Public Accounts Committee on May 27th, 2021

Madam Chair, thank you for this opportunity to present the results of our audit report on procuring complex IT solutions.

Joining me are Carol McCalla, the principal responsible for the audit, and Joanna Murphy, the director responsible for the audit.

Procurement is often a key component of major IT initiatives. It is inherently complex because of the frequent changes in technology and business needs, the ambitious timelines, and the need for technical expertise. The government must engage with end users and suppliers to determine their needs while also being fair and transparent. The government currently has about 21 large IT procurements underway, valued at over $6.6 billion.

Our audit examined the procurement practices for three complex IT initiatives involving the Treasury Board of Canada Secretariat, Public Services and Procurement Canada, Employment and Social Development Canada, and Shared Services Canada. We looked at whether they were on track to support the achievement of business outcomes and whether they upheld fairness, openness and transparency in those procurement processes.

Overall, we found that the organizations made progress toward adopting agile procurement practices for large IT systems. For example, they applied new approaches, such as testing prototypes before committing to long-term contracts. They also engaged with end users and private sector suppliers early and often to define business needs. By engaging more closely with those who will ultimately use the system, the procurement teams can better understand whether a proposed system will be effective before awarding any contracts.

However, to pave the way for further improvements, the organizations will need to build on this progress. They will need to better train procurement officers, especially on how to apply new, agile procurement practices. We found that the guidance and training on these approaches was limited or non-existent. We noted that other jurisdictions, such as the United States or the United Kingdom, provided their employees with more comprehensive guidance when rolling out their new agile approaches in procurement.

In 2018, we examined the implementation of the Phoenix pay system. Following its hearing on the matter, this committee recommended that all IT transformation projects should have independent, external oversight and that senior management should consider the interests of key stakeholders.

In the current audit, we found that the governance mechanisms for the three complex IT procurements could be strengthened. At the end of our audit, we saw that the Treasury Board of Canada Secretariat set up a new governance committee to support the departmental deputy heads who are responsible for modernizing core services. This continued engagement and oversight of senior representatives will be essential for these initiatives.

As the government increases its collaboration with suppliers when applying agile practices, it will need more robust tools to promote fairness and transparency. We found that Public Services and Procurement Canada and Shared Services Canada made limited use of data analytics to identify potential procurement integrity issues.

Finally, we found that it was not always clear how potential fairness issues were resolved. There was also a missed opportunity to better use the fairness monitoring program to uphold openness and transparency within procurements.

We made five recommendations and the organizations have agreed with all of them.

Madam Chair, this concludes my opening remarks. We would be pleased to answer any questions the committee may have.

Thank you.

Thank you, Madam Chair.

Thank you for the invitation to appear before the committee today.

Employment and Social Development Canada welcomes the report and accepts the recommendation pertaining to the benefits delivery modernization program.

At the time of the audit, the benefits delivery modernization program was still in its program development phase and the governance structure had not yet been finalized. While a governance structure had been in place throughout the project, it was finalized in February to take into consideration the creation of the deputy ministers core services committee.

This addresses the Auditor General's recommendation for ESDC.

Again, thank you for the opportunity to appear before you today.

Thank you, Madam Chair.

I am pleased to be here with colleagues to discuss the ways in which Public Services and Procurement Canada is responding to the Auditor General of Canada's audits of the “Procurement of Complex Information Technology Solutions”, tabled this past winter.

As the Government of Canada's purchaser of goods and services, PSPC is committed to ensuring that our procurement processes achieve the desired results while being fair, open and transparent. We are also modernizing our procurement practices so that they're more efficient and effective, both for our clients and for those we do business with.

This approach is particularly important when it comes to complex IT solutions such as those cited in this report, namely, the Next Generation pay system, the modernization of benefits delivery and the government's telecommunications network. It should be noted that the Auditor General made three recommendations in the report that relate to our work at PSPC. We accept all three recommendations and we are following through on them.

I should offer a brief explanation of what agile procurement is and how it relates to our complex IT projects in government. Unlike traditional procurement processes, which are linear and result in the awarding of one large contract, the agile procurement process is iterative, meaning that there are opportunities to make course corrections in the various phases of the process. This can potentially result in working with multiple vendors on one project.

Agile procurement involves establishing close collaborations between procurement experts, private sector suppliers, end-users and clients and maintaining this collaboration throughout the project. This is especially important in complex projects when it is not clear at the outset what kind of solution will address business needs.

The first of the Auditor General's recommendations is for our department to work with Treasury Board of Canada Secretariat and Shared Services Canada to develop more comprehensive guidance and training for employees on agile procurement for complex IT projects. To respond to this recommendation, PSPC has established an innovation and agile procurement centre to support contracting officers and their clients in delivering agile procurement processes. Furthermore, we have established a working group to lead efforts on creating training and guidance documents. This has led to the publishing of a playbook that explains agile procurement principles and collaborative methods of procurement, as well as when and how to use them.

As to the third recommendation of the Auditor General on data analytics, PSPC has committed to finalizing a formal plan to operationalize the existing data analytics and data mining function by the end of December 2021. We will need to consult with stakeholders to develop and implement guidelines for addressing anomalies detected through data analytics by the end of this fiscal year. This will help us to strengthen procurement integrity within PSPC by identifying—and therefore preventing—potential issues.

To help fulfill the fifth recommendation from the Auditor General on improving our information management practices, PSPC has held virtual events on procurement information management for procurement officers. We are also continuing to update our existing guidance on information management.

In the longer term, as we move to our electronic procurement solution, we have been updating the supply manual to provide guidance on how to maintain electronic files for contracts. This content will be part of mandatory training for procurement officers. We are developing a strategy on information management for long-term, complex projects and procurements to ensure that the records we keep can demonstrate the fairness of our procurement process.

Fulfilling these recommendations will be made easier as we transition to our new electronic procurement solution called CanadaBuys. CanadaBuys. This paperless, cloud-based system allows registered businesses to bid more easily on opportunities and to manage contracts and orders for goods and services from the Government of Canada. This transition to CanadaBuys has been iterative and gradual so that we can make adjustments as needed. This project has started, it's on scope and within budget and should be fully implemented by the fall of 2022.

To conclude, Madam Chair, the Auditor General found that we have made good progress towards adopting agile procurement for large IT system. By focusing on areas where we can make improvements, PSPC will be better positioned to increase the use of agile procurement and project management to advance complex and transformational IT projects.

Thank you. I look forward to your questions.

Thank you, Madam Chair.

We are pleased to be here with our colleagues from PSPC, SSC and ESDC to discuss the 2021 report of the Auditor General on complex IT procurement.

After my opening statements, my colleagues and I will be available to answer the committee's questions.

I will begin by explaining how the Treasury Board Secretariat supports agile IT procurement while providing oversight to major IT projects as part of the government's overall efforts towards more digitally enabled government programs and services.

The Office of the Comptroller General is responsible for providing functional direction and assurance government wide for financial management, the management of our acquired services and assets, and of internal audits. Specifically, as it relates to acquired services and assets, the OCG sets out the policies and directives for investment planning, projects and procurement.

The Office of the Chief Information Officer and the Canadian Digital Service support departments as they transition to a more digital government.

Through the office of the chief information officer, the TBS also participates in IT governance committees to provide guidance and oversight throughout the development of an IT project. The office of the chief human resources officer oversees policies and regulations aimed at driving excellence in people management across Canada's core public administration.

Agile or outcomes-based procurement is one of many kinds of procurement strategies that departments can use as long as they are fair, open, and transparent and provide the best value. Indeed, the current procurement policy allows for departments to procure in an agile way.

In her report, the Auditor General recognizes the government's progress on adopting agile procurement practices. However, we realize that there is always room for improvement, which the AG pointed out in her recommendations.

Recommendation 1.47 states that the Treasury Board, PSPC and SSC “should develop more comprehensive guidance and training for employees”. Recommendation 1.53 states that TBS, ESDC and SSC “should ensure that governance mechanisms are in place...for each of the complex IT procurements” that she audited.

TBS agrees with these recommendations, Madam Chair, and we are following up with concrete steps. I am pleased to announce that just a few weeks ago, consistent with our proposed actions under the management action plan, Treasury Board has approved a new directive on the management of procurement. This reset modernizes and streamlines policy requirements and includes new requirements to better enable outcomes-based, agile procurement approaches, and importantly, this work is not being done alone.

We have been working and will continue to work collaboratively with departments to build supporting guidance for the new directive as departments transition to it over the coming year. In addition, we are working with SSC and PSPC to make sure that procurement professionals are aware of agile procurement and how to apply collaborative methods.

Lastly, we will work with key partners across federal departments to review our existing procurement competencies to determine whether they specifically support agile procurement and whether they can be applied collaboratively.

As with any modern organization, the Government of Canada requires secure, reliable and effective IT solutions to deliver on its mandate. The recommendations put forward by the Auditor General and the actions we are taking in response will help us improve.

I am looking forward to your questions.

Thank you.

Thank you, Madam Chair.

Thank you for giving us an opportunity to discuss Shared Services Canada's progress on the Auditor General's report.

We would be pleased to answer any questions the committee may have on the report.

With me today is Stéphane Cousineau, senior assistant deputy minister of corporate services.

I would like to begin by thanking the Auditor General for the report and state, as she did, that we fully support its recommendations, which will help make the Government of Canada procurement activities even more effective, open and transparent.

The report acknowledged the progress that Shared Services and its partners have made toward adopting agile procurement practices for large IT systems, and we appreciate that we were acknowledged for our application of new procurement approaches and for our engagement with end-users and private sector suppliers.

We acknowledge that further work is needed, and to further make those advancements, the report expressed the need to build on these experiences in three key areas: first, by ensuring that governance and partner engagement mechanisms are in place; second, by updating the guidance and training for procurement officers, especially on new agile procurement methods; and third, by leveraging data analytics and information management to better monitor the integrity in our procurements.

Shared Services Canada is working closely with the Treasury Board Secretariat and with Public Services and Procurement Canada on transformational IT procurements. We are ensuring that our employees have a more comprehensive understanding of agile and collaborative procurement methods through refinements to guidance, training and ongoing support.

This includes the launch of a specialized training program to equip procurement officers with the skills, competencies and experience they need to manage complex IT procurements.

SSC is pleased to report that the processes are already in place with respect to the enhanced governance mechanisms. The department has had a procurement governance framework since July 2019 that facilitates procurement oversight and control as well as risk management and decision-making approaches to support transparency and accountability. The mechanisms help us engage stakeholders, articulate roles and responsibilities and match decision-making with firm commitments.

On data analytics, SSC is augmenting its capabilities through the development of an analytics strategy and road map. Our dedicated data and analytics team, which we've just established, will input procurement data into the department’s repository this fiscal year. We will then obviously mine that data to see opportunities. We'll use this as a pilot. We'll be looking at artificial intelligence and machine learning to identify potential integrity issues and move more quickly.

Since the time of the audit, the department has implemented a number of information management tools and procedures to ensure fairness and to demonstrate that procurements are indeed fair. The department has developed guidelines on procurement file organization and makeup and on procurement file documentation lists and compliance and quality assurance programs, which contribute to sound information management practices, consistency in all of our files and completeness in all of the files.

With respect to the next-generation human resources and pay initiative, SSC continues to work with the office of the chief human resources officer at Treasury Board Secretariat, as well as with senior officials and users in other departments and agencies, to refine the business needs and anticipate change management requirements.

The exploratory phase announced last fall has been completed. This phase established the technical capability of the government to adopt softwares in service as a solution and undertook a gap analysis of the proposed solution against existing business requirements.

The next phase will be to design and experiment. We will configure and test the proposed solution using real employee data. Further tests with more complex pay groups will also be undertaken.

As the initiative moves through more substantive phases, decision makers will be engaged thoroughly. Our new integrated enterprise governance structure prioritizes key accountability, program assurance and challenge functions and extensive stakeholder consultation and engagement, as well as regular updates and advice sought from our external expert advisory committee.

All the work is being informed by lessons learned from Phoenix and other large-scale enterprise transformation activities. Decisions on the way forward will be driven by user insights obtained during this initiative.

Thank you. We would be happy to answer any of your questions.

That part of the report is recognizing the importance of departments collecting data and using that business intelligence in a good way to identify potential procurement issues that might arise. That use of data analytics, which was highlighted following the previous audits we've done, is what we're drawing attention to, namely, that you can look for certain flags if you track parts of the procurement process in order to highlight areas where entities should go to look a little bit further. It's not that we saw this in the procurements that we looked at. While we did identify opportunities to improve fairness generally, and fairness within the three projects we looked at, it is not a case of our finding wrongdoing, but of our highlighting this as a way for entities to focus in on that.

I believe that Mr. Glover just alluded to how Shared Services would plan on doing that, going forward.

There are two things here. You have a lead organization that is a business owner, which is responsible and ultimately the one that describes the business needs of the project, but you usually have a lead procurement department, whether it's Public Service and Procurement Canada or Shared Services, that leads the procurement. Together they collaborate on ensuring that a significant IT project is put forward.

There should be checks and balances and monitoring there, done by the procurement department, as well as the lead department.

I think this is one of the areas, when we talk about the fairness monitor, that could be used. A fairness monitor is an independent group that comes in and looks at how decisions were made, or how the procurement was rolling itself out. There are ways that entities can self-check in an independent fashion.

Again, governance would be controlled.

You can if you require—

You can if you require the fairness monitor on all significant projects. The fairness monitor is done by an independent party. You can use that mechanism to demonstrate the fairness and openness of the process that was run.

That's why we made those recommendations, namely, that they had a missed opportunity with their fairness monitoring program, but that they also need to develop tools like data analytics, going forward. We did not see those kinds of things in Shared Services during our audit and it is something we recommended. It's exactly why we highlighted that there are improvements that could happen to the processes.

While we were very encouraged that the government has taken steps towards trying a new way of working—looking at agile procurement in order to modernize and improve procurement of complex IT—now it's time to take another step and build on that and to incorporate fairness and integrity issues monitoring into those process, because agile requires a lot of collaboration with third party vendors. When that happens you want to make sure that you have good fairness processes in place, and we just didn't see that being well-documented or demonstrated during the audit work we looked at.

One of our significant findings from the Phoenix work that we did back in 2018 was the lack of involvement with end-users and keeping in sight, as the project moved forward, the actual business needs and how the IT solution would be used in the day to day.

In the procurements we looked at in the Next Generation one, we saw a lot of engagement with end-users. If we compare that then with the workplace communications services project, DND was only engaged at the end. As a result, the procurement that occurred there did not meet all of the needs of the department. Now additional costs and other contracts are going to be needed in order to give them all the functionality that the department wanted.

It isn't about focusing in on timelines, but about focusing in on business outcomes. That's where agile procurement plays a really big role in complex IT. It is keeping the outcomes and the business needs in mind throughout the entire process.