Thanks, Mr. Chair.
Good morning, Mr. Chair.
My name is Simon Kennedy and I am the Deputy Minister of Health Canada.
Thank you for inviting Health Canada today to discuss the 2017 audit of the Office of the Auditor General on the management of fraud risk, and to provide us with time to present our departmental action plan to address the recommendations.
As you all know, Health Canada is responsible for helping Canadians maintain and improve their health. We work to ensure that high-quality health services are accessible, and we work to reduce health risks. As deputy minister of health, I am reassured that the audit of the Office of the Auditor General didn't find any fraud or major weaknesses in our existing control framework. I'd like to just emphasize that we take fraud risk management seriously and we appreciate that the Office of the Auditor General recognized our existing internal controls even as it found areas in which we can improve; we've been working on those.
The Department agrees with the four recommendations to strengthen our existing practices and has begun to implement all of the recommendations.
Maybe I'll speak briefly to what we're doing to address the concerns raised by the Auditor General.
With regard to recommendation 1.30, Health Canada is in the process of conducting a comprehensive fraud risk assessment. The risk assessment will be conducted jointly by our chief audit executive, the chief financial officer, and Deloitte. Deloitte was chosen through a competitive contracting process for its expertise in the area of fraud risk assessment. The draft risk assessment is expected to be completed for March 31 of next year and finalized following our departmental audit committee meeting in June of next year. We intend to use that risk assessment to inform our internal control framework, as well as our risk-based audit plan.
For recommendation 1.39, Health Canada agrees with the need for targeted training in high-risk areas and will continue to deliver its enhanced specialized training for new regulators. This was recommended by the Office of the Auditor General in its 2011 report on regulating pharmaceutical drugs, which is a particular area in which we have to worry about those kinds of issues.
For recommendation 1.54, I'm able to report this action item has been implemented. The assistant deputy minister responsible for conflict of interest management has modified our case management system and created additional fields to allow the department to better track and report information to support the timely resolution of employee declarations of conflict of interest. We've had our chief audit executive look at those changes and verify that the evidence is there to support the fact that we've done this, and that it meets the expectation set out in the Auditor General's report. The evidence and review have been documented in our audit follow-up system, which is managed by our internal audit branch. Our internal auditors are going to follow up on these to make sure they're all implemented.
We are pleased to provide this evidence to the Office of the Auditor General, if requested.
For recommendation 1.71, although Health Canada currently performs risk based data analytics as part of its procurement performance management framework, the department agrees that these measures could be enhanced. We are going to be modifying them between now and the end of March to improve data quality and to better detect potential contract splitting, abuse of amendments, and inappropriate sole-source contracting. That work to modify our data analytics will also benefit from the results of the comprehensive fraud risk assessment I talked about earlier. As an organization, we expect we will have addressed all the responses to the Auditor General's recommendations that were aimed at Health Canada by the end of this fiscal year.
In conclusion, with the existing and new management control practices in place, the department is well-positioned to manage and mitigate the risk of fraud.
Thank you once again for inviting me before the committee today. I am pleased to answer any questions that you may have.
Thank you.