Audit of policy development processes, 2017
Internal Audit Report
October 20, 2017
Glossary
- Alignment:
- consistency in the direction provided by individual policy instruments. For example, local direction should be consistent with national direction.
- Coordination:
- the integration of subject matter across CSC sectors.
- Disposition:
- a comparison between a draft document (or an approved document) with its previous version(s) and stakeholder comments on the previous version(s).
- Intranet:
- CSC’s intranet is commonly known as the "InfoNet" or "The Hub".
- Lead time:
- the amount of time between promulgation of policy and its expected implementation.
- Policy:
- for the purposes of this audit, policy refers to all formal direction issued by CSC.
- Policy instruments:
- documents that contain formal direction issued by CSC; which include, but are not limited to: Commissioner’s Directives, guidelines, regional procedures, standing orders, post orders, manuals, protocols, and handbooks.
- Promulgation:
- issuance of an approved policy instrument.
1.0 Introduction
1.1 Background
The Audit of Policy Development Processes was conducted as part of the Correctional Service Canada (CSC) Internal Audit Sector’s 2016-2019 Risk-Based Audit Plan (RBAP). This audit links to CSC’s corporate priority of "efficient and effective management practices that reflect values-based leadership in a changing environment" and the following corporate risk: "there is a risk that CSC will not be able to implement legislative changes and ensure the financial sustainability of the organization."
The emphasis that CSC places on effective and clear policy is evident through its 2016-2017 Report on Plans and Priorities. The report touches upon several areas within CSC where strong policy development processes are paramount. For example, CSC indicated it would continue to enhance its policy framework to address any systemic barriers to effectively manage Indigenous offenders. In addition, as a key activity, the Health Services Sector identified the development and implementation of policy and programs to ensure patient safety and improve program delivery.
As per CSC’s 2015-18 Corporate Business Plan, National Headquarters (NHQ) is responsible for the overall planning and policy development for CSC. Further to this, the Policy Sector at NHQ assists management in understanding, analyzing and responding to risks at all levels of the organization. The Corporate Business Plan also highlights that CSC will continue to monitor and participate in the development of government initiatives and legislation tabled in Parliament to ensure that the organization is aware of possible legislative changes and is able to develop and implement plans to ensure that policies are updated as required.
CSC issues a range of policy instruments that are designed to articulate rules to guide its activities. The policy instruments that are developed at NHQ, include, but are not limited to, Commissioner’s Directives, guidelines, and policy bulletins. Further, policy instruments such as regional procedures, standing orders and post orders are developed and maintained at the regional and local levels to support, and provide further direction, for implementing national policy instruments.
In June 2013, the Government of Canada launched Blueprint 2020, which is "a vision for a world-class Public Service equipped to serve Canada and Canadians now and into the future."Footnote 1 The Blueprint 2020 vision is guided by four principles that help examine how work is done in the Federal Public Service:Footnote 2
- an open and networked environment that engages citizens and partners for the public good;
- a whole-of-government approach that enhances service delivery and value for money;
- a modern workplace that makes smart use of new technologies to improve networking, access to data and customer service; and
- a capable, confident and high-performing workforce that embraces new ways of working and mobilizes the diversity of talent to serve the country’s evolving needs.
The following five themes were identified to guide the Public Service’s actions:Footnote3
- Innovative Practices and Networking;
- Processes and Empowerment;
- Technology;
- People Management; and
- Fundamentals of Public Service.
Under the "Innovative Practices and Networking" theme, expectations have been placed on departments, where appropriate, to adopt new approaches that will enable employees to generate, shape and move forward on innovative ideas. Further, departments and agencies are adopting new perspectives and ways of working together to respond to policy and service delivery challenges.Footnote4 Innovation has been included in this audit because it is a government priority and was identified in the audit risk assessment as a means to mitigate risk.
1.2 Legislative and Policy Framework
Deputy heads are accountable for good public sector management. Ministers and deputy heads have authority to manage the people, resources and activities of their departments towards the objectives set out in legislative mandates and government policy. In particular, deputy heads manage by exercising authorities assigned to them by a person (for example, a minister), by a body (for example, the Public Service Commission), or by statutory instrument (such as a departmental act, the Financial Administration Act, or the Corrections and Conditional Release Act (CCRA)). Deputy heads are responsible for applying Treasury Board's mandatory policy instruments within their organization, monitoring and auditing their application, taking corrective action in cases of non-compliance, reporting to the Treasury Board Secretariat (TBS) on matters regarding compliance, and providing advice on the development of policies, often in committees and special studies coordinated by TBS.Footnote 5
Section 97 of the CCRA authorizes the Commissioner of CSC to make rules for the management of the Service, and Section 98 specifies that these rules can be designated as Commissioner’s Directives.Footnote 6 The Corrections and Conditional Release Regulations (CCRR) also authorizes the institutional heads to develop standing orders.
1.3 CSC Organization
National Headquarters
Policy Sector
To ensure the coherence of CSC’s policy framework both internally and externally, the Strategic Policy Division (SP) within the Policy Sector manages and facilitates the Service’s participation in horizontal government policy initiatives and in the development of CSC strategies related to these initiatives. SP partners with CSC’s sectors and members of the Public Safety Portfolio, and other government agencies to ensure consistent and cohesive direction. SP also manages the national policy framework and, working in partnership with subject-matter experts, plays a key role in the development of Commissioner’s Directives. SP does this by ensuring coherence and alignment of CSC's policy framework, and by providing expert policy advice. Specifically, SP is to:
- provide support to sectors and the CSC Executive Committee on policy development;
- ensure policies are consistent with legislation and internal policy frameworks;
- ensure policies are understood and appropriately applied; and
- ensure the national policy development process is respected.Footnote 7
Further, SP is to contribute to larger government priorities by ensuring CSC's position is understood and included in horizontal initiatives. In this regard, SP is to:
- manage the development and approval process of CSC's role in interdepartmental memoranda to cabinet and other interdepartmental policy initiatives;
- liaise with Public Safety Canada to ensure consistency with portfolio policies and priorities;
- contribute to material required for Standing Committees of Parliament/Senate and Ministerial and government transitions; and
- contribute to Public Safety-wide priority setting and policy development.Footnote 8
Offices of Primary Interest (NHQ Sectors)
CSC sectors are responsible for developing and revising their respective policy instruments (Commissioner’s Directives, guidelines, etc.) in consultation with SP. Each sector is responsible for providing corporate expertise on its subject matter and provides leadership on policy development and implementation.
Legal Services
Legal Services at NHQ is consulted during the creation and revision of national policy instruments (i.e. Commissioner’s Directives and guidelines) to ensure compliance and alignment with the spirit of applicable legislation and current jurisprudence. Generally, Legal Services is not involved in regional and local policy development processes.
Regional Headquarters (RHQ)
RHQs are responsible for developing regional procedures when further details are needed to ensure application of national policy. The regional deputy commissioners (RDCs) are responsible for ensuring that regional staff is consulted in the development of national policy. The regional assistant deputy commissioners correctional operations and the regional assistant deputy commissioners integrated services coordinate the involvement of both institutional and community staff. Further, when national policy is developed and updated, RDCs are responsible for ensuring that regional policy instruments, affected by the national policy, are updated to ensure they align and are consistent with the national direction.
Local Levels
The institutional heads and district directors have the responsibility to develop and maintain policy instruments (standing orders, post orders, and community protocols) that provide direction to staff to meet the requirements set forth in related legislation (CCRA, CCRR, etc.) or national policy (Commissioner’s Directives and guidelines). Standing orders and protocols are created by the respective site (RHQ, institution, district office, etc.) and approved by the institutional heads and district directors, respectively.
Other Stakeholders
Internal Stakeholders
There are a number of CSC stakeholders whose activities affect and support the development of policy instruments. These include, but are not limited to the:
- Internal Audit Sector;
- Research Branch;
- Incident Investigations Branch;
- Evaluation Division; and
- Learning and Development Branch.
Reports generated by these groups provide insight into the successes and issues associated with policy instruments, generate recommendations for consideration by senior management, as well as information to be considered when creating and revising these instruments.
External Stakeholders
CSC is required to respond to recommendations and reports that are issued by outside organizations which may impact CSC policy. These stakeholders may provide CSC with policy recommendations in its reports. Some of these external stakeholders include:
- Department of Justice Canada - the Department "supports the Attorney General as the chief law officer of the Crown, both in terms of the ongoing operations of government and of the development of new policies, programs and services for Canadians. The Department provides legal advice to the Government and federal government departments and agencies, represents the Crown in civil litigation and before administrative tribunals, drafts legislation and responds to the legal needs of federal departments and agencies."Footnote 9
- Office of the Auditor General of Canada (OAG) - the OAG "serves Parliament by providing it with objective, fact-based information and expert advice on government programs and activities, gathered through audits. Parliamentarians use OAG reports to oversee government activities and hold the federal government to account for its handling of public funds."Footnote 10 OAG reports may include recommendations related to CSC’s policy framework.
- Office of the Correctional Investigator (OCI) - the OCI produces The Annual Report of the Correctional Investigator, which makes recommendations that may trigger a need for a policy amendment or the need for a new policy, as well as ad-hoc investigations and thematic reports.
- Coroners’ Inquests and Fatality Inquiries - every time there is a death in custody, the province's coroner is to be notified. It is the responsibility of each province to conduct a death investigation as per their own rules and territorial/provincial legislations. An inquest reviews a death and makes recommendations where necessary.Footnote 11
1.4 Risk Assessment
The Audit of Policy Development Processes was identified as an audit priority in the 2016-2019 CSC RBAP. An engagement-level risk assessment was completed by the audit team using the results of interviews, questionnaires, research, and knowledge obtained through previous audits to assist in determining areas that the audit should cover. Policy documents, audits completed by other jurisdictions and other available information related to policy development were also considered.
Overall, the assessment identified key risks associated with the management framework that is in place to support CSC policy development and the effectiveness of policy development processes. These risks have been incorporated into this audit. Innovation has been included in this audit because it was identified in the audit risk assessment as a means to mitigate risk.
2.0 Objectives and Scope
2.1 Audit Objectives
The objectives of this audit were to:
- assess the extent to which a management framework is in place to support the effective management of policy development;
- assess the extent to which policy development processes support the achievement of CSC’s objectives, including the management of its risks; and
- assess the innovation maturity of CSC’s policy-related management framework and development processes.
Specific criteria have been established to assess these objectives and are included in Annex A.
2.2 Audit Scope
The audit was national in scope and included policy development processes for policy instruments in place at the national, regional, and local levels.
The audit did not include an assessment of the development processes for internal services (human resources, finance, communications, etc.) policy instruments. In many cases, these policy instruments provide direction on the implementation of Treasury Board policy, which ultimately limits the control (and associated risk) that CSC has over their development. For the file review, the audit assessed a selection of policy instruments that were created and/or revised between April 2015 and September 2016.
4.0 Conclusion
For the first objective, we found that a management framework is in place to support the effective management of policy development. The audit noted a few areas that require consideration by management in order to help ensure that the management framework fully supports CSC’s policy development processes.
With respect to the second objective, we found that policy development processes support the achievement of CSC’s objectives, including the management of its risks. Still, the audit noted a few areas that require consideration by management in order to help ensure that risks are better managed.
For the third objective, we found that CSC is a mature organization with respect to its policy-related management framework and development processes, and seeks opportunities to become more innovative. CSC is encouraged to develop measures to track the extent to which innovation supports policy development, and further enhance its use of technology.
Recommendations have been issued in the report based on areas where improvements are required.
6.0 About the Audit
6.1 Approach and Methodology
Audit evidence was gathered through a number of methods:
- Interviews
- In total, 107 interviews were completed during the conduct phase of this audit. Interviews were conducted with senior management and key staff at NHQ, RHQ, and the local levels. Interviews took place in person, by teleconference, and by videoconference.
- Review of Documentation
- Documentation that was reviewed included: legislation; CSC policy instruments; corporate documents such as process maps, policy development guides, tools, work descriptions, and policy development analysis; and electronic communications such as e-mails and intranet sites.
- Analytical Review
- Analytical review was completed in relation to the criteria on issue identification and analysis; consultation; coordination and alignment; review and approval; communication; and the objective on innovation.
- Sampling
- The policy instruments that were selected for testing were chosen to ensure adequate coverage of:
- corporate priorities;
- areas of risk identified through CSC’s Corporate Risk Profile; and
- areas of risk identified through the audit risk assessment.
The population was stratified by CSC sector, and then by date of creation or amendment. Random samples were chosen from the population. The sample of national policy instruments that we tested were as follows:
- Commissioner’s Directive 760 Social Programs and Leisure Activities (2016-05-02), Correctional Operations and Programs Sector;
- Commissioner’s Directive 768 Institutional Mother-Child Program (2016-04-18), Women Offender Sector;
- Commissioner’s Directive 800 Health Services (2015-04-27), Health Services Sector; and
- Commissioner’s Directive 566-14 Perimeter Security (2015-06-08), Correctional Operations and Programs Sector.
6.2 Past Internal Audit Work Related to Policy Development Processes
Audit assurance and consulting engagements typically examine the policy framework for the particular program or activity being assessed to ensure that it is compliant with external requirements (legislation, central agency policies, etc.) and to ensure that policy instruments are aligned. Specific engagements that were used in planning the work for this audit include:
Review of the Framework Governing the Management of CSC’s Responses to Internal and External Reports
The review found that:
- CSC did not have an integrated central repository or single body responsible for ensuring consistency, timeliness, and quality of all responses to recommendations from all reviews or any other reports;
- CSC’s employees operate within a framework of policy, legislation and public service values, and in so doing, are subject to scrutiny by other entities (Office of the Correctional Investigator, National Joint Boards of Investigation, Coroner’s Inquests/Medical Examiner’s Investigations, Parole Board of Canada, the Office of the Auditor General, and the Office of the Commissioner of Official Languages);
- CSC has requirements to respond to legislative and policy-generated recommendations that sometimes require the policies to be changed; and
- there was no systematic mechanism in place that ensured the consistency and congruence of all CSC’s responses across the various frameworks to manage internal and external reports.
Status Report on Administrative Segregation
This review found that:
- despite the fact that the consultation process occurred over several months, staff indicated that the roll-out of the changes was too fast, and did not provide enough time to have fulsome discussions to ensure everyone understood the requirements;
- given that electronic distribution of the revised Commissioner’s Directive and guideline was the primary medium of communication, staff felt that it was unrealistic to read these documents in their entirety with such short notice; and
- staff questioned the practicality of some of the changes. For example, some staff indicated that the revised framework is too restrictive with respect to segregation placements, and others indicated that they are risk averse when it comes to release.
6.3 Statement of Conformance
In my professional judgment as Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria that were agreed on with management. The opinion is applicable only to the first two objectives as work performed for the third objective (innovation) is categorized as review level assurance, and is not commensurate with the high level of assurance provided through the first two objectives of this engagement.
The audit conforms to the Internal Auditing Standards for Government of Canada, as supported by the results of the quality assurance and improvement program. The evidence gathered was sufficient to provide senior management with proof of the opinion derived from the internal audit, with the exception of the evidence gathered to support the third objective (innovation).
Annex B: Site Selection
Three of CSC’s five regions were selected by the audit team due to the breadth of the subject matter and the impact this breadth had on the audit team’s ability to deliver results in a timely manner. Although on-site visits were not completed, interviews and document review were conducted for these sites. Sites were selected to ensure coverage of the following:
- Indigenous offenders (including pathway healing initiative);
- Women offenders;
- Remote institutions and healing lodges;
- Mental health and physical health services; and
- Community corrections.
Region | Sites |
---|---|
Quebec |
|
Ontario |
|
Prairie |
|
National Headquarters |
|
Annex D: OVO’s Innovation Maturity Model
OVO Innovation (2010)
Innovation maturity progression:
- Involves consistent, focused effort by engaged executives
- Over a period of several years
- Focused on near team results (ideas becoming products) and longer term cultural change
- Investment in people and methodologies
- Expectation of a formal approach – distinct process, established metrics
Novice | Apprentice | Journeyman | Master | |
---|---|---|---|---|
Strategy |
|
|
|
|
People |
|
|
|
|
Methods |
|
|
|
|
Funding |
|
|
|
|
Measures |
|
|
|
|
Communication |
|
|
|
|
Breadth |
|
|
|
|
Rewards |
|
|
|
|
Outcomes |
|
|
|
|
Page details
- Date modified: