Evidence of meeting #17 for Public Accounts in the 39th Parliament, 2nd session. (The original version is on Parliament’s site, as are the minutes.) The winning word was contracts.
A recording is available from Parliament.
Conservative
Pierre Poilievre Conservative Nepean—Carleton, ON
Is there any good reason why departments shouldn't always use the industrial security program in cases where there is a sensitive contract?
Deputy Minister, Department of Public Works and Government Services
No good reason that I can think of. Frankly, I've been there for years...and I will look at my colleague Gerry. I would like to think that probably the majority of sensitive contracts emanating from a department come our way for assessment. So most of the highly sensitive ones would.
Liberal
The Chair Liberal Shawn Murphy
I think it's necessary to bring your colleague to the table. I know we have large crowd. Don't hesitate to bring him up, and we'll make room for him somehow, if you think it's necessary. We can't have people speaking from the audience.
Conservative
Pierre Poilievre Conservative Nepean—Carleton, ON
So you're saying this 37% is in volume, not necessarily in dollar value. Were these problem contracts my colleagues have already raised managed by the program, or was the security component managed by the department itself--for example, this NORAD project?
Deputy Minister, Department of Public Works and Government Services
No, this was contained within Defence and DCC, so we were not involved in the NORAD....
Conservative
Pierre Poilievre Conservative Nepean—Carleton, ON
If the industrial security program had been retained to carry out the security components of that work, do you think we might have avoided some of the problems, at the risk of speculating?
Deputy Minister, Department of Public Works and Government Services
I would say if a requirement had been identified, the program would have carried out the necessary assessment and clearances and all that. If the requirement had not been identified, we would not have known.
Conservative
Pierre Poilievre Conservative Nepean—Carleton, ON
Ms. Fraser, are you recommending that all contracts of a sensitive nature use the industrial security program to carry out the security portion of the work?
Auditor General of Canada, Office of the Auditor General of Canada
We haven't gone that far. We are recommending that this checklist be used and that there be a clear indication of whether a security clearance is required or not. The problem now is that the checklist is optional. So when, for example, the industrial security program gets the checklist indicating that security clearance is required, they carry it out. But if they are never advised or there's no indication, they would not know.
We think there needs to be a better system of clearly identifying if a security clearance is required or not and that this checklist not be optional.
Conservative
Pierre Poilievre Conservative Nepean—Carleton, ON
On page 12 we have the following quote: “Furthermore, at the time of our audit there were no procedures for verifying that Industrial Security Program staff have received all Security Requirements Checklists from PWGSC's procurement group.” Are you indicating that even when the industrial security program is managing the sensitive parts of a project, the checklist is not necessarily being carried out?
Deputy Minister, Department of Public Works and Government Services
Mr. Chairman, the checking out of the “no requirement”, which is what Madam Fraser and I are making reference to, was not a requirement clearly stated in the government security policy. At the time of the audit, we were of the opinion that what we had done--and probably my colleagues around the table would say that as well--was consistent with the intent of the government security policy, and I think the board would probably confirm that. We thought we were consistent.
In the dialogue with the auditors and Madam Fraser, we also concluded that there's nothing like greater certainty. For the purposes of greater certainty, say you don't have a requirement and then you thought about it, so at that time--
Conservative
Pierre Poilievre Conservative Nepean—Carleton, ON
I think we're getting a little bit off track. I just want to know, are you going to make it mandatory?
Deputy Minister, Department of Public Works and Government Services
Yes, it is mandatory now.
I was getting there, but I'll cut to the chase. We have already put in our form, in Public Works, a requirement for a “no” box. It's there.
Conservative
Pierre Poilievre Conservative Nepean—Carleton, ON
Right now, I'm a great lover of the free market, but in this particular case I'm not sure the department should have a free market to use whoever they want within the government to carry out their security requirements in the case of sensitive contracts.
Shouldn't there be one central place where they all have to go when they have sensitive, even security-related contracts to execute? Should we not make it mandatory that we use the program that Public Works has, so that one branch of a procurement-based department can specialize in this highly specialized field and the other departments can take advantage of that specialization? Would that not make more managerial sense?
Chief Information Officer, Treasury Board Secretariat
Maybe, Mr. Chair, I could respond to this.
You would look at the efficiency within the system and ask that question, which I think is a legitimate one.
One of the things the Treasury Board Secretariat is actually engaged in with Public Works and the PCO is leading an initiative to look at personnel screening across the entire system. As a result of looking at personnel screening—that would be the folks who work inside the government, contractors, and other programs where screening occurs—the opportunity exists for us to look at efficiency. So that's an initiative that's under way. We haven't responded and indicated that we think we should centralize that capability, but it certainly allows us to assess the whole system of screenings in government, because a lot of this has to do with the screening of people and assurance levels to determine how we might want to manage that differently.
So a final decision hasn't been arrived at, but we are looking at it holistically across the government, partially for efficiency but also partially to ensure there are standard approaches to security screening.
Liberal
The Chair Liberal Shawn Murphy
Thank you very much.
Before we start the first round, I want to follow up with you, Mr. Cochrane, and perhaps also the Auditor General, on the role of the Treasury Board in this whole issue.
When I look at the thing and I read the reports, it looks to me as if there has certainly been a lack of clarity, a lack of interpretation, with this policy. There has been non-compliance in the interest of efficiency, and general confusion.
In fairness, sir, I think since the audit has come out, and probably during the audit, there has been a lot of work done, and perhaps we may be on the right track now, but on government policy, when we look to the administrative arm of government and the Treasury Board to develop the policies and monitor and ensure that the policies are being followed consistently through all departments and agencies, that is, in my view—and I may be wrong—the role of the Treasury Board. This policy seems to have gotten seriously off the rails.
Do you, Mr. Cochrane, on behalf of the Treasury Board, accept any responsibility for this whole problem that has been allowed to develop?
My supplementary question is to the Office of the Auditor General. What role do you see for the Treasury Board in a situation like this, and in your opinion, has Treasury Board been fulfilling its role?
Mr. Cochrane.
Chief Information Officer, Treasury Board Secretariat
The responsibility of the Treasury Board Secretariat, in many different policy areas, is to fundamentally establish the management policies of the Government of Canada. What we've been doing over the course of the last two years is going through what we call policy suite renewal. The reason for that, I think, is that fundamentally when you look at the range of management policies that existed, there were some 180 management policies in the Government of Canada prior to policy suite renewal. We're actually refining that down to about 44 policies. So one of the jobs is to try to undo this web of rules and clarify what people are responsible for. That's a big part of our role, to try to clarify things much more substantially for departments.
Part of the policy suite renewal is also structuring things so that when you look at the policy you get an instant indication of whether there is something that you need to do for contracting. It's not buried somewhere. It's very clear and consistent that there's something I need to do for physical security.
So I would say that the policy material that was there was probably difficult to work with overall. We're implementing many elements that will add to the controls. One of those is to monitor—that's probably not exactly the right word—or work with departments through the management accountability framework to do regular assessments on an annual basis to determine if the policies are being followed. We can carry that to very deep levels of assurance if we choose to do so.
Liberal
The Chair Liberal Shawn Murphy
The question was, simply, does Treasury Board accept any responsibility for this problem?
Chief Information Officer, Treasury Board Secretariat
I think it's a big integrated system, so if there's some lack of clarity in the work that we've done in the past, then we obviously have a role to play in this overall.
Liberal
The Chair Liberal Shawn Murphy
Ms. Fraser, do you have any comments on the role of Treasury Board? Maybe I'm confused myself. I see them having a vital role in establishing the mentoring and making sure that on a government-wide basis policies regarding the expenditure of funds and contracting are followed.
Do you have any comments in that regard?
Auditor General of Canada, Office of the Auditor General of Canada
Thank you, Mr. Chair.
This discussion always comes back to the relative weight of responsibilities among the central agencies, the Treasury Board Secretariat and the deputy ministers and their own departments. It is up to the Treasury Board Secretariat to establish those management policies. They should be doing some monitoring, but I think at the end of the day we also have to say that it is up to the departmental heads to make sure their departments are meeting and respecting the policies that are put in place. The burden isn't only on the Treasury Board Secretariat.
Certainly in this case there is confusion in the policy. There was confusion about roles and responsibilities. I think that underlying a lot of the problems was perhaps the lack of--and I hate to use these words--importance or significance that a lot of people put on this whole area. People allowed contracts to go on for 11 months before security clearances were in place. For the program itself, I'm sure those people there did the very best they could, but when half of your funding is the temporary reallocation each year, it's very difficult. I would expect Treasury Board to perhaps ask where programs like those getting these temporary reallocations are.
If you don't have stable funding in government, it's very difficult to run these programs. If you don't have the people there to do the job.... You have to almost commiserate with these people who are trying to do the workload if they have...I think it was 28% vacancy and another 30% who are temporary people.
At the end of the day, I think there were a lot of factors that came into it. Certainly stable funding is one of the major factors in the problems that we saw.
Liberal
The Chair Liberal Shawn Murphy
Thank you, Ms. Fraser.
We're going to go to the second round of four minutes. I'm going to be quite brutal on time here, gentlemen.
Mr. Hubbard.
Liberal
Charles Hubbard Liberal Miramichi, NB
First of all, we heard all of this. Have there been incidents of problems? Are we talking about preventive measures? Can anyone say yes, we've had incidents where there were problems with security? Are we simply working towards prevention?
The second question I have to pose, after listening and watching in many of these, is on efficiency. If DND want a project, and they define it, then they work their way up through Public Works and into Treasury Board and back down to contractors. When we think of the timeframe of efficiency in terms of need and in terms of actually being able to use the asset, could Treasury Board look at that and give to our committee a timeframe of how efficient we are as a government in providing to a department the assets that it needs?
Also, in terms of bidders, in terms of industry we have today ISO qualified, we have nuclear certified, we have all of these. For the contracts issued by Public Works, are the bidders who come in certified to do what you ask them to do? Are you dealing with a lot of contractors who are going to get this qualification after they do the bid?
Maybe Mr. Guimont could identify. Is there a problem? Do we have contractors out there who are not certified, who are not qualified, but who are bidding or wasting our time or the time of the Department of National Defence? Or do we have an efficient system to deal with a fair and transparent bidding process?