I enjoyed that line of questioning. It was very good. Thank you.
I want to start by throwing something positive out just so it's not all bad, even though it seems to be mostly that way. We'll go through the action plan in detail. I was particularly pleased with Mr. Arya's, analysis of one of the commitments, which wasn't nearly as strong as he and I believe it should be.
The action plan, which unfortunately the public doesn't have before it, states the recommendation, the response from the department, the nature of the plan, the responsible office, and then the target dates. I must say that I was pleased to see that quite a bit of this work was done. None of these deadlines, at least at first blush, seems way off in the future—you don't get the sense that somebody is running you around the block here. Most of them are in September of this year, and a good number are for March of next year. I was trying to find something positive and that's what I could come up with. If that's as good as it gets, take it.
Now, back to the part where this is the public court of accountability. I am not going to let go on trying to find out how some of this stuff happened. It's dealing with information, maybe not data per se, but certainly information.
The Auditor General pointed out:
the Department...changed some of the risk indicators for residency fraud without conducting any analysis to determine whether these changes would compromise program integrity, or whether the applications that presented a higher fraud risk would still be targeted.
The OAG contends that because of these changes “significantly fewer applications were flagged as higher risk and given more in-depth assessment” .
So from a practical point of view, you made changes to the process about potential fraud and risk, but you didn't do any analysis to determine whether or not those changes would actually do any good. Help me understand how we can get to that point in a department where you make changes based on risk. Risk doesn't always turn on the big questions. Sometimes little details are just as important to keeping Canadians safe as multi-billion-dollar arms packages. I'd like to know how it is that you make changes to risk assessments with no evaluation. How can that be?