Public Accounts Committee on May 2nd, 2013

Mr. Chair, this was a special exam that we did on the Farm Credit Corporation. When we do a special examination, our objective and the scope of the work that we do are established, and we look to see whether there are any significant deficiencies. We have to opine on whether there are any significant deficiencies in specific systems.

In this case we did not find any. We simply made the observation that they should consider whether they need a chief risk officer to help understand how all of the different risks fit together. We're not identifying this as a significant deficiency in any way; we're just saying that it's something they should consider. It's up to the corporation to determine whether this is something that would add value to them.

Again, Mr. Chair, the overall conclusion here was that there were no significant deficiencies in their control operations; these things are being managed at a level that is adequate. This is simply something that we were suggesting.

Mr. Chair, we would have this type of observation for many organizations. What is critical in performance measure is trying to determine what outcomes the organization is trying to achieve, what performance information you can gather around these, and then how you assess whether it is achieving its intended objectives.

We find many cases in which organizations are only able to measure the activities they do; they're not able to measure the results and the outcomes. We encourage all organizations to continue to work towards bettering their ability to have performance measures based on outcomes.

We found with the Farm Credit Corporation that there was room for them to try to improve in this area. But this is not something that would be an unusual finding for us in many organizations.

The way we have it worded is:

The Corporation would benefit from the position of a Chief Risk Officer as it would help senior management and the Board understand the interrelationships in various types of risks.

What we're saying is that to have this type of position would perhaps be the next layer of sophistication or maturity in their approach to risk management. It's for them to consider. We did not find any serious deficiencies in the control environment of this organization.

Again, this would be—

I can only say it the way I've said it, Mr. Chair, that there were no significant deficiencies; there may be some room for improvement.

I'll ask Ms. Cheng to answer the question.

Thank you, Mr. Chair.

Indeed, the Deputy Minister Committee on National Security commissioned a task force. The task force studied the issues surrounding security in contracting and filed a report, which was supported by the deputy minister committee.

The proposal then went forward to Treasury Board Secretariat, which was putting together a funding proposal, and at that time, given the fiscal climate, it was felt that there wasn't going to be the funding for it. That's where the set of recommendations died.

Mr. Chair, there is a standing Deputy Minister Committee on National Security. What they did was commission a task force to work on behalf of the committee to look at the questions. I just want to clarify that.

Mr. Chair, this was something we expected, based on the recommendation we had made in the previous audit: that the standard would have been revised.

Yes, that's correct.

Mr. Chair, this was a follow-up audit to an audit we had done in 2007. Overall, we deemed that the progress on this file has not been satisfactory. This area would have been one of the reasons we deemed that the overall progress had not been satisfactory.