy that supports organizational business priorities and operations and an IM Communications Plan that is in line with the Directive on Recordkeeping and the Policy on Information Management; however, LAC is not meeting the reporting requirements of the Access to Information Act or the TBS requirements regarding Class of Record descriptions.

Effective Management of Security and Business Continuity (AoM 19), "Opportunity for Improvement":

LAC has a departmental security program in place to address corporate security and protect collections under its legislative mandate; however, LAC meets only some of the Management of Information Technology Security (MITS) requirements. Deficiencies have been identified in risk management, continuity planning, audit, monitoring and assessments. It is recommended that LAC continue efforts to address all MITS deficiencies as well as establish a Business Continuity Planning program.

LAC should be commended for improving four out of five areas that required improvement from last year. Three areas have received an "Acceptable" rating while the area of management for Corporate Performance Framework maintained the same rating at "Opportunity for Improvement". The Treasury Board Secretariat has identified the following management priorities for the coming year:

Effectiveness of Financial Management and Control (AoM 17), "Opportunity for Improvement":

TBS recommends that LAC, on a priority basis, address weaknesses noted in this AoM, including compliance with Treasury Board policies, costing practices and financial reporting.

Effectiveness of Internal Audit Function (AoM 18), "Opportunity for Improvement":

TBS recommends that LAC fully implement the 2009 Treasury Board Policy on Internal Audit, including improvements to the Risk-Based Audit Plan.

Effective Management of Security and Business Continuity (AoM 19), "Opportunity for Improvement":

LAC is encouraged to improve its management of IT security as well as to develop and strengthen its Business Continuity Planning program.

1. Values-based Leadership and Organizational Culture

Acceptable

Highlights	Opportunities
1.1 Leadership: Strong For more detailed information, please consult the organization's Values-based Leadership and Organizational Culture Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.¹ 1.2 Infrastructure: Opportunity for Improvement For more detailed information, please consult the organization's Values-based Leadership and Organizational Culture Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx. Strengths: harassment complaints and grievances Apparent Weaknesses: employee perception that senior management will resolve concerns raised in the survey and that essential information flows from senior management to staff Direct comparisons with last year cannot be made, as the performance measures have changed. ¹Please note that this website is internal to government and is not available to the general public. We apologize for any inconvenience this may cause and invite those who are interested in viewing the Organizational Culture Scorecard to email us at ScorecardResults-ResultatsCartedepointage@tbs-sct.gc.ca and we will make available the Scorecard.	To complement the scorecard, OCHRO launched a departmental dashboard that provides complementary, benchmarked information; and a repository of actionable, exemplary and innovative departmental practices and tools. The dashboard will support enhanced guidance by the Centre in relation to system-wide values and ethics and people management issues. It will also provide timely business intelligence and solutions to Deputy Heads to support the early identification and resolution of departmental values and ethics and people management issues. To access the dashboard, follow the link below: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.
Recommendations

Highlights

Opportunities

1.1 Leadership: Strong

For more detailed information, please consult the organization's Values-based Leadership and Organizational Culture Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.¹

1.2 Infrastructure: Opportunity for Improvement

For more detailed information, please consult the organization's Values-based Leadership and Organizational Culture Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.

Strengths: harassment complaints and grievances

Apparent Weaknesses: employee perception that senior management will resolve concerns raised in the survey and that essential information flows from senior management to staff

Direct comparisons with last year cannot be made, as the performance measures have changed.

¹Please note that this website is internal to government and is not available to the general public. We apologize for any inconvenience this may cause and invite those who are interested in viewing the Organizational Culture Scorecard to email us at ScorecardResults-ResultatsCartedepointage@tbs-sct.gc.ca and we will make available the Scorecard.

To complement the scorecard, OCHRO launched a departmental dashboard that provides complementary, benchmarked information; and a repository of actionable, exemplary and innovative departmental practices and tools.

The dashboard will support enhanced guidance by the Centre in relation to system-wide values and ethics and people management issues.

It will also provide timely business intelligence and solutions to Deputy Heads to support the early identification and resolution of departmental values and ethics and people management issues.

To access the dashboard, follow the link below:
http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.

Recommendations

2. Utility of the Corporate Performance Framework

Opportunity for Improvement

Highlights	Opportunities
2.1 SO Clarity and Measurability: Acceptable The Strategic Outcome statement(s) can be understood within and outside the organization as a benefit to Canadians, however its/their clarity should be improved. 2.2 PAA Completeness and Alignment: Opportunity for Improvement An inventory of programs has been developed but many listed programs in the Program Activity Architecture do not meet the definition of a program. 2.3 PMF Quality: Unrated Many performance indicators are not clear and cannot be used for data collection to provide reliable insight into program effectiveness. Many targets are not stated appropriately as a performance level of the indicator.	The Strategic Outcome for Library and Archives Canada appears to be appropriate given the mandate and resources of the organization; however, some of the terminology could be refined in order to enhance its clarity. LAC is encouraged to continue working with TBS in order to ensure that all of the programs identified in its Program Activity Architecture, are consistent with the Policy on MRRS. The Performance Measurement Framework, that was submitted as a part of the 10-11 MRRS change process, represents a significant improvement over previous articulations; however, LAC is encouraged to continue working with TBS to ensure that its performance indicators are clear and presented in a format that is consistent with the MRRS Instructions.
Recommendations
LAC is encouraged to continue working with TBS to ensure that its MRRS is in compliance with the Policy on MRRS.

Highlights

Opportunities

2.1 SO Clarity and Measurability: Acceptable

The Strategic Outcome statement(s) can be understood within and outside the organization as a benefit to Canadians, however its/their clarity should be improved.

2.2 PAA Completeness and Alignment: Opportunity for Improvement

An inventory of programs has been developed but many listed programs in the Program Activity Architecture do not meet the definition of a program.

2.3 PMF Quality: Unrated

Many performance indicators are not clear and cannot be used for data collection to provide reliable insight into program effectiveness.
Many targets are not stated appropriately as a performance level of the indicator.

The Strategic Outcome for Library and Archives Canada appears to be appropriate given the mandate and resources of the organization; however, some of the terminology could be refined in order to enhance its clarity.
LAC is encouraged to continue working with TBS in order to ensure that all of the programs identified in its Program Activity Architecture, are consistent with the Policy on MRRS.
The Performance Measurement Framework, that was submitted as a part of the 10-11 MRRS change process, represents a significant improvement over previous articulations; however, LAC is encouraged to continue working with TBS to ensure that its performance indicators are clear and presented in a format that is consistent with the MRRS Instructions.

Recommendations

LAC is encouraged to continue working with TBS to ensure that its MRRS is in compliance with the Policy on MRRS.

3. Effectiveness of the Corporate Management Structure

Acceptable

Highlights	Opportunities
3.1 Business Plan: Acceptable Organization's corporate business plan is well aligned to corporate priorities. Corporate business plan generally integrates human resources, IM/IT, communications or other key corporate plans. Sector or branch business plans are generally aligned with the corporate business plan. 3.2 Governance Structure: Acceptable Organization's corporate governance structure is generally aligned to the organization's PAA. Recordkeeping is generally complete and current (minutes of meetings and records of discussion, decision, and follow-up). Adequate management oversight of the organization's program activities and underlying programs is evident. Resource reallocation is generally proactive when or where required. Management decisions and interventions are generally proactive and timely. Senior corporate management structure or subordinate governance structure (e.g., committees) meet regularly. Senior corporate management structure (e.g., committees) interacts with and provides oversight to the supporting governance structure.	Follow-up on the findings of the 2009 review of governance represents a key opportunity to streamline the governance structure and improve effectiveness.
Recommendations
LAC is encouraged to continue its work in improving and streamlining its governance structure to be more effective and cohesively aligned with its Program Activity Architecture.

Highlights

Opportunities

3.1 Business Plan: Acceptable

Organization's corporate business plan is well aligned to corporate priorities.
Corporate business plan generally integrates human resources, IM/IT, communications or other key corporate plans.
Sector or branch business plans are generally aligned with the corporate business plan.

3.2 Governance Structure: Acceptable

Organization's corporate governance structure is generally aligned to the organization's PAA.
Recordkeeping is generally complete and current (minutes of meetings and records of discussion, decision, and follow-up).
Adequate management oversight of the organization's program activities and underlying programs is evident.
Resource reallocation is generally proactive when or where required.
Management decisions and interventions are generally proactive and timely.
Senior corporate management structure or subordinate governance structure (e.g., committees) meet regularly.
Senior corporate management structure (e.g., committees) interacts with and provides oversight to the supporting governance structure.

Follow-up on the findings of the 2009 review of governance represents a key opportunity to streamline the governance structure and improve effectiveness.

Recommendations

LAC is encouraged to continue its work in improving and streamlining its governance structure to be more effective and cohesively aligned with its Program Activity Architecture.

4. Effectiveness of Organizational Contribution to Government-Wide Priorities

Acceptable

Highlights	Opportunities
4.1 Participation in Priority Initiatives: Please note that there is no written assessment for this Area of Management as the rating is carried over from Round VI as one of the organization's Rotational AoMs.
Recommendations

Highlights

Opportunities

4.1 Participation in Priority Initiatives:

Please note that there is no written assessment for this Area of Management as the rating is carried over from Round VI as one of the organization's Rotational AoMs.

Recommendations

5. Quality of TB Submissions

Opportunity for Improvement

Highlights	Opportunities
5.1 Supporting Information: Opportunity for Improvement Emerging capacity to assemble supporting information in TB submissions. Organization has the capacity to respond effectively to most TBS feedback. Policy and budget authorities are not identified. Inaccuracies in information relative to TBS financial data. Funding information is not aligned with project authorities. Adequate information is submitted for business cases. Submission contains an adequate level of detail. Response to TBS comments is appropriate. 5.2 Analysis: Acceptable Business cases may have comprehensive information and demonstrate good analysis. Established capacity to analyze value for money, effectiveness and efficiency is evident. Established capacity for appropriate responses to TBS comments is acceptable. 5.3 Consultations: Acceptable Established capacity to initiate consultations with TBS with sufficient lead time is evident. Submissions are usually on time (six weeks before TB meetings). Organization should be better able to predict factors that lead to occasional lateness. 5.4 Quality control: Opportunity for Improvement No apparent quality control process exists. Good writing and translation standard have been used. Clarity and consistency of language are good. TBS feedback is usually fully addressed.	LAC should continue to consult with Canadian Heritage Portfolio Affairs at the onset of the submission process.
Recommendations
LAC needs to implement a quality control process to ensure that it delivers a quality product to TBS for review.

Highlights

Opportunities

5.1 Supporting Information: Opportunity for Improvement

Emerging capacity to assemble supporting information in TB submissions.
Organization has the capacity to respond effectively to most TBS feedback.
Policy and budget authorities are not identified.
Inaccuracies in information relative to TBS financial data.
Funding information is not aligned with project authorities.
Adequate information is submitted for business cases.
Submission contains an adequate level of detail.
Response to TBS comments is appropriate.

5.2 Analysis: Acceptable

Business cases may have comprehensive information and demonstrate good analysis.
Established capacity to analyze value for money, effectiveness and efficiency is evident.
Established capacity for appropriate responses to TBS comments is acceptable.

5.3 Consultations: Acceptable

Established capacity to initiate consultations with TBS with sufficient lead time is evident.
Submissions are usually on time (six weeks before TB meetings).
Organization should be better able to predict factors that lead to occasional lateness.

5.4 Quality control: Opportunity for Improvement

No apparent quality control process exists.
Good writing and translation standard have been used.
Clarity and consistency of language are good.
TBS feedback is usually fully addressed.

LAC should continue to consult with Canadian Heritage Portfolio Affairs at the onset of the submission process.

Recommendations

LAC needs to implement a quality control process to ensure that it delivers a quality product to TBS for review.

6. Quality and Use of Evaluation

Opportunity for Improvement

Highlights	Opportunities
6.2 Neutrality: Strong All resources dedicated to evaluations are directed by the head of evaluation. Resources dedicated to the evaluation function appear to be commensurate with the organization's evaluation obligations under section 42.1 of the FAA. Head of evaluation has explicit authority to submit evaluation reports directly to the deputy head. Head of evaluation has unencumbered access to the deputy head, as required. The organization has shown evidence of moving towards full evaluation coverage of all its ongoing programs of grants and contributions over a five year cycle as per section 42.1 of the FAA. The organization has a demonstrated track record of completing planned evaluations. Average annual evaluation coverage of Gs&Cs is 20% (or higher). 6.4 Usage: Opportunity for Improvement The results of evaluations are sometimes brought for consideration in TB submissions, Memoranda to Cabinet, RPPs, DPRs and, where applicable, Strategic Reviews. Active, systematic and regular tracking of management action plans arising from evaluation recommendations is in place. Periodic reporting on the status of implementation of the evaluation recommendations is not in place. No standardized text appears above for line of evidence 6.1 because Library and Archives Canada did not submit any evaluation reports as evidence. The rating from the last round - Opportunity for Improvement - has simply been carried over.	LAC has a solid foundation in place around the governance of its evaluation function and has invested resources in recent years to enhance the quality of performance data collected by the organization and/or its partners.
Recommendations

Highlights

Opportunities

6.2 Neutrality: Strong

All resources dedicated to evaluations are directed by the head of evaluation.
Resources dedicated to the evaluation function appear to be commensurate with the organization's evaluation obligations under section 42.1 of the FAA.
Head of evaluation has explicit authority to submit evaluation reports directly to the deputy head. Head of evaluation has unencumbered access to the deputy head, as required.
The organization has shown evidence of moving towards full evaluation coverage of all its ongoing programs of grants and contributions over a five year cycle as per section 42.1 of the FAA. The organization has a demonstrated track record of completing planned evaluations. Average annual evaluation coverage of Gs&Cs is 20% (or higher).

6.4 Usage: Opportunity for Improvement

The results of evaluations are sometimes brought for consideration in TB submissions, Memoranda to Cabinet, RPPs, DPRs and, where applicable, Strategic Reviews.
Active, systematic and regular tracking of management action plans arising from evaluation recommendations is in place. Periodic reporting on the status of implementation of the evaluation recommendations is not in place.

No standardized text appears above for line of evidence 6.1 because Library and Archives Canada did not submit any evaluation reports as evidence. The rating from the last round - Opportunity for Improvement - has simply been carried over.

LAC has a solid foundation in place around the governance of its evaluation function and has invested resources in recent years to enhance the quality of performance data collected by the organization and/or its partners.

Recommendations

7. Quality of Performance Reporting

Acceptable

Highlights	Opportunities
7.1 MRRS Basis: Please note that there is no written assessment for this Area of Management as the rating is carried over from Round VI as one of the organization's Rotational AoMs.
Recommendations

Highlights

Opportunities

7.1 MRRS Basis:

Please note that there is no written assessment for this Area of Management as the rating is carried over from Round VI as one of the organization's Rotational AoMs.

Recommendations

8. Managing Organizational Change

Acceptable

Highlights	Opportunities
8.1 Scanning or planning for change: Acceptable The organization has the capacity to evaluate whether or not change is required. Organizational change plan exists and is consistent with the scope of change identified. 8.2 Engagement and capacity: Acceptable Employees are engaged in the strategy development phase. Change management related training programs are available to some components of the organizations. 8.3 Achieving results: Opportunity for Improvement Change plans and strategies are included in Performance Management Agreements of Senior Executives. Assessment plans exist but are limited in scope and detail. Results are not apparent.	LAC is encouraged to continue to proactively engage its employees throughout the organization and provide increased learning opportunities regarding the organization's change management agenda.
Recommendations
LAC needs to complete the evaluation framework and provide evidence that it can effectively assess the results of change management.

Highlights

Opportunities

8.1 Scanning or planning for change: Acceptable

The organization has the capacity to evaluate whether or not change is required.
Organizational change plan exists and is consistent with the scope of change identified.

8.2 Engagement and capacity: Acceptable

Employees are engaged in the strategy development phase.
Change management related training programs are available to some components of the organizations.

8.3 Achieving results: Opportunity for Improvement

Change plans and strategies are included in Performance Management Agreements of Senior Executives.
Assessment plans exist but are limited in scope and detail.
Results are not apparent.

LAC is encouraged to continue to proactively engage its employees throughout the organization and provide increased learning opportunities regarding the organization's change management agenda.

Recommendations

LAC needs to complete the evaluation framework and provide evidence that it can effectively assess the results of change management.

9. Effectiveness of Corporate Risk Management

Opportunity for Improvement

Highlights	Opportunities
9.1 Senior management is accountable: Opportunity for Improvement Organization is using a common IRM approach that has been approved by senior management, which is in practice across most of the organization (addresses key risk areas). Organization's IRM approach is tailored to the needs of the organization, and it addresses organizational requirements. There are mechanisms in place for future review of the IRM approach. There are mechanisms in place for future review of the IRM approach. Senior management reviewed corporate risk profile or similar tool within the past two years. IRM approach has been somewhat communicated within the organization. Clear and integrated IRM governance structures are in place across the organization. Senior management has been somewhat involved in establishing sound governance for IRM. Senior management may have provided some leadership in the development of an overall approach; however, there is little evidence of ongoing senior management leadership/support for implementation. Accountability for managing key risks appears to be inconsistently assigned to senior management. Senior management is beginning to encourage IRM; however, tools and resources are lacking to support the development of a risk-smart culture. 9.2 Implementation: Opportunity for Improvement Actual practice of IRM is well-implemented into most operational levels across the organization. IRM approach and planning, performance, and key business processes are well-linked. Tailored mechanisms and approaches are used to manage risks across functional areas and business lines. Organization uses a CRP or similar tool that provides practical and comprehensive risk information. Key operational risks are informally or inconsistently used to inform the development of corporate risks and priorities. Corporate risks are consistently linked to the organization's strategic outcomes. Risk information flows inconsistently within the organization. IRM guidance and tools are routinely communicated and disseminated to ensure that affected staff and management have access to required resources. Training and learning resources are reasonably up to date. IRM training is supported and available to key staff and managers. There is some evidence of ad hoc internal communications efforts to explain to managers and staff matters such as the importance of IRM and its linkages with the strategic direction and its relevance to the day to day operations of the organization. There is some evidence of informal risk-related communications to inform or engage partners and stakeholders. 9.3 Integration: Acceptable IRM principles or corporate risk information links to operational activities and risk assessments. This may be accomplished through formal or informal processes. Key risks are narrowly communicated. Key risks are clearly-defined and well-documented. Key risk information and IRM principles are valued as an important part of decision-making. RPPs describe mitigation strategies for the key risks included in the CRP or similar tool. 9.4 Continuous Improvement: Acceptable The organization has implemented some or most recommendations provided during its last MAF assessment, and acceptable rationale was provided for those recommendations not addressed. The organization makes adequate course corrections based on performance and new information. Notable improvements have been incorporated since the previous assessment. LAC seems to be continuing its gradual implementation of integrated risk management (IRM). The Department has implemented a number of the projects described in the previous MAF evaluation and is encouraged to continue meeting the commitments it made in its three-year action plan.	LAC could get its senior managers more involved in IRM. Identification of accountability related to risk mitigation measures could increase their commitment. This clarification of responsibilities, combined with the monitoring of schedules, would help in carrying out the ambitious projects in the three-year action plan.
Recommendations
More formal, continuous and extended communication of issues related to risk management could deepen an organizational culture that is sensitive to risk. Opportunities for informal training for all employees would also support IRM. Externally, LAC could step up its dialogue with other organizations or communities of practice with regard to risk management.

Highlights

Opportunities

9.1 Senior management is accountable: Opportunity for Improvement

Organization is using a common IRM approach that has been approved by senior management, which is in practice across most of the organization (addresses key risk areas).
Organization's IRM approach is tailored to the needs of the organization, and it addresses organizational requirements. There are mechanisms in place for future review of the IRM approach.
There are mechanisms in place for future review of the IRM approach.
Senior management reviewed corporate risk profile or similar tool within the past two years.
IRM approach has been somewhat communicated within the organization.
Clear and integrated IRM governance structures are in place across the organization.
Senior management has been somewhat involved in establishing sound governance for IRM.
Senior management may have provided some leadership in the development of an overall approach; however, there is little evidence of ongoing senior management leadership/support for implementation.
Accountability for managing key risks appears to be inconsistently assigned to senior management.
Senior management is beginning to encourage IRM; however, tools and resources are lacking to support the development of a risk-smart culture.

9.2 Implementation: Opportunity for Improvement

Actual practice of IRM is well-implemented into most operational levels across the organization.
IRM approach and planning, performance, and key business processes are well-linked.
Tailored mechanisms and approaches are used to manage risks across functional areas and business lines.
Organization uses a CRP or similar tool that provides practical and comprehensive risk information.
Key operational risks are informally or inconsistently used to inform the development of corporate risks and priorities.
Corporate risks are consistently linked to the organization's strategic outcomes.
Risk information flows inconsistently within the organization.
IRM guidance and tools are routinely communicated and disseminated to ensure that affected staff and management have access to required resources.
Training and learning resources are reasonably up to date.
IRM training is supported and available to key staff and managers.
There is some evidence of ad hoc internal communications efforts to explain to managers and staff matters such as the importance of IRM and its linkages with the strategic direction and its relevance to the day to day operations of the organization.
There is some evidence of informal risk-related communications to inform or engage partners and stakeholders.

9.3 Integration: Acceptable

IRM principles or corporate risk information links to operational activities and risk assessments. This may be accomplished through formal or informal processes.
Key risks are narrowly communicated.
Key risks are clearly-defined and well-documented.
Key risk information and IRM principles are valued as an important part of decision-making.
RPPs describe mitigation strategies for the key risks included in the CRP or similar tool.

9.4 Continuous Improvement: Acceptable

The organization has implemented some or most recommendations provided during its last MAF assessment, and acceptable rationale was provided for those recommendations not addressed.
The organization makes adequate course corrections based on performance and new information.
Notable improvements have been incorporated since the previous assessment.

LAC seems to be continuing its gradual implementation of integrated risk management (IRM). The Department has implemented a number of the projects described in the previous MAF evaluation and is encouraged to continue meeting the commitments it made in its three-year action plan.

LAC could get its senior managers more involved in IRM. Identification of accountability related to risk mitigation measures could increase their commitment. This clarification of responsibilities, combined with the monitoring of schedules, would help in carrying out the ambitious projects in the three-year action plan.

Recommendations

More formal, continuous and extended communication of issues related to risk management could deepen an organizational culture that is sensitive to risk. Opportunities for informal training for all employees would also support IRM. Externally, LAC could step up its dialogue with other organizations or communities of practice with regard to risk management.

10. Excellence in People Management

Acceptable

Highlights	Opportunities
10.1 Employee Engagement: Acceptable For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.¹ 10.2 Leadership: Acceptable For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx. 10.3 Employment Equity: Acceptable For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx. 10.4 Employee Learning: Opportunity for Improvement For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx. 10.5 Performance Management: Strong For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx. 10.6 Integrated HR and Business Planning: Acceptable For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx. 10.7 Staffing: Opportunity for Improvement For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx. 10.8 Official Languages: Strong For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx. Strengths: retention, leadership stability, employee perception of a respectful workplace, rigorous performance management regime, employee perception of freedom to use language of choice and percentage of supervisors who meet the language requirements of their position Apparent Weaknesses: employee perception that senior management makes effective and timely decisions and confidence in senior management, proportion of budget spent on training, staffing based on PSC SMAF assessment Direct comparisons with last year cannot be made, as the performance measures have changed. ¹Please note that this website is internal to government and is not available to the general public. We apologize for any inconvenience this may cause and invite those who are interested in viewing the Excellence in People Management Scorecard to email us at ScorecardResults-ResultatsCartedepointage@tbs-sct.gc.ca and we will make available the Scorecard.	To complement the scorecard, OCHRO launched a departmental dashboard that provides complementary, benchmarked information; and a repository of actionable, exemplary and innovative departmental practices and tools. The dashboard will support enhanced guidance by the Centre in relation to system-wide values and ethics and people management issues. It will also provide timely business intelligence and solutions to Deputy Heads to support the early identification and resolution of departmental values and ethics and people management issues. To access the dashboard, follow the link below: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.
Recommendations

Highlights

Opportunities

10.1 Employee Engagement: Acceptable

For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.¹

10.2 Leadership: Acceptable

For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.

10.3 Employment Equity: Acceptable

For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.

10.4 Employee Learning: Opportunity for Improvement

For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.

10.5 Performance Management: Strong

For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.

10.6 Integrated HR and Business Planning: Acceptable

For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.

10.7 Staffing: Opportunity for Improvement

For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.

10.8 Official Languages: Strong

For more detailed information, please consult the organization's Excellence in People Management Scorecard, which can be found at the following link: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.

Strengths: retention, leadership stability, employee perception of a respectful workplace, rigorous performance management regime, employee perception of freedom to use language of choice and percentage of supervisors who meet the language requirements of their position

Apparent Weaknesses: employee perception that senior management makes effective and timely decisions and confidence in senior management, proportion of budget spent on training, staffing based on PSC SMAF assessment

Direct comparisons with last year cannot be made, as the performance measures have changed.

¹Please note that this website is internal to government and is not available to the general public. We apologize for any inconvenience this may cause and invite those who are interested in viewing the Excellence in People Management Scorecard to email us at ScorecardResults-ResultatsCartedepointage@tbs-sct.gc.ca and we will make available the Scorecard.

The dashboard will support enhanced guidance by the Centre in relation to system-wide values and ethics and people management issues.

It will also provide timely business intelligence and solutions to Deputy Heads to support the early identification and resolution of departmental values and ethics and people management issues.

To access the dashboard, follow the link below:
http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/default.aspx.

Recommendations

12. Effectiveness of Information Management

Acceptable

Highlights	Opportunities
12.1 Governance: Acceptable There is evidence that adequate IM governance and accountability structures are in place, including representation of IM in organization-wide governance and/or approval committees. IM roles and responsibilities for senior executives and managers are defined. Extensive participation is evident in GC-wide approaches and initiatives related to developing, implementing, sharing, and leveraging IM policies and practices. 12.2 Strategy Planning and Implementation: Acceptable Organization has an IM strategy that is current, active, and formally approved. IM strategy implementation is underway and there is evidence of progress against plans. Organization has defined and implemented IM awareness and training activities, which are included as part of an overall awareness strategy/program. 12.4 Access to Information Act: Opportunity for Improvement A significant number of institution-specific Classes of Records do not comply with Treasury Board Secretariat requirements. Response to Treasury Board Secretariat feedback is uneven and not always fully addressed. While progress is being made to improve the organization's Info Source chapter, additional revisions are required to ensure compliance with Treasury Board Secretariat requirements. 12.5 Privacy Act: Acceptable Most of the organization's collections of personal information are described in registered Personal Information Banks and/or Classes of Personal Information in accordance with the Privacy Act.	Ensure IM governance and strategic planning address, where possible, all activities described in the IM Internal Services Profile. Strengthen corporate governance structures to ensure IM supports business outcomes. More detailed reporting and monitoring on the IM strategy, e.g. timelines, results to date, resourcing, etc. Ensure that the locations of all information holdings are documented and that retention plans are in place. Develop consistent metadata that can be applied to all information holdings. Ensure that all Class of Record descriptions are complete, up-to-date, and comply with Treasury Board Secretariat requirements.
Recommendations
Improve descriptions of LAC's programs, activities and information holdings including personal information.

Highlights

Opportunities

12.1 Governance: Acceptable

There is evidence that adequate IM governance and accountability structures are in place, including representation of IM in organization-wide governance and/or approval committees.
IM roles and responsibilities for senior executives and managers are defined.
Extensive participation is evident in GC-wide approaches and initiatives related to developing, implementing, sharing, and leveraging IM policies and practices.

12.2 Strategy Planning and Implementation: Acceptable

Organization has an IM strategy that is current, active, and formally approved.
IM strategy implementation is underway and there is evidence of progress against plans.
Organization has defined and implemented IM awareness and training activities, which are included as part of an overall awareness strategy/program.

12.4 Access to Information Act: Opportunity for Improvement

A significant number of institution-specific Classes of Records do not comply with Treasury Board Secretariat requirements.
Response to Treasury Board Secretariat feedback is uneven and not always fully addressed.
While progress is being made to improve the organization's Info Source chapter, additional revisions are required to ensure compliance with Treasury Board Secretariat requirements.

12.5 Privacy Act: Acceptable

Most of the organization's collections of personal information are described in registered Personal Information Banks and/or Classes of Personal Information in accordance with the Privacy Act.

Ensure IM governance and strategic planning address, where possible, all activities described in the IM Internal Services Profile.

Strengthen corporate governance structures to ensure IM supports business outcomes.

More detailed reporting and monitoring on the IM strategy, e.g. timelines, results to date, resourcing, etc.

Ensure that the locations of all information holdings are documented and that retention plans are in place.

Develop consistent metadata that can be applied to all information holdings.

Ensure that all Class of Record descriptions are complete, up-to-date, and comply with Treasury Board Secretariat requirements.

Recommendations

Improve descriptions of LAC's programs, activities and information holdings including personal information.

13. Effectiveness of Information Technology Management

Acceptable

Highlights	Opportunities
13.1 Leadership: Please note that there is no written assessment for this Area of Management as the rating is carried over from Round VI as one of the organization's Rotational AoMs.
Recommendations

Highlights

Opportunities

13.1 Leadership:

Please note that there is no written assessment for this Area of Management as the rating is carried over from Round VI as one of the organization's Rotational AoMs.

Recommendations

14. Effectiveness of Asset Management

Acceptable

Highlights	Opportunities
14.2 Materiel Management: Acceptable Governance structures, approval processes and authority limits are documented and disseminated. Experience and best practices are shared internally and government-wide. 14.2 Materiel Management Internal policies on materiel management were updated to reflect the 2006 Treasury Board policy changes and have been disseminated to staff. There is an adequate information system in place but it is not linked with the financial system. Performance monitoring is done on an ad hoc basis and there are no targets or measures in place.	Develop performance targets and indicators and begin monitoring asset performance. When resources are available, the Department would benefit from linking the materiel management information system to the financial system.
Recommendations

Highlights

Opportunities

14.2 Materiel Management: Acceptable

Governance structures, approval processes and authority limits are documented and disseminated.
Experience and best practices are shared internally and government-wide.

14.2 Materiel Management

Internal policies on materiel management were updated to reflect the 2006 Treasury Board policy changes and have been disseminated to staff.
There is an adequate information system in place but it is not linked with the financial system.
Performance monitoring is done on an ad hoc basis and there are no targets or measures in place.

Develop performance targets and indicators and begin monitoring asset performance.

When resources are available, the Department would benefit from linking the materiel management information system to the financial system.

Recommendations

15. Investment Planning and Management of Projects

Acceptable

Highlights	Opportunities
15.1 Investment planning: Opportunity for Improvement The planning document does not include a strategy to manage risks related to planned investments. The organization's investment planning documents do not cover all asset classes. The organization's investment planning process considers investments over multiple years. 15.2 Management of Project Resources: Acceptable Adequate processes/procedures exist to ensure that planned projects have the required resources to achieve expected results. There is no evidence that the organization has exceeded Treasury Board approval limits, or failed to notify TB/TBS when it did. Cost estimates are generated at the work package level only and do not use historical data or industry benchmarks. There is evidence that most employees with project management responsibilities have completed relevant project management training. 15.3 Management of project results: Acceptable There is evidence that the organization monitors project performance and uses this information to support corrective action. The organization requires that project milestones, deliverables and outcomes are documented for major projects. There is no evidence that lessons learned are used to improve project management governance and oversight.	LAC is strongly encouraged to commit to the development of an organization-wide approval process in order to develop an integrated departmental investment plan.
Recommendations

Highlights

Opportunities

15.1 Investment planning: Opportunity for Improvement

The planning document does not include a strategy to manage risks related to planned investments.
The organization's investment planning documents do not cover all asset classes.
The organization's investment planning process considers investments over multiple years.

15.2 Management of Project Resources: Acceptable

Adequate processes/procedures exist to ensure that planned projects have the required resources to achieve expected results.
There is no evidence that the organization has exceeded Treasury Board approval limits, or failed to notify TB/TBS when it did.
Cost estimates are generated at the work package level only and do not use historical data or industry benchmarks.
There is evidence that most employees with project management responsibilities have completed relevant project management training.

15.3 Management of project results: Acceptable

There is evidence that the organization monitors project performance and uses this information to support corrective action.
The organization requires that project milestones, deliverables and outcomes are documented for major projects.
There is no evidence that lessons learned are used to improve project management governance and oversight.

LAC is strongly encouraged to commit to the development of an organization-wide approval process in order to develop an integrated departmental investment plan.

Recommendations

16. Effective Procurement

Strong

Highlights	Opportunities
16.1 Governance and Oversight: Please note that there is no written assessment for this Area of Management as the rating is carried over from Round VI as one of the organization's Rotational AoMs.
Recommendations

Highlights

Opportunities

16.1 Governance and Oversight:

Please note that there is no written assessment for this Area of Management as the rating is carried over from Round VI as one of the organization's Rotational AoMs.

Recommendations

17. Effectiveness of Financial Management and Control

Opportunity for Improvement

Highlights	Opportunities
17.1 Authorities and Policies: Opportunity for Improvement Departmental compliance with the Policy on Financial Management Governance shows evidence of deficiencies that are of some concern. Departmental tools and procedures for those individuals delegated with delegated with Section 34 authority show evidence of deficiencies that are of some concern. Departmental processes for informing those delegated with Section 33 authority of their responsibilities and dealing with requests for payments that are problematic show evidence of deficiencies that are of some concern. Departmental processes to provide individuals delegated Section 33 authority with the information necessary to assess and approve specific transactions and to assess the adequacy of Section 34 account verification show evidence of solid financial management practices. Departmental processes and procedures for control and safekeeping of petty cash funds show evidence of good financial management practices. Departmental systems currently identifying and reporting on supplier payments show evidence of deficiencies that are of noted concern. Departmental processes and/or procedures that govern the management of its non-petty cash standing advances show evidence of deficiencies that are of a noted concern. The department has completed an internal audit of at least one financial management policy in the past five years, and/or it has one currently underway and/or it has one included in the approved Internal Audit plan for the next three years. Progress on the alignment of costing practices with the Guide to Costing is limited. Reporting of service or cost information for external user fees does not meet some requirements or guidelines. Approach to fee reviews shows moderate development. 17.2 Quality of financial reporting–internal & external: Acceptable The Financial Statements are compliant with Treasury Board Accounting Standard 1.2 – Departmental and Agency Financial Statements and reporting deadlines were met. The department has performed limited work in assessing or monitoring controls, thus potentially reducing its ability to prevent or detect material errors if any, in its financial statements. Few Central Financial Management Reporting System (CFMRS) coding errors. Greater than 97% (Grade A) of Public Accounts plates completed on time. No accounting period 15 adjustments. The scope of the internal financial reporting package is reasonable. The process for reviewing information before it is presented to senior management to ensure no material errors or omissions is weak. The internal financial reporting package is presented to senior management ten or more times per year. The internal financial reporting package is presented to senior management less than 15 calendar days after period end. The internal financial reporting package is accompanied by a weak discussion and analysis. 17.3 Management Capacity: Opportunity for Improvement Positions, the duties of which are being performed by an individual indeterminately appointed to that position, comprise all, or almost all, of the positions on the management team of the financial management organization. Positions, the duties of which are being performed by an individual indeterminately appointed to that position, comprise a low proportion of the FI segment of the financial management organization. A reasonable amount of training is provided for the financial management organization. A low proportion of FIs or management team members in the financial management organization have current, approved learning plans. Few processes in support of a sound succession plan for key positions are in place. 17.4 Financial systems and internal control frameworks: Attention Required Departmental Financial Management System (DFMS) governance model completely supports the organization's financial management business needs, completely supports the Chief Financial Officer's (CFO's) responsibilities, such that the CFO manages the DFMS budget, manages the functional configuration of the DFMS, and the CFO provides final approval on functional changes/ enhancements. The organization has a robust training plan that enhances employee knowledge on the full capabilities of the DFMS functionality, including optional functionality. Acceptable information in annual plan that aligns with OCG directions: for standard business processes, Master data and a common configuration. The organization's financial information requirements have not been identified and analyzed. Interfaces between the DFMS and the organization's human resources system, and for some organizations, the Grants and Contribution system and Salary Management have not been documented. There is little or no evidence of effort in managing the departmental system of internal controls over financial reporting. 17.5 Independent reviews: Opportunity for Improvement There are an insufficient number of internal audit reports of financial management practices. A qualitative assessment of audit report shows opportunities for improvement of financial management practices. 17.6 Community leadership, innovation & new initiatives: Acceptable The organization has identified a number of financial management initiatives in areas such as policies, reporting, systems and community development and leadership. With regards to 17.3, there were reductions in ratings from Round VI in stability of FI component of financial management organization and learning plan coverage.
Recommendations
LAC needs to focus on improving its internal controls over financial reporting and putting in place its internal audit capability.

Highlights

Opportunities

17.1 Authorities and Policies: Opportunity for Improvement

Departmental compliance with the Policy on Financial Management Governance shows evidence of deficiencies that are of some concern.
Departmental tools and procedures for those individuals delegated with delegated with Section 34 authority show evidence of deficiencies that are of some concern.
Departmental processes for informing those delegated with Section 33 authority of their responsibilities and dealing with requests for payments that are problematic show evidence of deficiencies that are of some concern.
Departmental processes to provide individuals delegated Section 33 authority with the information necessary to assess and approve specific transactions and to assess the adequacy of Section 34 account verification show evidence of solid financial management practices.
Departmental processes and procedures for control and safekeeping of petty cash funds show evidence of good financial management practices.
Departmental systems currently identifying and reporting on supplier payments show evidence of deficiencies that are of noted concern.
Departmental processes and/or procedures that govern the management of its non-petty cash standing advances show evidence of deficiencies that are of a noted concern.
The department has completed an internal audit of at least one financial management policy in the past five years, and/or it has one currently underway and/or it has one included in the approved Internal Audit plan for the next three years.
Progress on the alignment of costing practices with the Guide to Costing is limited.
Reporting of service or cost information for external user fees does not meet some requirements or guidelines.
Approach to fee reviews shows moderate development.

17.2 Quality of financial reporting–internal & external: Acceptable

The Financial Statements are compliant with Treasury Board Accounting Standard 1.2 – Departmental and Agency Financial Statements and reporting deadlines were met.
The department has performed limited work in assessing or monitoring controls, thus potentially reducing its ability to prevent or detect material errors if any, in its financial statements.
Few Central Financial Management Reporting System (CFMRS) coding errors.
Greater than 97% (Grade A) of Public Accounts plates completed on time.
No accounting period 15 adjustments.
The scope of the internal financial reporting package is reasonable.
The process for reviewing information before it is presented to senior management to ensure no material errors or omissions is weak.
The internal financial reporting package is presented to senior management ten or more times per year.
The internal financial reporting package is presented to senior management less than 15 calendar days after period end.
The internal financial reporting package is accompanied by a weak discussion and analysis.

17.3 Management Capacity: Opportunity for Improvement

Positions, the duties of which are being performed by an individual indeterminately appointed to that position, comprise all, or almost all, of the positions on the management team of the financial management organization.
Positions, the duties of which are being performed by an individual indeterminately appointed to that position, comprise a low proportion of the FI segment of the financial management organization.
A reasonable amount of training is provided for the financial management organization.
A low proportion of FIs or management team members in the financial management organization have current, approved learning plans.
Few processes in support of a sound succession plan for key positions are in place.

17.4 Financial systems and internal control frameworks: Attention Required

Departmental Financial Management System (DFMS) governance model completely supports the organization's financial management business needs, completely supports the Chief Financial Officer's (CFO's) responsibilities, such that the CFO manages the DFMS budget, manages the functional configuration of the DFMS, and the CFO provides final approval on functional changes/ enhancements.
The organization has a robust training plan that enhances employee knowledge on the full capabilities of the DFMS functionality, including optional functionality.
Acceptable information in annual plan that aligns with OCG directions: for standard business processes, Master data and a common configuration.
The organization's financial information requirements have not been identified and analyzed.
Interfaces between the DFMS and the organization's human resources system, and for some organizations, the Grants and Contribution system and Salary Management have not been documented.
There is little or no evidence of effort in managing the departmental system of internal controls over financial reporting.

17.5 Independent reviews: Opportunity for Improvement

There are an insufficient number of internal audit reports of financial management practices.
A qualitative assessment of audit report shows opportunities for improvement of financial management practices.

17.6 Community leadership, innovation & new initiatives: Acceptable

The organization has identified a number of financial management initiatives in areas such as policies, reporting, systems and community development and leadership.

With regards to 17.3, there were reductions in ratings from Round VI in stability of FI component of financial management organization and learning plan coverage.

Recommendations

LAC needs to focus on improving its internal controls over financial reporting and putting in place its internal audit capability.

18. Effectiveness of Internal Audit Function

Opportunity for Improvement

Highlights

Opportunities

18.1 Internal Audit governance structure: Opportunity for Improvement

Independence of Chief Audit Executive is demonstrated through compliance with 4.1.2 of the Directive on Chief Audit Executives, Internal Audit Plans, and Support to the Comptroller General.
Annual report of the Chief Audit Executive meets some of the key expectations set out in the Directive on Chief Audit Executives, Internal Audit Plans, and Support to the Comptroller General and Practice Advisory 2060-1 (Reporting to Senior Management and the Board).
Audit charter is reviewed periodically by the Department and Agency Audit Committee.
Internal quality assessment process is performed regularly. External Quality Assurance Review is planned or underway.
Independent Department and Agency Audit Committee is in place that meets the requirements of the Directive on Departmental Audit Committees.
Independent Department and Agency Audit Committee has recently been established.
Department and Agency Audit Committee has established a risk-guided focus and cycle for the review of Values and Ethics, Risk Management, and Management Control Framework.
Department and Agency Audit Committee periodically advises the Deputy Head on the effectiveness of arrangements in place to monitor and follow-up on Management Action Plans.

18.2 Policy and Directives on Internal Audit: Opportunity for Improvement

Risk-based Audit Plan is based on a partially defined audit universe and on a risk assessment exercise that prioritizes audit engagements.
Risk-based Audit Plan is reviewed by the Department and Agency Audit Committee, approved by the Deputy Head, and received by the Comptroller General in an untimely manner.
Risk-based Audit Plan identifies the audit engagements to be conducted and the type (assurance or advisory), timing and cost of each engagement to be conducted in the first year of the Plan.
Planning, conduct and reporting of internal audit engagements conform to the key Internal Auditing Standards for the Government of Canada.
Audit reports are reviewed by the Department and Agency Audit Committee, approved by the Deputy Head, and made accessible to the public in a somewhat timely manner. (Penultimate draft is ready within three to six months of exit conference; approved report is usually made public within three to six months of approval by the Deputy Head.)

18.3 Progress: Opportunity for Improvement

Performance reports provided by the organization partially demonstrate results/progress of the internal audit function including the effective implementation of Management Action Plans arising from audits, and adequate capacity and performance of the internal audit function.
Processes for managing human resources are planned and mostly documented.

Under the leadership of the current Chief Audit Executive, Library and Archives Canada has made progress in the implementation of the Policy on Internal Audit, such as the development of a Risk-Based Audit Plan, and the demonstration of leadership/contribution to strengthening the internal audit function government-wide. The DAC is fully established and a DAC Annual Plan that has a risk-guided focus.

The department should submit the Risk-Based Audit Plan in a timely manner.

The department should continue on the development of an audit universe that provides a complete risk ranking of all areas within the department.

Recommendations

19. Effective Management of Security and Business Continuity

Opportunity for Improvement

Highlights

Opportunities

19.1 Departmental Security Program: Strong

Organization's security program is fully developed and sustainable, and comprises all key policy elements.
Organization's security program is completely aligned and integrated with its corporate priorities and business plan.
Organization continuously improves its security program.
Senior management is actively engaged in the management of security risks.
Organization demonstrates leadership and innovation, and contributes to the government-wide security program.

19.2 Management of IT Security (MITS): Opportunity for Improvement

Organization has achieved the three priority objectives that form the foundation for Management of Information Technology Security (MITS), but does not fully comply with MITS requirements.
Some deficiencies in meeting key MITS requirements.
Senior management is actively engaged in the management Information Technology security risks.

Pursue ongoing initiatives to continue improving the LAC security program, including the development of sub-policies and chapters of the Departmental Security Policy.

Develop a Departmental Security Plan and establish measures to support on-going policy monitoring and performance measurement, to meet the requirements of the Policy on Government Security.

Continue with on-going initiatives to improve LAC IT security program including certification and accreditation of IT systems, development of processes to conduct vulnerability assessments on IT systems, and development of disaster recovery plans for key IT systems to support IT continuity.

Continue to participate in government-wide security initiatives, provide leadership and share best practices with other federal institutions.

Recommendations

Deficiencies regarding MITS compliance should be addressed on a priority basis.

20. Citizen-focused Service

Acceptable

Highlights

Opportunities

20.1 Sound Service Management Practices:

Please note that there is no written assessment for this Area of Management as the rating is carried over from Round VI as one of the organization's Rotational AoMs.

Recommendations