Public Accounts Committee on May 13th, 2015

Thank you, Mr. Chair.

Thank you for this opportunity to discuss “Report 2, Required Reporting by Federal Organizations” of the Spring 2015 Reports of the Auditor General of Canada.

Joining me at the table are John Affleck, principal, and Colin Meredith, director, who were responsible for the audit.

This audit focused on recurring reporting requirements set out by the Treasury Board, by the Public Service Commission of Canada, and by statute. We undertook this audit to respond to long-standing concerns about the burden these reporting requirements create for federal departments, federal agencies, and crown corporations.

The overall objective of the audit was to determine whether selected reporting requirements for federal organizations efficiently support accountability and transparency, and generate information used for decision making in policy development and program management. Overall, we found that reporting intended to support accountability and transparency was serving its intended purposes.

We also found that clear purposes and timelines had been established for the selected reporting requirements, and that central agencies had provided guidance and support to help federal organizations meet them.

However, with respect to the efficiency of required reporting, we found that neither the Treasury Board of Canada Secretariat nor the Public Service Commission of Canada had determined the level of effort or costs involved in meeting the requirements we examined. ln our view, determining level of effort and costs would lead to a greater understanding of the resource implications of these requirements, and would allow them to be adjusted accordingly.

Furthermore, we found that the secretariat has not maintained a comprehensive inventory and schedule of the 60 recurring reporting requirements stemming from its policies, directives, and standards. Such a tool would both help the secretariat address the burden of Treasury Board reporting requirements and help reporting organizations efficiently prepare the required reports.

The secretariat made some accommodations for the sizes and mandates of reporting organizations when reporting requirements were first established and during subsequent reviews. However, we found that most Treasury Board reporting requirements applied equally to all organizations regardless of their size or mandate. For example, the Canadian Polar Commission, a small organization with 11 staff members, was required to prepare 25 annual or quarterly reports.

We noted that the efficiency and value of quarterly financial reports could be improved to better support accountability to Parliament. We identified only one routine use of the information in quarterly financial reports. The Office of the Parliamentary Budget Officer used the information in preparing assessments of in-year spending for parliamentarians.

Six of the eight reports that we examined were intended to support accountability and transparency. We observed that federal organizations were preparing these six reports. However, they were not meeting the remaining two reporting requirements, which were intended to support their internal decision-making.

We noted that 20% of departmental investment plans had not been completed as required. We also found that about half of the departmental security plans that were due by June 2012 had not been finalized at the time of our audit. A departmental security plan is intended to support internal decision-making by providing an integrated view of an organization's security requirements.

In addition, we found that the secretariat did not take full advantage of the opportunity to use the information in the departmental security plans. For example, although the secretariat reviewed the plans it received and used them to support its policy review, it did not use the information to identify broader government security issues.

In the report, we made six recommendations aimed at improving the efficiency and usefulness of required reporting. The secretariat and the commission have agreed with our recommendations.

Mr. Chair, this concludes my opening remarks. We would be pleased to answer questions that this committee may have.

Thank you.

Thank you, Mr. Chair.

I would like to introduce Mr. Michael West, our director general for delegation and accountability, who is with me today.

We are very pleased to be here and to have the opportunity to participate in the work of the committee with respect to chapter 2 of the report of the Auditor General.

As the report notes, the Public Service Commission is responsible for promoting and safeguarding the merit-based appointment system and ensuring that it is free from political influence and, in collaboration with other stakeholders, is responsible for protecting the non-partisan nature of the public service.

The PSC is accountable to Parliament for safeguarding the integrity of staffing in the public service and the political impartiality of public servants. We report independently to Parliament on these matters.

The Public Service Employment Act, as amended in 2005, sets out a staffing system based on values, in which deputy heads have greater responsibilities. The PSC fulfills its mandate by delegating staffing to deputy heads and providing overall policy guidance and tools to assist them in exercising their delegated authorities. We have delegation agreements with 80 departments.

Since 2005, the staffing management accountability framework has set out the PSC's expectation for a well-managed appointment system and has provided a framework for monitoring staffing performance. The PSC has been overseeing the staffing system through regular monitoring and through conducting audits and investigations when needed.

Deputy heads have been submitting self-assessments in the form of departmental staffing accountability reports in which they report on their organization's performance. These provide the commission with the opportunity to assess organizational performance against the staffing management accountability framework and to provide annual feedback to deputy heads.

Based on the overall performance of the staffing system, we have been aiming for continuous improvement and lessening the reporting burden on departments and agencies. A mature staffing system has allowed us to move towards a more effective and efficient model of accountability.

Our efforts to streamline the PSC's reporting requirements have been acknowledged by the Auditor General in the report. We developed a framework in consultation with internal and external stakeholders, including deputy heads. We made it simpler and more focused, with 12 indicators in 2013-14 as compared to 29 in previous years.

A shorter, more concise report makes for a more effective and useful management tool for deputy heads as well as the PSC. Reducing our reporting footprint will allow organizations to put their efforts on addressing their own specific risks that reflect their operational realities and staffing challenges.

Mr. Chair, we have nearly 10 years of experience with a fully delegated system. Our staffing system is maturing and is working well.

Organizations are building their internal capacities to monitor their own staffing processes, and we are confident that this will lead to improved effectiveness and efficiencies. The Public Service Commission is ready and able to assist organizations in further developing these capacities, which would be more targeted to their needs. At the same time, we have invested considerable efforts in developing our own capacity to better utilize the staffing data collected by the commission, which further alleviates the reporting burden while ensuring the overall accountability of the system.

As I mentioned earlier, our audits and investigations also provide important staffing information. ln addition, we have a survey conducted by Statistics Canada that gathers feedback from hiring managers as well as applicants on their experience within the staffing system. Instead of getting their staffing statistics from the Public Service Commission as part of the annual reporting cycle, organizations can now access the latest staffing data through an online portal.

Where we find problems, we work with organizations to resolve them in real time, as quickly as possible. We are therefore moving more and more towards an approach based on identifying horizontal systemic issues.

ln all of our activities, from outreach to oversight, we look for lessons learned, to identify areas for improvement and to take concrete actions. We share good practices to foster continuous improvement. We are also continuing to adapt our requirements, consistent with the recommendations of the Auditor General.

For instance, this year, we asked organizations to focus their reporting on only three key indicators, in areas of particular relevance, based our integrated information. These are official languages qualifications in staffing, areas for ongoing improvements identified in our audits, and priority entitlements.

As you may know, the Public Service Commission is responsible for administering priority entitlements, and we work closely with departments and agencies to ensure that the rights of priority persons are respected. This collaboration will be critical for the implementation of the Veterans Hiring Act, which will provide medically released veterans with greater access to public service jobs.

Let me now turn to the Auditor General's recommendation to systematically adjust required reporting on the basis of its effort, cost and value. PSC is reviewing our policy and oversight frameworks. Our consultations with federal departments and agencies are now underway.

We would like to simplify our policies to remove duplication and minimize overlap while upholding the fundamental principles of the Public Service Employment Act. We also want to more fully integrate all of our staffing information to help organizations and the PSC identify areas where we can improve staffing management and performance.

We will also be looking to remove any unnecessary requirements and to make sure that any reporting considers effort, cost and value. We expect centralized reporting requirements to be reduced, which will reduce the efforts and costs to organizations. With the more fully integrated staffing system we have available, it will be of more value to organizations. We are still at an early stage but we expect that a more integrated approach to the delivery of our policies and oversight functions will provide further opportunities for increased effectiveness and efficiencies.

ln closing, Mr. Chair, we will be working closely with departments and agencies to help them build a stronger culture of prevention while we continue to deliver our fundamental responsibility to provide independent oversight to Parliament on the integrity of the merit-based staffing system and non-partisanship of the public service.

I would be pleased to respond to your questions.

Thank you.

Thank you very much, Mr. Chair. We too are delighted to be here and to help the committee in any way we can with its important work. I'm particularly pleased to be here to speak to the Auditor General's recently tabled report on required reporting by federal organizations.

I'm joined by Bill Matthews, the comptroller general of Canada, and Rita Whittle who is the executive director of security and identity management in our office of the chief information officer branch at the Treasury Board Secretariat.

First, I would like to thank the Office of the Auditor General for their report and recommendations. The issues they examined are extremely important. Reporting is the cornerstone of accountability, transparency and openness.

The Treasury Board is responsible for establishing the rules and the requirements for financial, personnel, and administrative management across government.

As the administrative arm of the Treasury Board, the secretariat supports deputy heads as accounting officers to implement and ensure compliance with Treasury Board policy requirements within their respective departments and agencies. The secretariat in that context requests and collects certain information from departments, as required by Treasury Board policies, to demonstrate compliance and the presence of expected management practices.

The secretariat also collects information in support of legislative and parliamentary requirements. One example is the data for the Main Estimates. Although the secretariat works with departments and agencies to reduce the burden of providing the base information, the requirements for these reports are beyond our control and were appropriately excluded from this audit.

The secretariat is conscious of the fact that preparing and providing reports can place a burden on departments. In recognition of this, the Treasury Board has given the secretariat formal direction on reporting through the foundation framework, which is at the very heart of the Treasury Board policy suite. The framework includes a set of smart reporting principles which state that reporting requirements should respect the oversight responsibilities and accountabilities of deputy heads, have a clear purpose, seek timely information to meet that purpose, and be efficient. That is to say that the cost to create and submit information should be minimal, leverage existing data sources, and not duplicate other requirements.

As an example of the secretariat's commitment to these principles, although it will take some time to put these in place, instead of having to ask departments to report, we are assessing the potential for systems that already have the base information that can be extracted to prepare a report.

As demonstrated by the Office of the Auditor General's report and recommendations, we recognize that there is room for improvement and that there are some more immediate steps that we can take. To this end, the secretariat is committed to the ongoing refinement of the policy suite and finding the right balance between the burden of reporting and the utility of the reports.

As part of our path forward, the secretariat has prepared a management action plan that has been shared with the Auditor General and with this committee.

I would like to conclude by briefly taking the opportunity to provide you with some of the highlights.

The secretariat is updating our guidance to ensure that not only the effort, cost, and value of a report but also the size and mandate of reporting organizations are considered when designing a reporting requirement.

The secretariat is also making a schedule of all reporting requirements publicly available.

The secretariat is reviewing the departmental security plan guidelines to provide effective support to departments in their development, maintenance, and reporting of their plans.

Finally, the secretariat is assessing the feasibility of new reporting mechanisms to more efficiently meet quarterly financial reporting requirements.

Thank you for your time, Mr. Chair. My colleagues and I would be pleased to answer any questions from the committee that we can.

All of us will do all we can to answer your questions, Mr. Woodworth.

Yes. It is important that all departments and agencies have a clear sense of the overall risks that their departments are meeting, that they are ensuring that actions against those risks align with the priorities of their departments.

They ensure that they have the appropriate internal governance and overall planning and processes within their departments to do what's needed to ensure the security, to ensure such things as information is properly secured, to ensure they have such things as the appropriate business continuity plans, and the right kind of physical security and cybersecurity. All these important elements are brought together in an integrated plan, which the department security plan is aimed at ensuring.

They're an evergreen document I think is the best way to put this. It's important always in all areas of management, but most particularly in areas of security, that you keep up to date with those issues before you. It's best to describe them as an ongoing evergreen document.

Deputy heads have responsibility within their organizations to ensure that the planning under the policy on government security is undertaken and that those plans are kept up to date.

No, it doesn't mean that. At that particular time the approval by deputy heads against their departmental plans was found to exist in about 50% of the departments covered.

Currently, much closer to 80% of departments have their plans either approved or in a state of maturity within their departments, and fully 64% of deputies have signed off on them.

In the case of large departments and agencies where there might be some particular concern, we can tell you that all departments and agencies now have their departmental security plans with their deputies and almost 80% have signed off on them.

It's a very important part of it, but it's certainly not the entirety. I think it's important to note that the Auditor General did not audit departmental security practices. They didn't audit the specific actions being taken to ensure that security in all those important areas that I mentioned are being done.

The degree to which those departmental plans had been signed off by their deputy heads was audited.

A great deal of important practices are ongoing every day to ensure that the security of departments in all those important areas is under way.

That is correct, Mr. Chair. We did not audit the security practices. The audit focus is on the reporting requirement and whether those departmental security plans were formally approved. At the time of the audit, about half of them did not have an approved departmental security plan.

We would not be in a position to comment, because we did not look at those practices.

Of those departments covered by the Government of Canada's security policy, that's correct.

Yes, that is correct.

I'm just trying to look up the period under examination. Usually it's at the back here....

Right.

At the time when we completed the audit, we found that about half of them had approved plans. This has to go back to the start of the requirement, really. The policy on government security was approved in 2009. Further to that, there was a directive that required departments and agencies to prepare these kinds of plans.

Really, this is a tool to help them put all their risk postures together so that they can understand what they're faced with, from the physical side to the financial side, as well as the cyber, to ensure that they have a comprehensive view, and to ensure that they have a plan to address the different exposures they think they might have. This helps them put it all together so that they know what they have and they can manage accordingly.

The policy and the directive were in place in 2009. Recognizing that it was a significant exercise, departments and agencies were given time to pull together the plan. That's why the plan was not required before June 2012.

In the report, we note that Treasury Board Secretariat actually did some follow-up as well along the way, trying to see if they were coming along. They were not particularly fast in terms of completing the plans. At the end of the audit timing, we saw that about half of them had completed plans.

Now, because we didn't look at the practices, or didn't look at the state of the unfinished plans, we don't know how mature they are. Treasury Board Secretariat probably has more up-to-date information and perhaps can help us with that.

Yes, it's non-verbal communication.

It stands in the category of a large department and agency. Its department security plan has been signed off by its deputy head, yes.

No. It's a very good question, Mr. Allen.

The Treasury Board Secretariat is concerned as well about movement. We've been working with departments consistently. Nancy indicated that there's been consistent follow-up, and we've taken a number of other measures to try and support departments and agencies in this. We have worked on it. Guidelines came out to support departments in working through their security plans. In addition to that, seminars have been held. Recently, a security seminar was held to move that forward. There are workshops. We've developed enhanced templates.

I might just indicate in parentheses here, and it's actually a feature theme of the Auditor General's report, that we've been paying particular attention to move small departments and agencies along and support their capacities to write this kind of report. That's a feature we're going to continue to press, not just in departments' security plans, but in other reporting requirements as well. There would be some tailoring and some adjustments to try to support them.

We'd be happy to do that. It falls within Bill Matthews' office as comptroller general. I think Bill would be happy to walk you through that, Mr. Albas.

Mr. Chair, the investment planning policy that exists now has been around since about 2007. I would stress, though, that it was implemented in chunks. There were about three major steps we had along way. Full compliance has been in place for a number of years. What we're looking for there is for departments to cost out their planned major investments and share them with the Treasury Board. That includes all aspects of planned investments, including life cycle costs. This is planned as opposed to possible. What it really does is it drives home the importance of a planning document in the department.

The value of this policy is really threefold. One is you get a plan at the end that the Treasury Board Secretariat can monitor. Two, from my perspective, in the departments the value is to put them through a planning process, to make sure you have governance, the right priorities and investments, and things like that. Three, if you have a plan, it means that you are subject to a little less oversight from the Treasury Board itself. If you don't have a plan in place, it means that every time you're doing a project of over a million dollars, you come into Treasury Board for some oversight. If there's a plan in place, it actually makes us more efficient as well.

Sure. There are a couple of things. Number one, the plan is five years in length, but it is supposed to be refreshed every three years, because plans do change. It is a five-year planning horizon. That's important because as part of the governance process, you want a longer-term view of the investment plans. The governance piece makes sure both from the departmental perspective and from an oversight perspective at the centre that we understand what the priorities of the department are, where they are making investments, and whether they are able to afford the investments they are making.

That was a really interesting piece of the report from the Office of the Auditor General.

What we found in some follow-up, because frankly I was a little surprised by that finding, is that larger departments find them more useful than small departments. That makes perfect sense because large departments have bigger investments than small departments. If there's something going forward, maybe we have to look at lightening the requirements on smaller organizations even more, but the large investment-type departments find it more useful than the small.

The second bit is that the process itself is valuable. Making sure you've actually gone through a department-wide process to land on the priorities is a useful process in itself. As the report also mentions, TBS does make extensive use of the information in doing our own work, so it is used.

Yes, indeed.

I think, as I mentioned, a core principle of the foundation framework is ensuring that issue of proportionality, that you tailor not just the reporting requirements but all requirements to the risk and to the factors within departments. We're very much building that into the policy feed reset that we're undertaking that is mentioned in the chapter. All of the Treasury Board policies, that is the some 70 policies that currently exist, are being looked at through that lens. An important component of that is the particular challenges that small departments and agencies might have, particularly around capacity to do some of this reporting. In many cases you have one person wearing eight hats, so you have to adjust things accordingly.

Thank you, Mr. Chair.

It's just to maybe help explain a point about the investment plan.

I think with respect to what we saw, you'll see in paragraph 2.26 the help needs to be given more to the smaller departments and agencies. What we found from our survey was that about half of the organizations found they could use more help in terms of getting more clarity on completeness, and guidance on completing those investment plans. Maybe that's part of the reason why those plans weren't as completed, as well as maybe they find it less useful because they don't fully understand what was asked of them in pulling that information together.

That's right.

Yes.

That's a terribly important question, Mr. Giguère. Nancy might have other things to add to this.

At no time do I want to suggest that any effort at reducing a reporting burden should put at jeopardy the important requirements to mitigate risks, to ensure that we have the appropriate compliance, and to ensure that deputies within departments, the Treasury Board Secretariat, Treasury Board ministers, and indeed, parliamentarians, have the right kind of information they require in order to run their programs efficiently and hold people appropriately to account.

The work of OECD generally, and indeed, the thrust of the work within the secretariat at the moment, is on how you develop reporting requirements in a way that ensures you have an appropriate sense that the right risks are being mitigated and the right kind of excellence is being pursued where it ought to be, without unnecessarily burdening departments and agencies. It's really getting the balance right between ensuring that you're maintaining a proper oversight on departmental performance without unnecessarily burdening anybody in doing their jobs.

If I may, Mr. Chair, it is basically the same for the Public Service Commission. By working with the organizations, we become familiar with their activities. We may be talking about large organizations or small ones, but if the smaller departments are asked to produce the same reports as the large ones, it requires a lot of time and effort on their part since they likely conduct fewer staffing procedures.

However, just because these small departments have less capacity does not mean that they are immune to the risk. As a result the PSC adapts its services and provides additional assistance to small departments that may need more expertise and advice on the policies that are in place. Rather than asking them to work on reports that may take them more time, we are asking them for fewer reports but we are more involved with them in real time to help them meet the requirements set out in the law and in the PSC's policies.

I don't believe I have too much to add.

I think essentially what we're not looking for is to lower the bar. It's trying to make it more efficient so that we continue to provide the same value those reports are supposed to provide, which is to help with monitoring, to help with making sure that compliance with policy is being adhered to, and that the central agency has the information to serve an accountability relationship with Parliament. It's not to lower the bar, but trying to understand what the cost and the effort might be, so then, where it's appropriate, trying to find ways to lower the reporting burden for those organizations because they have other matters to attend to and resources are tight.

Absolutely.

Yes.

The important thing for the PSC is to see that the staffing system is sound, that it is being used properly and that it is consistent with the legislation. It is very important to the PSC to maintain the standards and to be aware of the activities that are taking place in the departments so that it can report to Parliament about them.

Sure. Thank you for the question.

I'll start with the broad similarities and then go into some specific differences.

The actual idea for quarterly financial reports from departments originated in the Senate with a private member's bill by Senator Segal, if I recall correctly. His whole notion was that the government should be like the private sector from an investment perspective. If you hold stocks in the private sector, investments, you look to see the quarterly results of that company. When he looked at the federal scene, what he saw was a federal budget, which is planning information, financial statements at the end of the year, plans for each department to start the year, and results at the end of the year, but nothing in the middle of the year, except a monthly report from the Department of Finance. It was whole of government. When you were looking for information on department by department during the year, you couldn't find anything.

That was the whole premise. The government picked it up in a piece of legislation and put the requirements for quarterly reports right into legislation.

The similarities are that basically you have a financial report and a narrative or discussion and analysis that explain what's going on in that quarter. It explains the current quarter versus the same quarter in the previous year. It also looks at year-to-date numbers, current year versus previous year. Those are the similarities.

The difference is that in the government, Parliament votes on department funds. When we're preparing the quarterly financial statement requirements, we thought it would be more relevant for Parliament to know how departments are spending the funds that Parliament had voted to it, so they're appropriation-based. That's the big difference.

If you go to the private sector, you would see a full set of full accrual financial statements, balance sheets, statements of revenue and expenses, comprehensive income. It's more onerous, to be honest. The other more onerous piece in the private sector is, because there are investments riding on the line, there is a degree of assurance provided from the auditors; whereas in the federal government these quarterly financial statements are made public, they are not looked at by the Auditor General in terms of any types of insurance.

That's the quick answer.

If I were to compare the private sector versus the public sector, we know that the public sector reporting requirements are less onerous, largely because the reports are less, number one, and two, there's also no requirement for assurance.

If I look to our crown corporations, they follow a private sector accounting model. They spend more effort on theirs than the departments do because they're following the private sector model, with the exception of the assurance piece, I believe. The crowns are spending, on average, roughly twice as much time as departments are in preparing their quarterly financials.

I'll think about the whole cycle.

I've mentioned the budget already, which is your starting point. It's a planning document for the whole of government. You have that followed by the estimates, which is what Parliament is being asked to vote on for departments. That gives you the cash resources for each department. We accompany those with each department's report on plans and priorities, which is their annual planning document. Those documents are followed up with actual documents. That's a tenet of our system: a planning document followed by an actual document. The actuals would be the departmental performance reports on a department-by-department basis.

You have the public accounts, which this committee is very familiar with. Then through the year you have something called the “Fiscal Monitor”, which the Department of Finance produces on a monthly basis. That gives the whole-of-government financial results, and a few years ago that was supplemented by these quarterly financial reports that are done on an appropriation basis.

The one other thing I should add, Mr. Chair, is that since the advent of quarterly financial reports, there has been a database that the Treasury Board Secretariat produces. It contains much of the same information as is contained in the quarterlies, but also some other statistics. That's updated every quarter. It's open to the public. You can get spending data, appropriation data, and a number of personnel data. What you don't have is the narrative, but you have all the data there. That has come along since these quarterly financial reports were legislated.

Thank you for the question.

There are a couple of things I should highlight.

Number one, since the investment plan was finalized, the key changes that were made were really to help the small organizations by requiring less documentation. Instead of going to Treasury Board for approval, they could submit their investment plan via a letter to Treasury Board Secretariat pro forma. There are some nuances, depending on the size of the organization. That's one change.

Lots of information sessions and guidance have been given on how to best produce these things. Still a fair comment is whether we have the balance right between large and small. That's something we'll look at as we go through the policy reset that my colleague Roger Scott-Douglas talked about.

We will likely make some additional changes as we reset the policy.

What I will say is that I pulled together a group of chief financial officers about three months ago to talk about the investment planning policy. The first question I put to them was whether they found this useful and did they think that we still needed a policy. The answer was a resounding yes. We had a follow-up conversation and we have the headlines right. We probably have some thinking to do on the details, but grosso modo we think it's working quite well.

Thank you for the question.

Yes, we have reduced the indicators from 29 to 12. What we noticed is that as part of the 29 there were some that were actually overlaps and some that were somewhat duplicative, which made the reporting much more burdensome for departments. The 12 that have been put forward were some of the key ones, and they've been used as is indicated in the report.

What we've now noticed at this point is that we have received very good data and very good reports from departments, which indicates that the staffing system is extremely mature. What we're seeing is that even if we continue to ask on a regular basis for the reporting, the activities demonstrate that the levels are being maintained.

In the context of the monitoring we do and as well in the context of the fact that we receive other forms of information through our different oversight mechanisms, such as audits or investigations, we're able to see that there is stability within the system. Therefore, depending on the size of the department and the number of activities, we can actually take a bit of a step back.

We're even considering at this point whether or not some of the burden can be reduced in certain departments. Small and micro departments may have two or three staffing actions a year, so it's a bit ridiculous to ask them to do really big reporting on 12 indicators.

We're looking at what's happening horizontally in the system to see whether or not we're seeing signals that the system probably needs to be reviewed in certain aspects. Instead of forcing departments to perform on 12 indicators, in the past two years we've been going to six indicators a year to make sure that we have a full cycle, and to see what was happening with the indicators. Actually, this year we've asked departments to report on three.

The reason we chose three is that we knew things were going well in the other areas of activity, and we needed to have further data on what was happening with official languages. Also, we always ask departments, if they've been audited, to report on the audit conditions or whatever observations we've put forward to them. We also ask that they report on the priority system, because we noticed through our different mechanisms that certain activities in the priority systems were not quite up to par in all departments.

More and more, as we're doing an integration of our policies and our oversight tools, we're looking to see this through different signals and also through the accountability that is exercised by the delegation to deputies. They best know their operations. They best know their activities. Therefore, what we're going to be thinking about as we're moving forward is for deputies to ask their systems or their departments to report to them and to share that information with us. The problem with going with a set of indicators is that it may not be pertinent to everybody that year, so deputies are in the best position to know what they need to be accountable for in the context of their staffing system. Sharing that information with the commission will give us the right data that we need to compile through the cycle.

I don't know, Michael, if there's anything I've missed that you want to add.

I don't know how much time they're giving me.

Oh, oh!

Mr. Chair, we counted about 60 such recurring report requirements. There are ad hoc requests as well, so we're not counting ATIP requests or parliamentary requests in terms of information needed from departments and agencies. Working with the Treasury Board Secretariat, because they didn't actually have a complete inventory, we sat down with analysts to try to figure out what was the quantum there. On a recurring basis, there are about 60 of them.

At the outset, we would not have had a complete list to choose them from, nor were we trying to be representative in the selection. We wanted a bit of a combination of different natures. One for transparency, which seems like a good one, is the proactive disclosure of contracts. Larger contracts often should be subjected to public scrutiny, so information like that is put out there and people can see it for transparency purposes. Weighing that with some that would support accountability requirements and some that might be also for internal purposes as well, we wanted to have both the Treasury Board and the Public Service Commission, so that's why the staffing accountability report was chosen.

There wasn't a particular magic formula that we used, but we wanted a combination of different types of audit reports to choose from.

Mr. Chair, that's not within the scope of the audit. We did not look at elements of that kind, so I have no comments to offer to you.

I can only speak to the financial management piece. I keep fairly close contact with my colleagues in other countries. Canada's federal government has more reporting requirements than our counterparts do.

The quarterlies are the ones that step out. Other countries don't have the quarterly financial reports by department. Some provinces do, I think two if I recall correctly, but I'm going from memory. Other federal governments do not have that type of requirement.

We provide more on a departmental level than they do. I'm not aware of any other country that has a database that is as sophisticated as the one we have to query things. You can get transactional data, but to be very blunt, it's not as slick and not as user friendly.

When it comes to staffing systems, the models vary quite a lot across the world. We're unique in the way we function with having a central commission but having it very decentralized by having delegated authorities to deputy heads.

The commission is often visited by a lot of delegations from across the world because they want to know how our system functions. They are generally amazed by the fact that we have so little reporting but so much data that is available and the way we conduct our business.

A lot of the information is also generated internally by the needs of deputy heads, which are not necessarily things the commission asks, but there is a huge accountability aspect surrounding staffing in the federal government.

It's very hard to compare, but basically we are seen as a model and we definitely are being studied by a lot of emerging economies that want to have better usage and better non-partisanship within their public services as well.

Mr. Chair, from our perspective I think it would be an important inventory to have. First and foremost, you get a sense as to what kind of reporting burden you are putting on the various organizations out there. The schedule also helps them to anticipate when things might be coming down and when requirements might need to be fulfilled.

It's all in the spirit of trying to make sure it's an efficient way of getting information from the departments of agencies to help the central agencies do their respective tasks and also support accountability and transparency.

In all that exercise it's important to know what you're dealing with and when you have to deal with them. It would be an important and useful tool to help the reporting organizations.

Mr. Chair, I might add a small point. There is not a single composite inventory of all reporting requirements, the 60 the Auditor General mentions in the report. I should make clear a couple of things.

All Treasury Board policies that have reporting requirements are obviously publicly available, and that's all policies identified specifically in a section on reporting. It isn't as though individually these things aren't known.

We do think it's of great value. The predictability point that Nancy made where people have an understanding about what reports are due, when they are due, and all that kind of thing is, I think, an important way of reducing the burden. We've undertaken to make that inventory publicly available along with the schedule of those reports.

Most definitely. In our management action plan tabled with the committee, we've certainly made it clear that it's our intention to do that. We'll move as quickly as we can, and every hope and expectation is that we'll get it done quickly.

This is just a terribly small point. One of the things that is very important is that if this inventory is going to be really useful, it be done in a way that is readily accessible to the people we're requiring to do it, so we're tagging all the reports and requirements to be available online. People will be able to link back directly to the policy. All of that takes just a little bit of time. It's not just putting a list; it's going to be a very interactive thing when we have it done so that it's truly useful and produces—

Mr. Chair, as Mr. Matthews has pointed out, the purpose is really to try to help parliamentarians understand the end-year use of the funds. If appropriation dates are going to serve that purpose, if they're going to be more meaningful in terms of what the financial performance of a financial entity is, then an appropriation-based accounting would not necessarily be appropriate. So, really, it's for a better understanding as to how Parliament intends to use that information and what the best way is to provide that information.

Mr. Matthews also alluded to a database. Is that a better way to do it? In other words, it would be important to determine the real purpose of the quarterly financial statements, have a better understanding of them, then decide whether the form and the manner prescribed right now under the Treasury Board accounting standards, the TBAS, were the most meaningful way to meet that.

Right now as it stands, status quo doesn't seem to be serving one purpose or another, so it's basically just a form that people try to accomplish, providing some narrative and providing some use of appropriation information on a quarterly basis. The departments don't seem to be making much use of it. It's not clear to us how Parliament's making use of that, and the only thing that we saw was the PBO, and even then we thought that the format wasn't particularly all that helpful to them. So status quo, if it requires work from departments and agencies, and it doesn't seem to be serving a really good purpose, that's what we encourage the Treasury Board to look at to see if we can make improvements on that.

Certainly. I'll take that one, Mr. Chair.

Basically, the reporting instrument in question here is proactive disclosure, as was mentioned, of all contracts. Any contract above $10,000 has what's called a deeming provision, so the contractor is aware by signing the contract that the contract details will be proactively posted on the government's website on a quarterly basis. Obviously, there are certain exceptions to that, and what we're looking for is to make sure that we do not disclose anything that's personal information, like a SIN, or anything commercially sensitive that would basically take away a competitive advantage that an organization has carved out for itself.

The way most departments work in this fashion is—there's no requirement to do this—deputy heads of every organization that we're aware of as accounting officers actually approve the disclosure on a quarterly basis. The current system works quite well; we're not aware of any complaints, but it's obviously something we have to keep an eye on. It was one of the first concerns flagged when we started this practice several years back.

Mr. Scott-Douglas may have some general comments, but what I will say is that there is a policy in place around privacy protection that basically applies across the board.

Treasury Board Secretariat does not actually get involved in the proactive disclosure postings. Those are departmental responsibilities. The key controls around ensuring protection of this information rests with departments and their deputy heads as accounting officers.

Treasury Board Secretariat is not reviewing this information before it gets posted. We put the policy in place, and it's up to departments to put in place processes to respect the privacy of this type of information.

I have nothing to add to that.

Thank you very much for that question.

This was alluded to a little bit earlier as a very important issue generally. I might just point out, looking at the reports that the Auditor General selected to report on, that two of them do already have built into them aspects that touch on the need to scale appropriately for different-sized departments.

Bill mentioned earlier in his remarks that the department investment plan has been fine-tuned to ensure that small departments and agencies have less burden in the preparation of theirs, and as it's noted on the official languages annual review as well, it varies by entity and there are some particular accommodations made there; some report every three years and some every year. That process is already built in.

A lot more can be done, and it's been alluded to already in a couple of other questions about this particular burden.

Through the policy reset, all Treasury Board policies, not just their reporting requirements, but other aspects of risk mitigation that might be included in their requirements, are being put through a sieve, if I can put it that way. One of the things needs to be to ensure that the principle of proportionality is in play, that the requirements and the burden of complying with those requirements is proportionate to the risk, and where there's accommodation that needs to be made for small departments and agencies, that will be part of the challenge function in the renewal of the suite.

Thank you very much for that question.

The issue of reporting burden has been with us for some time, as I mentioned, and we felt it was important to not just have our own opinion; we did consult with departments and agencies. In 2012 we brought together about eight departments and agencies specifically to talk about this issue. There were some large departments and agencies and some small departments and agencies, and we looked at that issue.

That work will be built into our go-forward plan to address this issue. I think it's safe to say that we have some improvements to make in this regard, and we're going to make them.

Most definitely. We accept the recommendation of the Auditor General, and we'll move on that recommendation.

Yes. That's at the very latest. We're going to try to get it up before, but do it in a way that is as rich as possible so that it's as useful as possible.

That's something we feel we should be doing as well, and we will be doing that. I did mention, and indeed it's reported in the Auditor General's report, that all of the reporting requirements are stated in policy, and I think the audit does make clear that there are clear timelines stated as well in policy.

What we haven't done, which we will do and we should do, is to bring that all together into one place. I think one of the key principles of reducing reporting burden is predictability, and to the degree to which people understand what they're expected to do and when they're expected to do it, we're going to help reduce the burden.

The groups that are largely responsible for undertaking the reporting activities within departments fall generally within back-office operations, as we call them. The government cost-containment initiatives tried to ensure that service to Canadians was not affected and that a majority of the cuts were made to government operations. That was the source of that concern, that the capacity to do this reporting was put under more stress as a result.

No, it's a pleasure. We'll do whatever we can to help.

That work is just being launched and is under way.

In 2006 there was a very major review of the suite of Treasury Board policies. At that time we had about 180 Treasury Board policies. The Federal Accountability Act cut that number by at least half. Through that, we've brought about a great deal of clarity in identifying the right accountabilities and responsibilities.

Notwithstanding that important work—

In each policy, there is now a clear architecture against the policy. It identifies what the deputy head of an organization is responsible for in any particular area.

Underneath that we have standards and directives that address requirements that the senior officials, for instance, the chief audit executive, the chief financial officer, and the chief information officer, might have in their particular areas of responsibility. We also have a whole series of guidelines that are put out, and some of those have been alluded to already, for instance, guidelines on an investment plan. We've been working on that.

Thank you very much for that. I'll do my best, though it's not my particular area of responsibility. I hope, in doing so, to explain a little bit of some of the pertinent features of reporting.

Like all of our reports, the requirement derives from the policy that the deputy heads are obligated to keep and maintain the right kinds of systems and to track information on official languages in their departments. The chief information officer at the Treasury Board Secretariat is the responsible agent for that. They're asked to produce a review every three years on that, and in some cases annually, where it's felt to be more important. They try to ensure that—and this is an important lesson generally for reporting—the same kinds of questions are asked in the review and reported on so that they're able to get timeline analysis and trends, and they can see where gaps are changing or not. That's an important feature in bringing about that predictability.

The second important feature is that each year, a draft of those questions is put out to departments so that they know what results they're expected to have and they provide comments on those kinds of things. That ensures that the reporting information is useful to them as well as to the chief information officer. That's another feature.

The final request for questions comes out in May and then they are reported back in. This is the kind of cycle against the official languages review.

Correct.

Yes, indeed. Nancy Cheng did mention ad hoc reporting. That's what we call ad hoc reporting. That does happen. That wasn't the subject of this audit, but that does happen, and it happens in a number of instances where there's an important initiative that the government wants to undertake, for example, and they need to have some information about it, so we ask departments to report on that. We try to do it as little as possible because anything that comes out of the cycle or is not prepared for adds to the reporting burden of departments.

Certainly the last thing we'd want to do is spring anything on anybody. It isn't a predicted thing that we know we're going to do in advance, and there's always the effort to try to work with departments to ensure there's clarity about what it is they're being asked to report on. We always try to use the process in the least burdensome way as possible.

One example I might be able to give you is that we rely on the central systems of reporting, drawing information off that rather than having to go out and ask departments to collect new information. We try to take it off the central systems that are in place already to reduce that burden.

You're right in identifying a very important thing. I think the Auditor General defines it as a “reporting requirement that can be demonstrated to have served its intended purpose without unnecessary effort, burden, or duplication”. The word I'd underline is “unnecessary”. There's always going to be something that has to be done, and the art, if I can put it that way, is to make sure that you reduce, to a degree, and do only what is necessary and not what is unnecessary in driving that forward. That's the principle we're trying to bring into play.

The second important thing against that is it's not just the efficiency of the reporting that's important, but it's also the utility. You want to make sure you have a balance between the lowest cost required for that reporting for the highest value in the information that you get out. It's that relationship between not just cost, but cost and utility that we really want to work with in going forward.

Nancy might want to speak to this as well, but there was nothing in this particular audit that dealt specifically with that issue, I'm afraid. I don't really have anything to report directly on in this context. I would say more generally, though, we do have reports on the workforce of the public service—we do track those kinds of things, generally—but there's nothing specifically on that issue in this audit, I'm afraid.

PSC contractors do not carry out any staffing-related tasks. The departments report on part-time jobs and we take that into account. There are policies in place for that type of position.

Subcontracting does not necessarily fall under the PSC's jurisdiction. As I said, subcontractors are often paid out of a budget that is not related to the salary budget.

Mr. Chair, the member is raising a very important question. Unfortunately, it is not within the scope of the audit, so we're not in a position to comment.

There is nothing specifically in the audit about that, I'm afraid, so I don't have a direct answer to that.

I would say generally, though, that under the government policy on security, and in the departments' security plans we spoke about a little bit earlier in the meeting, one of the things they would be wanting each department to look at is their general risks to ensure that they would be doing whatever is necessary to try to mitigate those risks.

That is a service that the PSC offers and that has been used a number of times. In the past, we have identified problems through audits, sometimes even before an audit is completed. In such cases, we work with groups of experts from the departments to solve these problems.

As I was saying earlier, authority is delegated to the deputy ministers of the departments by the PSC. The PSC also has the power to withdraw or attach conditions to that delegated authority. That has happened only a few times because we have excellent managers. On several occasions, the PSC has taken back the authority in order to help an organization acting on its behalf deal with a situation. That does not happen very often, but the PSC now offers that type of assistance more and more. It is called prevention. We intervene when we can collectively determine that a problem may arise with a process or in the system within a given department.

I have three things I would like to add about the management of finances.

Okay, I'll be really quick.

There are three key things. One, informally, chief financial officers and chief audit executives have a direct line to me and to my organization for any advice. Two, the policy on internal control requires disclosure of internal controls. Three, on the internal audit policy, each department has its proper external audit committee that it can go to for advice and discussion as well.

Well, we always had the informal relationships. The unique feature of the accountability act was that if there is any suspicion or uneasiness in terms of something that's being asked of a chief financial officer, they actually have the right to write to the Secretary of the Treasury Board to let her know about the issue that's on their mind. That's purely from a financial management perspective, and that was brought in under the reforms of the Federal Accountability Act.

Thank you.

It was just to add to the answer given by Nancy. She'd mentioned the quarterly financials as a transparency report. What this means is that report was put in at Parliament's request through legislation for Parliament. Do I use the quarterly financials in my day-to-day job? No, I do not.

I do use the database that has come along. Frankly, it's more robust than the quarterlies. What the audit revealed is that the Auditor General couldn't find people actually using the quarterly financial reports. The question was, is it better served through the database? I believe that Nancy said that.

That's really the only point I wanted to highlight. They're clearly not being used. I don't believe that the audit actually surveyed parliamentarians, but in my time at committee, I don't recall discussing them very often.

We do monitor the number of hits we get on our Web pages. They are looked at, but very quickly. You might get 500 hits on the quarterly financials during a quarter, two minutes at a time type of thing. They do get some attention. The PBO did mention that they use them from time to time, but aren't always able to find the answers that they're looking for.

I just wanted to expand on it. It's clearly a report for transparency purposes. It's for parliamentarians.

Originally, but it was picked up into government legislation, yes.

Indeed, it is a key part of going forward, not only mentioned in our management action plan that we've tabled with the committee but also embedded in the objectives of the policy reset that the President of the Treasury Board has launched the department on.

One point I think that is terribly important, just to play it out—and it is actually mentioned in the audit as well— is that in going forward we make sure that we properly understand the needs of small departments and agencies. There are a number of networks, there are the heads of federal agencies who meet. There is the network of small department and agencies administrators. Rita, as well, has a community that she connects with on security issues in small departments and agencies.

We're going to make sure that we work very carefully with those departments to ensure that we properly understand needs and capacities and that when we are designing requirements, most particularly reporting requirements in this sense, that we appropriately tailor them to those sorts of things.

You're absolutely right to ask that question. We're asking the same question, and we're going to make sure that the plans are done, that deputy heads as they are responsible under policy are having their departmental security plan signed off, and that the benefits of those plans you've quite rightly pointed out are taking effect within departments. I would point out importantly that this was not an audit of security practices, and there's no sense of this being conveyed in anything the Auditor General said, that in any of the departments there's any increased risk, or any concerns on that.

No.

An important point, and one of the benefits of having reports such as chapter 2, is that it helps motivate and focus the minds. We're going to use this to make sure that departments work with us and get this done.