Treasury Board of Canada Secretariat
Symbol of the Government of Canada

2010-11 MAF Results - Department of Foreign Affairs and International Trade


* An asterisk appears where sensitive information has been removed in accordance with the Access to Information Act and Privacy Act.

This document provides a Treasury Board Secretariat assessment of the department's performance against specific areas of management only. It does not present an assessment of management quality beyond these areas of management, nor does it reflect the level of effort a department may be making towards improving the quality of its management. The MAF assessments use standardized language to ensure consistent descriptions and characterizations. This assessment may not reflect the latest information available. Some departments and agencies have provided updated information in the form of a management response. Where management responses have been prepared, the link to the response is posted below the assessment.

Context

This year's observations by the Treasury Board Secretariat (TBS) on the Department of Foreign Affairs and International Trade's (DFAIT) management capacity indicate an overall improvement in ratings from MAF Round VII. In total, for the 12 Areas of Management (AoM) on which the department was assessed, it received three "strong" ratings, and nine "acceptable" ratings. DFAIT is rated as "strong" in AoM 1 (Values-based Leadership and Organizational Culture), and consistent with MAF Round VII, DFAIT is rated "strong" in AoM 6 (Quality and Use of Evaluation) and AoM 14 (Effectiveness of Asset Management). DFAIT does not have any "opportunity for improvement" ratings for MAF Round VIII.

In 2010, DFAIT continued to face financial challenges which the department has actively addressed for the past two years. DFAIT continued to cope with increased demands while implementing government-wide restraint measures, such as the Budget 2010 Cost Containment Measures, which have removed some flexibility for the department to respond to new demands. DFAIT has also taken important steps to mitigate risks identified in its 2009-2010 financial management audit and implement the management response. Departmental programs have been more closely aligned with government priorities and steps have been taken to scale back commitments and programming. The department has tightened management of its budgets to ensure longer term financial sustainability and to deliver on the Government's priorities in Afghanistan, Africa and the Americas.

The department addressed the above challenges, focusing on core business, while delivering support to Government priorities throughout its busy policy agenda in 2010. These included the promotion of greater economic prosperity, security and democratic governance, through engagement on issues such as Haiti and Honduras and Canada's response to the floods in Pakistan; support to the 2010 Olympics in Vancouver as well as the 2010 G8/G20 Summits, and the Foreign Ministers' Meeting preparations; the ongoing work in Afghanistan; and trade advancement. The department also helped to coordinate policy development on Arctic issues and collaborated with other Arctic states on points of common interest

DFAIT continues to implement a New Business Model (NBM) to better balance core and support functions, and ensure longer term financial sustainability. This includes improving financial management practices to enhance the department's ability to monitor the use of funds. The NBM is an important phase of the five-year Transformation process that began with DFAIT's Strategic Review in 2007 and aims to ensure the department's future financial sustainability without compromising government priorities or services to the public.DFAIT has also taken steps to move forward on its five-year Investment Plan and future management of projects, and Passport Canada progressed on a procurement process to implement an electronic Passport to Canadians in 2012.

In terms of the core Areas of Management (AoMs 1, 5, 6, 7, 9, 10), the organization achieved a "strong" rating in AoM 1, an increase from an "acceptable" in MAF Round VII, and maintained a "strong" in AoM 6. The department maintained "acceptable" ratings in AoMs 5, and 10. The organization increased from an "opportunity for improvement" to an "acceptable" rating in AoM 7 and AoM 9. The following summarizes the findings for the core AoMs which increased in rating from MAF Round VII:

  • AoM 1 Values-Based Leadership and Organizational Culture -DFAIT has a comprehensive and consistent approach to ensure the embodiment of values and ethics principles, and these principles are reflected in daily activities and reinforced. The department has increased to a "strong" rating in this AoM.
  • AoM 7 Effectiveness of Financial Management and Control - DFAIT has demonstrated an ability to sustain performance of its planning, operations and reporting cycles. The department maintains adequate decision making, accountability for public resources and information to support policy and program delivery. While the complexities of the department are recognized, DFAIT should continue to make progress to ensure that key risks and related controls have been identified, documented, periodically assessed for design or operating effectiveness and its capacity to cost, and review and endorse costing practices. Overall, progress is been demonstrated in this AoM, and the department has moved from an "opportunity for improvement" to an "acceptable" rating.
  • AoM 9 Integrated Risk Management – DFAIT achieved significant improvement in the area of governance, leadership and accountability for integrated risk management (IRM) and is rated "acceptable" in this area. Moving forward, DFAIT is encouraged to follow through with the commitments in its 2010-2011 Action Plan, and to communicate the lessons learned to help promote IRM across the organization.

The following AoMs are departmental-specific and central to the mandate of the organization: AoM 8 (Effective Management of Security), AoM 13 (Effectiveness of Information Technology Management) and AoM 14 (Effectiveness of Asset Management). The overall rating of the three AoMs remains unchanged from MAF Round VII at "acceptable" (AoM 8 and AoM 13) and "strong" (AoM 14). As a result DFAIT is showing a solid standing in these AoMs.

  • AoM 8 Effective Management of Security – The organization continues to reinforce its security management practices, develops the framework for implementing the Departmental Security Plan, and incorporates security risks into the corporate risk profile, maintaining a rating of "acceptable" in this AoM.
  • AoM 13 Effectiveness of Information Technology (IT) Management – DFAIT has a senior official for IT who oversees all IT spending and significant information technology-enabled projects. DFAIT collaborates well with other departments and agencies and shows a willingness to share existing processes. In addition, IT planning processes and governance structures support departmental objectives. Overall, the department has maintained a rating of "acceptable".
  • AoM 14 Effectiveness of Asset Management – The department has maintained its "strong" rating in this AoM. DFAIT's real property management framework continues to support informed real property management decisions. The department also has a comprehensive materiel management framework and has developed materiel management staffing strategies through its HR planning exercises.

With respect to the two AoMs considered remedial in MAF Round VII, the department has moved from an "opportunity for improvement" to an "acceptable" in AoM 3, and has maintained its "acceptable" rating in AoM 12, which is noteworthy.

  • AoM 3 Governance and Planning – DFAIT's corporate management structure has all the necessary components for an integrated corporate system of decision-making that facilitates allocation of resources to priorities, alignment of activities to outcomes, and the management of accountabilities.
  • AoM 12 Effectiveness of Information Management – IM governance and accountability structures are in place and include a governance model and well defined IM roles and responsibilities for all employees. The organization is a leader in sharing and leveraging existing IM policies and practices across the enterprise.

DFAIT has maintained an "Acceptable" rating in the Rotational AoM 2:

  • AoM 2 Managing for Results – Most of the listed programs in the Program Activity Architecture (PAA) meet the definition of a program, and the PAA represents a logical structure that allows for alignment of programs to the achievement of Strategic Outcomes. Although the quality of the Performance Measurement Framework is acceptable, improvements could be made to provide targets in all areas and in the appropriate format and to fully articulate the performance indicators in quantitative terms.

The TBS has identified the following two management priorities for the coming year:

  • AoM 3 Governance and Planning
  • AoM 7 Effectiveness of Financial Management and Control

DFAIT will need to continue to focus on areas related to corporate and financial management. The department did improve its overall rating from an "opportunity for improvement" to an acceptable rating in these two AoMs; however, work is ongoing and further progress in these areas is achievable. DFAIT is still working on fully implementing the Chief Financial Officer function and should continue to make this a priority. Without significant progress in these areas, DFAIT runs the risk of compromising the delivery of its core activities and continued progress on its NBM. Of note is the need to improve the strategic management of priorities and resource allocation, as well as ensuring dedicated expertise in financial management, security, and human resources management.

TBS notes that the department will continue to face extremely tight operating budgets in 2011-2012 and 2012-2013, making these efforts even more critical to the successful management of the department. Although DFAIT has demonstrated improvement in these areas since MAF Round VII, DFAIT will need to continue to demonstrate its commitment to optimizing an effective corporate management structure for continued progress to implement its NBM.

With respect to Passport Canada, information was submitted in areas where Passport Canada has its own corporate practices and processes. DFAIT and Passport Canada will revisit the 1994 Framework Agreement, which includes the Agency's mandate and relationship with its parent department, in the coming year to reflect current collaboration and accountabilities.

Rating change since previous year: Slightly increased1. Values-based Leadership and Organizational Culture

      Strong
Highlights Opportunities

1.1 Culture of respect, integrity and professionalism: Acceptable

  • The organization has implemented activities to foster a general understanding of values and ethics among employees, including awareness of conflict of interest obligations, and to ensure that values and ethics principles are embedded into the organization and its business lines/processes.
  • Consequently, the organization provided evidence of a culture of mutual respect, integrity and professionalism.

1.2 Leadership: Acceptable

  • Senior and middle management, senior officers and senior officials have adequately fulfilled their values and ethics responsibilities by often encouraging dialogue among employees and fully developing and implementing a comprehensive values and ethics plan.
  • Consequently, the organization provided evidence that their leadership adequately demonstrates and promotes values and ethics behaviours.

1.3 Continuous Improvement: Strong

  • In addition to meeting the Acceptable conditions, the organization has made easily available and/or has shared with other organizations the common values and ethics issues and solutions from organizations across the public service or other jurisdictions that it has identified.
  • Consequently, the organization strongly demonstrates that it practices continuous improvement in the area of values and ethics.

The organization could improve its mechanisms to measure the extent to which employees are aware and understand values and ethics and conflicts of interest obligations and to demonstrate that their infrastructure helps public servants raise, discuss and resolve issues.

The organization could benefit from embedding their risk assessment into their corporate risk profile and sharing lessons learned from ethical breaches with other organizations.

Recommendations

Rating change since previous year: No change since last year2. Managing for Results

    Acceptable  
Highlights Opportunities

2.1 Quality of the Strategic Outcome(s) and PAA: Acceptable

  • The Strategic Outcome(s) represent(s) (a) clear outcome statement(s) that is/are appropriate given the mandate and resources of the organization.
  • Most of the listed programs in the Program Activity Architecture meet the definition of a program.
  • The Program Activity Architecture represents a logical structure that can align its programs to the achievement of the Strategic Outcome(s).

2.2 Quality of the Performance Measurement Framework: Acceptable

  • Most expected results are clear outcome statements that are appropriate for their respective programs.
  • Most performance indicators are clear and valid measures for their respective strategic outcome(s), expected results and outputs.

2.3 Quality of Performance Reporting: Acceptable

  • Financial information in the Departmental Performance Report is sufficiently clear and explained with text, as necessary. Linkages between resources and results are adequately demonstrated.

2.4 MRRS Information: Unrated

  • The organization collects actual data against some of the measures in its performance measurement framework.
  • Results information is frequently being used to support financial and resource allocations and/or other program management decisions in the department.
  • Results information is occasionally being used in making appropriate adjustments.
  • DFAIT is encouraged to continue working with Treasury Board Secretariat to ensure that its Program Activity Architecture represents a complete and logically structured inventory of the organization's program.
  • DFAIT is also encouraged to continue working with Treasury Board Secretariat to further refine its Performance Measurement Framework, with respect to the clarity of its expected results, the development of robust performance indicators and the identification of numerical targets for all performance indicators.
  • DFAIT is encouraged to continue to collect and use MRRS information to support planning and decision making.
  • DFAIT is encouraged to include sources and information of the validity and credibility of the data throughout the DPR.
Recommendations

Rating change since previous year: Slightly increased3. Governance and Planning

    Acceptable  
Highlights Opportunities

3.1 Governance Processes and Structures: Strong

  • Organization's corporate governance structure is linked to the PAA.
  • Senior management sets priorities for and is briefed regularly on the work of the supporting governance structure.
  • In-year course corrections and adjustments and improvements to strategies are made.
  • Recordkeeping is consistently complete and timely.

3.2 Planning Processes and Outputs: Acceptable

  • Business planning processes are in place and they generally facilitate vertical alignment and horizontal integration.
  • Corporate business plan generally aligns resources and accountabilities to priorities.
  • Corporate business plan generally integrates human resources, IM/IT, risk, organizational change, communications or other key corporate plans.
  • Sector or branch business plans are generally aligned with the corporate business plan.
  • Plans to assess organizational change exist and are sufficient in scope and detail.

3.3 Portfolio Coordination: Acceptable

  • The organization's portfolio coordination is effective.
  • Adequate communication occurs between Deputy Minister and portfolio deputy heads.
  • Adequate attention paid to developing coherent policy or program approaches across portfolio.
  • Information validated within a reasonable timeframe by Deputy Minister.
Recommendations

Rating change since previous year: No change since last year4. Citizen-focused Service

    Acceptable  
Highlights Opportunities

This Area of Management (AoM) was not assessed in the current Round for this organisation as it is an AoM assessed on a rotational basis. Therefore, the rating is carried over from the last Round this organization was assessed on that AoM.

Recommendations

Rating change since previous year: No change since last year5. Effectiveness of Internal Audit Function

    Acceptable  
Highlights Opportunities

5.1 Internal Audit Governance Structure: Strong

  • The independence of the Chief Audit Executive is demonstrated through full compliance with section 4.1.2 of the Directive on Chief Audit Executives, Internal Audit Plans, and Support to the Comptroller General.
  • There is an independent Departmental Audit Committee in place that meets on a regular scheduled basis.
  • The Departmental Audit Committee has established an Annual Work Plan that considered a review of all core areas of responsibility.
  • The Departmental Audit Committee provides advice and recommendations to the deputy head as demonstrated through the implementation of the Annual Work Plan.
  • The Internal Audit Human Resources Plan is documented and implemented.
  • Professional development and training activities are linked to competency gaps in the risk-based audit plan and internal audit priorities.

5.2 Policy and Directives on Internal Audit: Acceptable

  • Risk-based Audit Plan is based on a risk assessment exercise that prioritizes all audit engagements and addresses the most significant risks over the planning period.
  • Risk-based Audit Plan identifies the audit engagements to be performed and includes the type (assurance or advisory), timing and cost for most engagements in the first year of the Plan.
  • The quality of audit reports meets most expectations.
  • Risk-based audit Plan provides no indication of adequacy or constraint of resources to cover the first year priority areas.
  • Internal Audit reports are reviewed by the Departmental Audit Committee, approved by the Deputy Head and submitted to the Office of the Comptroller General in a timely manner.
  • Audit engagements provide objective and relevant assurance and contribute to improving risk management, control and governance issues.
  • On-going internal assessments are conducted; and an external assessment (Quality Assessment Review / Practice Inspection) is completed or planned.

5.3 Contribution to Improvements: Acceptable

  • Annual Report of the Chief Audit Executive demonstrates progress of the internal audit function in contributing to improvements in risk, control, governance and organizational performance.
  • Annual Report of the Departmental Audit Committee illustrates the activities undertaken during the year in review.

Continued progress in illustrating the value-added contribution of the internal audit regime in performance reports is encouraged.

Recommendations

Rating change since previous year: No change since last year6. Quality and Use of Evaluation

      Strong
Highlights Opportunities

6.1 Quality of Evaluation Reports: Strong

  • All evaluation reports submitted to TBS address program relevance and performance.
  • All evaluations submitted to TBS employ appropriate methodologies (relative to program risk) to gather data and inform the analysis.
  • All evaluation reports submitted to TBS describe the limitations of the evaluation. The report clearly states the implications of the limitations on the validity of the findings.
  • All evaluations submitted to TBS present findings and conclusions that flow logically from the evidence presented in the report
  • All evaluation reports submitted to TBS include recommendations that are focused and practical, address significant findings and flow logically from findings and conclusions.
  • All evaluations submitted to TBS include a management response and action plan. The action plan provides specific actions, timelines for action and management accountabilities.

6.2 Governance and Support for the Evaluation Function: Strong

  • Head of evaluation has explicit authority to submit evaluation reports directly to the deputy head. Head of evaluation has unencumbered access to the deputy head, as required.
  • All resources dedicated to evaluations are directed by the head of evaluation.
  • Evaluation function resourcing appears to be commensurate with the organizational evaluation plan and supports monitoring and oversight demands. The large majority of planned evaluations are complete.
  • A senior management committee is in place to support, oversee and monitor the evaluation function and management accountabilities arising from evaluations and evaluation related products, in a manner that is fully consistent with Annex B of the Policy on Evaluation (2009). The committee is chaired by the deputy head.
  • Submitted evaluations usually cite the availability or quality of performance data, which is collected by program managers, as a constraint of the evaluation.
  • No tracking of the development and implementation of Performance Measurement Strategies exists.

6.3 Evaluation Coverage: Acceptable

  • The organization has shared its five-year approved evaluation plan with TBS. The plan demonstrates progress towards achieving full evaluation coverage of direct program spending and several good practices in evaluation planning, with only some minor weaknesses in the plan.
  • The organization has shown evidence of moving towards full evaluation coverage of its direct program spending over a five year cycle. Average annual evaluation coverage of direct program spending is between 10%-19%.
  • The organization has shown evidence of moving towards full evaluation coverage of all its ongoing programs of grants and contributions over a five year cycle as per section 42.1 of the FAA. Average annual evaluation coverage of Gs&Cs is 20% (or higher).

6.4 Usage: Acceptable

  • The results of evaluations are brought for consideration in all TB submissions.
  • The results of evaluations are brought for consideration in a large majority of MCs.
  • The results of evaluations are almost always brought for consideration in the organization's RPP and DPR.
  • Active, documented and systematic tracking of management action plans arising from evaluation recommendations is in place. Periodic reporting on the status of implementation of the evaluation recommendations is in place and available.
  • A majority of actions from management response and action plans are fully implemented or completed, as planned.
  • A minority of completed evaluation reports are submitted to TBS in a timely manner.

DFAIT continues to produce good and comprehensive evaluation reports. Notwithstanding the quality of the reports themselves, the department's ability to demonstrate results through evaluation will continue to be hampered until the issue of availability of performance data is resolved. Efforts to do so will require participation and involvement of program managers, who are responsible for the collection of performance data.

Recommendations

Rating change since previous year: Slightly increased7. Effectiveness of Financial Management and Control

    Acceptable  
Highlights Opportunities

7.0 Summary:

  • The organization's performance, risk and sustainability of its planning, operations and reporting cycles is acceptable in many or all areas.

7.1 Performance of the Planning Cycle: Acceptable

  • The performance of the planning cycle is acceptable.
  • Effective departmental planning and budgeting supported by effective financial management governance including CFO model is acceptable as evidenced by:
    • The CFO signs off on all of ARLU, Main and Supplementary Estimates information, departmental budget forecasts or new funding initiatives.
    • There is a strong consultation process in place with the OCG when staffing or making modifications to the CFO position.
    • Responsibilities assigned to the CFO position, are consistent with principles of financial management governance.
    • The principles of the guideline on CFO and DCFO qualifications are acceptable.
  • Fund centre managers received access to their approved budgets within 90 days from the start of the fiscal year which is acceptable.
  • Key controls are in place but documentation and testing remain for the most part to be completed.
  • Decision making, accountability for public resources and information to support policy and program delivery is acceptable as evidenced by:
    • Management has taken the necessary steps to ensure the adequacy of financial information that is used to support decision making (e.g. periodically assessing its continued relevance and usefulness).
    • The scope of the internal financial reporting package, including depth and breadth of information is acceptable.

7.2 Sustainability of the Planning Cycle: Acceptable

  • The sustainability of the planning cycle is acceptable.
  • While key controls are in place, systems of internal control over financial planning and budgeting require attention as evidenced by:
    • Key controls were identified and documented and periodically assessed for operating effectiveness.
  • Additional steps could be taken by management in specific areas to ensure the sustainable provision of decision-support information, as evidenced by the degree of alignment with the TBS Guide to Costing, and the state of costing methodologies and training.
  • Collectively, professional development and succession planning within the financial management organization are strongly promoted.
  • There is strong leadership and strategic direction for the FMS business processes and data as evidenced by:
    • The DFMS plan has been approved by the CFO.
    • A strong consultation and analysis process for new requirements has taken place for the DFMS plan.
    • A well developed and strong strategic plan or business case including funding profiles for major upgrades.

7.3 Performance of the Operations Cycle: Acceptable

  • Performance of the operations cycle is acceptable.
  • Aspects related to the FAA, regulations and policy instruments require attention in several areas as evidenced by:
    • While processes supporting s.33 of the FAA are adequate in some areas, several other areas require attention.
    • Policies and procedures for the approval and monitoring of hospitality are strong.
    • Additional steps could be taken by management to ensure adequate procedures for the periodic preparation, distribution and review of accounts receivable ageing reports.
    • The level of review, update and approval of the delegation of financial authorities and associated controls are acceptable.
    • Additional steps could be taken by management on the adequacy of processes to ensure that suppliers are paid in a timely fashion require attention.
    • Internal controls over Specified Purpose Accounts are strong.
  • While the department has an established system of internal control over financial reporting, improvement could be made in specific areas as evidenced by:
    • Key controls are in place and progress is being made on their documentation but testing remains to be completed and requires improvements in order to minimize losses due to waste, abuse, mismanagement errors, frauds, omissions and other irregularities.
  • The plan for periodic reviews of external user fees puts management in an acceptable position to ensure effective program delivery and appropriate resource allocations.
  • The organization can fully demonstrate appropriate and timely action taken to address significant issues as a result of audits as evidenced by the status of the Management Action Plan Follow-Up Report.
  • The organization can demonstrate that key elements of the Policy or Directive on Transfer Payments are in place as evidenced by:
    • Departmental processes to ensure consistent application of the risk management framework are strong.
    • Departmental process to ensure the engagement of applicants and recipients are strong.
    • Departmental process to ensure effective service standards framework are strong.
    • Departmental process to ensure effective performance measurement and reporting systems are strong.
    • Departmental process to ensure timely and adequate program status reporting is strong.
  • Investments made in FMS are for the most part aligned across government and consistent with TB directions as evidenced:
    • Costing information in the plan is acceptable.

7.4 Sustainability of the Operations Cycle: Opportunity for Improvement

  • While the sustainability of the operations cycle is sustainable for the most part, there are opportunities to improve in specific areas.
  • While the department has an established system of internal control over financial reporting, on specific occasions, the organization could improve its demonstration that key financial risks are well managed as evidenced by:
    • Key controls are in place and progress is being made on their documentation but testing remains to be completed.
  • The stability and depth and breadth of experience of the financial management could be improved as evidenced by:
    • On average, senior financial officers' experience in the department is limited.
    • On average, senior financial officers' experience in their substantive positions is limited.
    • The proportion of individuals on the management team that are not appointed indeterminately to their positions requires improvement.
    • Considered collectively, the depth of the management team's experience in the department, as executives and in their substantive positions is recent.
  • There is an acceptable functional relationship between the CFO and FI positions that exist outside the financial management organization.

7.5 Performance of the Reporting Cycle: Acceptable

  • Performance of the reporting cycle is acceptable.
  • While, in general, external financial information is reliable, adequately monitored and reported there are improvements that could be made as evidenced by:
    • Reporting of service level and financial information for external user fees is adequate and for the most part meets requirements and guidelines.
  • Financial statement presentation is consistent with TBAS 1.2 for the most part as evidenced by:
    • Both draft and final financial statements were submitted on time.
    • The information provided for the accounts of Canada and the Public Accounts of Canada is acceptable.
    • The information provided for the accounts of Canada and the Public Accounts of Canada is well monitored.
    • The information submitted for the Public Accounts of Canada is often not provided on a timely basis.
  • Managers with financial authorities have reliable or timely information in support of effective decision making as evidenced by:
    • The internal financial reporting package is provided on a timely basis.
    • Fund centre managers received access to their approved budgets within 90 days from the start of the fiscal year.
    • The organization can demonstrate it produced the Annex to the Statement of Management Responsibility including Internal Control over Financial Reporting as evidenced by publication of the Annex as part of the departmental financial statements at the time of the 2009-10 release of the DPR.
    • The Pay Administration Model (PAM) has been reviewed however the implementation plan is not yet completed.

7.6 Sustainability of the Reporting Cycle: Opportunity for Improvement

  • While the sustainability of the reporting cycle is adequate for the most part, there are opportunities to improve in specific areas.
  • While the department has an established system of internal control over financial reporting, on specific occasions, the organization could improve its demonstration that key financial risks are well managed as evidenced:
    • Identification of significant financial statements accounts based on risk, materiality, key locations, processes and IT applications has been commenced but not advanced in all control areas.
    • Documentation of the key controls is commenced in one area but does not yet cover the remaining levels of key controls.
    • Design effectiveness testing is commenced in a majority of control levels.
    • Operating effectiveness testing is commenced in the majority of control levels.
    • A risk-based approach or process to support ongoing monitoring of the effectiveness of its ICFR is in place but no sharing of results and action plan from the assessment with the DAC or equivalent.
    • There is adequate evidence that the department is responsive based on its action plan and/or its progress towards addressing significant known issues related to the production of the departmental financial information and reporting.
    • The department has taken some action to prepare for the production of the new departmental quarterly financial reports.

While the complexities of the department are recognized, it should aim to continue to make progress to ensure that key risks and related controls have been identified, documented, periodically assessed for design or operating effectiveness.

Recommendations

The department should aim to continue to make progress to ensure that key risks and related controls have been identified, documented, periodically assessed for design or operating effectiveness.

Rating change since previous year: No change since last year8. Effective Management of Security

    Acceptable  
Highlights Opportunities

8.1 Governance and Planning: Acceptable

  • Governance is in place to support the development, implementation and maintenance of the Departmental Security Plan.
  • Governance is in place to set strategic direction, support decision making and provide on-going oversight for the organization's security program.
  • The security program is administered by an appointed Departmental Security Officer who is positioned to provide strategic advice and guidance to senior management.
  • Development of a Departmental Security Plan (DSP) was in-progress and approval was scheduled within the next year.
  • Respective responsibilities and accountabilities of stakeholders have been identified where security responsibilities are delegated to another organization.

8.2 Capacity and Processes: Acceptable

  • A security organization with adequate resources, people and processes has been put in place to support implementation of the Departmental Security Plan and effectively manage the organization's security program.
  • Measures are in place to ensure training of security practitioners.
  • Organization has in place a fully developed security program that comprises key policy elements.
  • The security awareness program is developed.
  • Measures were at least partially in place to ensure effective management of security incidents.

8.3 Monitoring, Performance Measurement & Reporting: Acceptable

  • Organization has measures in place for on-going monitoring, performance measurement and reporting to senior management on risks, policy compliance and effectiveness of security control framework.
  • Organization has conducted a MITS and BCP self-assessment in the past year.

8.4 Results: Acceptable

  • No significant deficiencies in meeting key security policy requirements.
  • Organization has measures in place to provide for the continuity of critical business operations and services.
  • Organization has strong Management of Information Technology Security practices in place.
  • Organization has made good progress in the departmental security program in the last year.
  • Most deficiencies identified in previous rounds and through other means have been addressed and planned activities are mostly progressing on schedule.
  • LoE 8.1 DFAIT was rated as Acceptable for this LoE. The organization should focus on developing its Departmental Security Plan and related policy and planning elements.
  • LoE 8.2 DFAIT was rated as Acceptable for this LoE. The organization demonstrates a mature program with respect to Capacity and Processes. The only deficiency that was identified was with respect to having mechanisms in place to report and investigate security incidents.
  • LoE 8.3 DFAIT was rated as Acceptable for this LoE. The organization should develop systems to monitor the additional standards being introduced internally, as well as additional standards being introduced by TBS in MAF Rounds IX and X.
  • LoE 8.4 DFAIT was rated as Acceptable for this LoE. The organization should ensure it continues the measures required to address the limited deficiencies identified in MITS and BCP.
Recommendations

Rating change since previous year: Slightly increased9. Integrated Risk Management

    Acceptable  
Highlights Opportunities

9.1 Governance and Leadership: Acceptable

  • Senior management provides leadership and sets expectations for integrated risk management.
  • Effective governance structures are in place to promote the systematic integration of risk management practice across the organization.
  • Roles and responsibilities for risk management are clearly articulated and put into practice.

9.2 Implementation: Acceptable

  • The organization generates coherent and consistent risk information as a fundamental part of its integrated risk management approach.
  • The organization assures the quality and consistency of risk identification, assessment and response across the organization.

9.3 Results and Continuous Improvement: Acceptable

  • Exceptional improvements have been implemented by the organization based on the opportunities for improvement identified in its previous MAF assessment, and results can be clearly demonstrated.
  • The organization regularly reviews and adjusts its overall integrated risk management approach to ensure continued relevance by considering lessons learned.

DFAIT is encouraged to consider the following opportunities for improvement in MAF Round IX:

  • Develop indicators to measure the performance of DFAIT's IRM approach.
  • Implement the IRM Learning Strategy and adjust periodically based on input received from clients.
  • Develop alternative mitigation strategies for risks related to HR, Finance and Change Management, in order to ensure that they are addressed effectively.
  • Integrate the lessons learned and proposed advice from the two internal reviews and the advice provided by the DAAC, and revise the IRM Action Plan accordingly.
Recommendations

Rating change since previous year: No change since last year10. Excellence in People Management

    Acceptable  
Highlights Opportunities

Overall score

The Department of Foreign Affairs and International Trade (DFAIT) received an overall score of 63.48 and a rating of Acceptable. Last round, its performance was rated Acceptable for AoM 10.

DFAIT showed particular strength with respect to Leadership (Executive experience in the organization), Employee Engagement (Retention) and Promotion of Visible Minorities. In addition, the department has a high proportion of employees participating in learning activities and the majority of promotions are internal.

In comparison to MAF VII, DFAIT's ratings have improved in Employee Engagement, Leadership and Employee Learning and have decreased for Performance Management and Official Languages.

Contextual information

The process of transformation launched in 2007 followed by the strategic review requires DFAIT to move from a headquarters-based department to a modern foreign ministry; emphasis is being placed on human resources to respond to the rapidly changing environment.

DFAIT has created a pool management strategy for non-rotational staff, providing a chance to broaden job experiences. For managers, it eliminates the problems of back-filling and double-banking when employees take on new assignments. The strategy is being used for non-rotational EX positions and may expand to EC and CO employees.

DFAIT's operations are 24 hours a day, 7 days a weeks. Employees abroad respond to disasters and provide 24 hour consular services to Canadians. This environment results in employees working overtime which is monitored by management to ensure it is warranted and is in line with operational imperatives.

Areas for improvement include the representation and promotion of Aboriginal Peoples, Bilingual meetings, demonstrating results/outcomes of the PSES Action Plan and Performance Management (Performance Management Process Participation Rate). DFAIT is simplifying and improving its online Performance Management Program application. Further, DFAIT could improve its Workload and Workforce Planning Effectiveness (Overtime and Long Term Acting Assignments). Acting assignments are an option used to fill rotational positions, resulting in a high number of long-term acting assignments. Long-term actings are monitored using Quarterly Reports. DFAIT's Integrated HR Plan for 2009-2012 aims to strengthen capacity to forecast HR and business needs. Accurate information is critical to HR planning, and DFAIT recently improved its monitoring of data through monthly data integrity reports; this has decreased the number of anomalies.

Recommendations

Please consult the Public Service Management Dashboard which contains more than 200 measures on people management to support Deputy Heads. For information: http://publiservice.ochro-bdprh.tbs-sct.gc.ca/pmi-igp/FormsPublic/home-eng.aspx.

To improve on MAF VIII scores, DFAIT should examine the following People Management Drivers:

  • Workforce: Values-based Staffing, Diversity of Characteristics, Performance Management, Right Talent in the Right Place at the Right Time, Career Opportunities
  • Enabling People Management Infrastructure: High-quality People Management Services
  • Culture of Excellence: People-orientated

Rating change since previous year: No change since last year11. Effective Procurement

    Acceptable  
Highlights Opportunities

This Area of Management (AoM) was not assessed in the current Round for this organisation as it is an AoM assessed on a rotational basis. Therefore, the rating is carried over from the last Round this organization was assessed on that AoM.

Recommendations

Rating change since previous year: No change since last year12. Effectiveness of Information Management

    Acceptable  
Highlights Opportunities

12.1 IM Governance: Strong

  • Designated IMSO has a clear, significant role in corporate governance structures, and a significant span of influence over the decisions impacting IM in the organization including how they are made.
  • IM governance and accountability structures are in place, based on an established governance framework, with significant IM representation in organization-wide governance and/or approval committees, and a significant span of influence over decision-making that impacts IM in the organization.
  • Employee IM roles and responsibilities are defined and communicated to staff.
  • The organization is extensively participating in GC-wide IM committees and is leveraging and contributing to the development of IM policies and best practices across the GC.

12.2 IM Strategy Planning and Implementation: Strong

  • Organization has a current, formally approved, fully integrated IM Strategy that is active, reviewed on a regular basis, and incorporates planned updates based on the results of monitoring.
  • IM Strategy implementation is underway and there is significant progress toward meeting established milestones; there is significant, regular monitoring and reporting to senior management recommending required adjustments.
  • Organization has an IM Awareness Strategy which includes IM training and demonstrates appreciable progress in its implementation.

12.3 IM Practice: Opportunity for Improvement

  • Organization has a partial inventory of structured or unstructured repositories and has documented some practices for the consistent management, search, and retrieval of information found within those repositories.
  • Organization has some documented recordkeeping practices for capturing, classifying, and accessing information; there is minimal progress toward integrating the practices in to day-to-day activities; a classification structure or taxonomy is only used in part of the organization or is under development.
  • Organization is developing Retention & Disposition Plans; the disposition process is documented but not consistently implemented.

12.4 Access to Information: Acceptable

  • Organization submitted an Annual Report to Parliament and addressed all of the mandatory reporting requirements.
  • Most of the organization's functions, programs, and activities have been appropriately identified and described in its Chapter of Info Source: Sources of Government and Employee Information.

12.5 Privacy: Acceptable

  • Most collections of personal information under the control of the organization have been appropriately identified or described in registered Personal Information Banks and/or Classes of Personal Information as required by the Privacy Act.
  • There is significant evidence that the organization has taken action to address most privacy-related issues identified in the previous MAF assessment.

12.6 ATIP Governance and Capacity: Strong

  • Evidence demonstrates that an appropriate governance structure is in place and roles and responsibilities are well-defined.
  • Develop performance indicators to monitor IM activities.
  • Document all information repositories and processes for managing them throughout their lifecycle.
  • Initiate identification of information resources of business value to ensure appropriate maintenance & accessibility.
  • Ensure that Retention and Disposition Schedules are in place for all resource types across the organization.
  • Ensure that all Class of Record descriptions and related Personal Information Banks are appropriately linked to the relevant sub-activities in the Info Source chapter.
  • Continue to work with TBS to develop and register new Personal Information Banks to ensure all personal information under the institution's control is appropriately described in accordance with the Privacy Act.
Recommendations

Rating change since previous year: No change since last year13. Effectiveness of Information Technology Management

    Acceptable  
Highlights Opportunities

13.1 Leadership: Strong

  • Effective relationships and definition of accountability exists between the senior official for IT and the Web presence authority.
  • Organization actively participates and demonstrates leadership in setting government-wide directions for information technology.
  • Organization demonstrates sharing, re-using or leveraging across the government for ideas, best practices, assets and implementations.

13.2 Planning: Acceptable

  • A comprehensive Information Technology Plan is in place and aligns with the government-wide directions for information technology and with departmental business needs.
  • Organization effectively analyzes, plans for, and appropriately uses information technology shared services.
  • Organization has adequately institutionalized Web accessibility in planning and governance processes.

13.3 Value: Acceptable

  • Organization has processes to report progress against planned information technology activities.
  • Organization has performance measurement tools and adequate performance reporting in place to guide decision-making (includes the use of metrics, an IT costing model, and performance indicator benchmarks).

Commended for their progress and encouraged to continue:

  • The strengthening of governance for IM/IT.
  • To build upon the development and implementation of its IM/IT Performance Measurement framework
Recommendations

Rating change since previous year: No change since last year14. Effectiveness of Asset Management

      Strong
Highlights Opportunities

14.1 Real Property Management: Strong

  • Governance structure is documented.
  • Governance structure is communicated.
  • Internal policies are up to date and documented.
  • Internal policies are communicated.
  • Experience and best practices are shared internally and government-wide.
  • Reliable and integrated information is used in the decision-making process.
  • Indicators of real property performance are monitored and performance measurement is ongoing.
  • The condition of most essential assets is known.
  • Certification of information in the DFRP is accepted.
  • Certification of information in the FCSI is accepted.
  • Contaminated site management is consistent with policy and program guidelines.
  • Human Resource plan is linked to the organizational real property requirements and appropriately supports program operations.

14.2 Materiel Management: Strong

  • Governance structure is documented.
  • The organization displays leadership in the federal materiel management community.
  • New and evolving best practices are introduced.
  • Governance structure is communicated.
  • Internal policies are communicated.
  • Reliable and integrated information is used in the decision making-process.
  • Indicators of materiel performance are monitored and performance measurement is ongoing.
  • The Human Resources plan for materiel management is in place and appropriately supports program operations.
  • Materiel management policies are communicated to staff, although there is no evidence that they are up to date.

14.1 Real Property Management :

  • DFAIT is encouraged to continue to share knowledge and lessons learned with the real property community.

14.2 Materiel Management :

  • DFAIT is encouraged to ensure that its Materiel Management Manual is up to date.
  • DFAIT is encouraged to continue to share knowledge and lessons learned with the materiel management community. Of particular interest may be the implementation of its one-stop shopping procurement system.
Recommendations

Rating change since previous year: No change since last year15. Investment Planning and Management of Projects

    Acceptable  
Highlights Opportunities

This Area of Management (AoM) was not assessed in the current Round for this organisation as it is an AoM assessed on a rotational basis. Therefore, the rating is carried over from the last Round this organization was assessed on that AoM.

Recommendations