Audit of policy development processes, 2017

Internal Audit Report

October 20, 2017

Glossary

Alignment:
consistency in the direction provided by individual policy instruments. For example, local direction should be consistent with national direction.
Coordination:
the integration of subject matter across CSC sectors.
Disposition:
a comparison between a draft document (or an approved document) with its previous version(s) and stakeholder comments on the previous version(s).
Intranet:
CSC’s intranet is commonly known as the "InfoNet" or "The Hub".
Lead time:
the amount of time between promulgation of policy and its expected implementation.
Policy:
for the purposes of this audit, policy refers to all formal direction issued by CSC.
Policy instruments:
documents that contain formal direction issued by CSC; which include, but are not limited to: Commissioner’s Directives, guidelines, regional procedures, standing orders, post orders, manuals, protocols, and handbooks.
Promulgation:
issuance of an approved policy instrument.

1.0 Introduction

1.1 Background

The Audit of Policy Development Processes was conducted as part of the Correctional Service Canada (CSC) Internal Audit Sector’s 2016-2019 Risk-Based Audit Plan (RBAP). This audit links to CSC’s corporate priority of "efficient and effective management practices that reflect values-based leadership in a changing environment" and the following corporate risk: "there is a risk that CSC will not be able to implement legislative changes and ensure the financial sustainability of the organization."

The emphasis that CSC places on effective and clear policy is evident through its 2016-2017 Report on Plans and Priorities. The report touches upon several areas within CSC where strong policy development processes are paramount. For example, CSC indicated it would continue to enhance its policy framework to address any systemic barriers to effectively manage Indigenous offenders. In addition, as a key activity, the Health Services Sector identified the development and implementation of policy and programs to ensure patient safety and improve program delivery.

As per CSC’s 2015-18 Corporate Business Plan, National Headquarters (NHQ) is responsible for the overall planning and policy development for CSC. Further to this, the Policy Sector at NHQ assists management in understanding, analyzing and responding to risks at all levels of the organization. The Corporate Business Plan also highlights that CSC will continue to monitor and participate in the development of government initiatives and legislation tabled in Parliament to ensure that the organization is aware of possible legislative changes and is able to develop and implement plans to ensure that policies are updated as required.

CSC issues a range of policy instruments that are designed to articulate rules to guide its activities. The policy instruments that are developed at NHQ, include, but are not limited to, Commissioner’s Directives, guidelines, and policy bulletins. Further, policy instruments such as regional procedures, standing orders and post orders are developed and maintained at the regional and local levels to support, and provide further direction, for implementing national policy instruments.

In June 2013, the Government of Canada launched Blueprint 2020, which is "a vision for a world-class Public Service equipped to serve Canada and Canadians now and into the future."Footnote 1 The Blueprint 2020 vision is guided by four principles that help examine how work is done in the Federal Public Service:Footnote 2

The following five themes were identified to guide the Public Service’s actions:Footnote3

Under the "Innovative Practices and Networking" theme, expectations have been placed on departments, where appropriate, to adopt new approaches that will enable employees to generate, shape and move forward on innovative ideas. Further, departments and agencies are adopting new perspectives and ways of working together to respond to policy and service delivery challenges.Footnote4 Innovation has been included in this audit because it is a government priority and was identified in the audit risk assessment as a means to mitigate risk.

1.2 Legislative and Policy Framework

Deputy heads are accountable for good public sector management. Ministers and deputy heads have authority to manage the people, resources and activities of their departments towards the objectives set out in legislative mandates and government policy. In particular, deputy heads manage by exercising authorities assigned to them by a person (for example, a minister), by a body (for example, the Public Service Commission), or by statutory instrument (such as a departmental act, the Financial Administration Act, or the Corrections and Conditional Release Act (CCRA)). Deputy heads are responsible for applying Treasury Board's mandatory policy instruments within their organization, monitoring and auditing their application, taking corrective action in cases of non-compliance, reporting to the Treasury Board Secretariat (TBS) on matters regarding compliance, and providing advice on the development of policies, often in committees and special studies coordinated by TBS.Footnote 5

Section 97 of the CCRA authorizes the Commissioner of CSC to make rules for the management of the Service, and Section 98 specifies that these rules can be designated as Commissioner’s Directives.Footnote 6 The Corrections and Conditional Release Regulations (CCRR) also authorizes the institutional heads to develop standing orders.

1.3 CSC Organization

National Headquarters

Policy Sector

To ensure the coherence of CSC’s policy framework both internally and externally, the Strategic Policy Division (SP) within the Policy Sector manages and facilitates the Service’s participation in horizontal government policy initiatives and in the development of CSC strategies related to these initiatives. SP partners with CSC’s sectors and members of the Public Safety Portfolio, and other government agencies to ensure consistent and cohesive direction. SP also manages the national policy framework and, working in partnership with subject-matter experts, plays a key role in the development of Commissioner’s Directives. SP does this by ensuring coherence and alignment of CSC's policy framework, and by providing expert policy advice. Specifically, SP is to:

Further, SP is to contribute to larger government priorities by ensuring CSC's position is understood and included in horizontal initiatives. In this regard, SP is to:

Offices of Primary Interest (NHQ Sectors)

CSC sectors are responsible for developing and revising their respective policy instruments (Commissioner’s Directives, guidelines, etc.) in consultation with SP. Each sector is responsible for providing corporate expertise on its subject matter and provides leadership on policy development and implementation.

Legal Services

Legal Services at NHQ is consulted during the creation and revision of national policy instruments (i.e. Commissioner’s Directives and guidelines) to ensure compliance and alignment with the spirit of applicable legislation and current jurisprudence. Generally, Legal Services is not involved in regional and local policy development processes.

Regional Headquarters (RHQ)

RHQs are responsible for developing regional procedures when further details are needed to ensure application of national policy. The regional deputy commissioners (RDCs) are responsible for ensuring that regional staff is consulted in the development of national policy. The regional assistant deputy commissioners correctional operations and the regional assistant deputy commissioners integrated services coordinate the involvement of both institutional and community staff. Further, when national policy is developed and updated, RDCs are responsible for ensuring that regional policy instruments, affected by the national policy, are updated to ensure they align and are consistent with the national direction.

Local Levels

The institutional heads and district directors have the responsibility to develop and maintain policy instruments (standing orders, post orders, and community protocols) that provide direction to staff to meet the requirements set forth in related legislation (CCRA, CCRR, etc.) or national policy (Commissioner’s Directives and guidelines). Standing orders and protocols are created by the respective site (RHQ, institution, district office, etc.) and approved by the institutional heads and district directors, respectively.

Other Stakeholders

Internal Stakeholders

There are a number of CSC stakeholders whose activities affect and support the development of policy instruments. These include, but are not limited to the:

Reports generated by these groups provide insight into the successes and issues associated with policy instruments, generate recommendations for consideration by senior management, as well as information to be considered when creating and revising these instruments.

External Stakeholders

CSC is required to respond to recommendations and reports that are issued by outside organizations which may impact CSC policy. These stakeholders may provide CSC with policy recommendations in its reports. Some of these external stakeholders include:

1.4 Risk Assessment

The Audit of Policy Development Processes was identified as an audit priority in the 2016-2019 CSC RBAP. An engagement-level risk assessment was completed by the audit team using the results of interviews, questionnaires, research, and knowledge obtained through previous audits to assist in determining areas that the audit should cover. Policy documents, audits completed by other jurisdictions and other available information related to policy development were also considered.

Overall, the assessment identified key risks associated with the management framework that is in place to support CSC policy development and the effectiveness of policy development processes. These risks have been incorporated into this audit. Innovation has been included in this audit because it was identified in the audit risk assessment as a means to mitigate risk.

2.0 Objectives and Scope

2.1 Audit Objectives

The objectives of this audit were to:

Specific criteria have been established to assess these objectives and are included in Annex A.

2.2 Audit Scope

The audit was national in scope and included policy development processes for policy instruments in place at the national, regional, and local levels.

The audit did not include an assessment of the development processes for internal services (human resources, finance, communications, etc.) policy instruments. In many cases, these policy instruments provide direction on the implementation of Treasury Board policy, which ultimately limits the control (and associated risk) that CSC has over their development. For the file review, the audit assessed a selection of policy instruments that were created and/or revised between April 2015 and September 2016.

4.0 Conclusion

For the first objective, we found that a management framework is in place to support the effective management of policy development. The audit noted a few areas that require consideration by management in order to help ensure that the management framework fully supports CSC’s policy development processes.

With respect to the second objective, we found that policy development processes support the achievement of CSC’s objectives, including the management of its risks. Still, the audit noted a few areas that require consideration by management in order to help ensure that risks are better managed.

For the third objective, we found that CSC is a mature organization with respect to its policy-related management framework and development processes, and seeks opportunities to become more innovative. CSC is encouraged to develop measures to track the extent to which innovation supports policy development, and further enhance its use of technology.

Recommendations have been issued in the report based on areas where improvements are required.

6.0 About the Audit

6.1 Approach and Methodology

Audit evidence was gathered through a number of methods:

Interviews
In total, 107 interviews were completed during the conduct phase of this audit. Interviews were conducted with senior management and key staff at NHQ, RHQ, and the local levels. Interviews took place in person, by teleconference, and by videoconference.
Review of Documentation
Documentation that was reviewed included: legislation; CSC policy instruments; corporate documents such as process maps, policy development guides, tools, work descriptions, and policy development analysis; and electronic communications such as e-mails and intranet sites.
Analytical Review
Analytical review was completed in relation to the criteria on issue identification and analysis; consultation; coordination and alignment; review and approval; communication; and the objective on innovation.
Sampling
The policy instruments that were selected for testing were chosen to ensure adequate coverage of:
  • corporate priorities;
  • areas of risk identified through CSC’s Corporate Risk Profile; and
  • areas of risk identified through the audit risk assessment.

The population was stratified by CSC sector, and then by date of creation or amendment. Random samples were chosen from the population. The sample of national policy instruments that we tested were as follows:

  • Commissioner’s Directive 760 Social Programs and Leisure Activities (2016-05-02), Correctional Operations and Programs Sector;
  • Commissioner’s Directive 768 Institutional Mother-Child Program (2016-04-18), Women Offender Sector;
  • Commissioner’s Directive 800 Health Services (2015-04-27), Health Services Sector; and
  • Commissioner’s Directive 566-14 Perimeter Security (2015-06-08), Correctional Operations and Programs Sector.

6.2 Past Internal Audit Work Related to Policy Development Processes

Audit assurance and consulting engagements typically examine the policy framework for the particular program or activity being assessed to ensure that it is compliant with external requirements (legislation, central agency policies, etc.) and to ensure that policy instruments are aligned. Specific engagements that were used in planning the work for this audit include:

Review of the Framework Governing the Management of CSC’s Responses to Internal and External Reports

The review found that:

Status Report on Administrative Segregation

This review found that:

6.3 Statement of Conformance

In my professional judgment as Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria that were agreed on with management. The opinion is applicable only to the first two objectives as work performed for the third objective (innovation) is categorized as review level assurance, and is not commensurate with the high level of assurance provided through the first two objectives of this engagement.

The audit conforms to the Internal Auditing Standards for Government of Canada, as supported by the results of the quality assurance and improvement program. The evidence gathered was sufficient to provide senior management with proof of the opinion derived from the internal audit, with the exception of the evidence gathered to support the third objective (innovation).

Annex B: Site Selection

Three of CSC’s five regions were selected by the audit team due to the breadth of the subject matter and the impact this breadth had on the audit team’s ability to deliver results in a timely manner. Although on-site visits were not completed, interviews and document review were conducted for these sites. Sites were selected to ensure coverage of the following:

Region Sites
Quebec
  • Port-Cartier Institution
  • Archambault Institution
  • Joliette Institution for Women
  • Montréal Metropolitan District
  • Regional Headquarters
Ontario
  • Grand Valley Institution for Women
  • Bath Institution
  • Beaver Creek Institution
  • Central Ontario District Office
  • Regional Headquarters
Prairie
  • Regional Psychiatric Centre
  • Willow Cree Healing Lodge
  • Okimaw Ohci Healing Lodge
  • Grande Cache Institution
  • Saskatchewan, Manitoba, and North Western Ontario District Office
  • Regional Headquarters
National Headquarters
  • Policy Sector
  • Correctional Operations and Programs Sector
  • Health Services Sector
  • Women Offender Sector
  • Communications and Engagement Sector
  • Legal Services Sector
  • Aboriginal Initiatives Directorate
  • Learning and Development Branch

Annex D: OVO’s Innovation Maturity Model

OVO Innovation (2010)

Innovation maturity progression:

Novice Apprentice Journeyman Master
Strategy
  • No expectation for Innovation
  • Relieve an existing issue
  • Completely reactive
  • Innovation as a desire
  • Short term focus
  • Incremental goals
  • Innovation as a focus
  • Incremental and disruptive
  • Becoming proactive
  • Innovation as expectation
  • Innovation leadership
  • Disrupt firms and markets
People
  • Part-time on a project basis
  • No formal training
  • Few/no rewards or incentives
  • No central team
  • Part-time commitment
  • Some innovation training
  • Ad-hoc rewards
  • Recognition of central team
  • Full time commitments
  • Detailed training
  • Incentives and rewards
  • Identification of central team
  • Initiated by individuals
  • Autonomy/ experimentation
  • Corporate incentives
  • Engagement by central team
Methods
  • Few innovation tools
  • Haphazardly applied
  • No consistent process
  • Introduction of new tools
  • Carefully applied
  • Defining a core process
  • Wide range of tools
  • Applied by trainees
  • Following a defined process
  • Creating new techniques
  • Applied by experts
  • Defined methodology
Funding
  • No planned funding
  • Borrowed from other sources
  • Very limited
  • Small planned funding
  • Combined with other funds
  • Limited to idea development
  • Funds in annual plan
  • Set aside for team and ideas
  • New research possible
  • Team fully funded
  • Innovation R&D dollars
  • Available for all activities
Measures
  • No established metrics
  • Focus on cost/time
  • Short term
  • Few established metrics
  • Based on ideas and ROI
  • Short term
  • Multiple metrics
  • Incremental/ Disruptive
  • Short term & long term
  • Many metrics
  • Focus on differentiation
  • Mid term/Long term
Communication
  • Vague goals
  • Little communication to team
  • None to organization
  • Communicated goals
  • Some communication to team
  • Little to organization
  • Active communicator
  • From engaged leader
  • To organization as a whole
  • Consistent communication
  • From all management
  • Internally and externally
Breadth
  • Isolated teams
  • No concurrent projects
  • No external involvement
  • Some collaboration
  • Few concurrent projects
  • Little external involvement
  • Broad collaboration
  • Many concurrent projects
  • Some external involvement
  • Innovation Communities
  • Multiple projects
  • Internal and external
Rewards
  • Not designed
  • Project based
  • Not meaningful extrinsic
  • Some consideration
  • Project based
  • Aligned to strategies
  • Carefully considered
  • Based on participation
  • Based on goals/plans
  • Incorporated into plans
  • Based on outcomes
  • Intrinsic and extrinsic
Outcomes
  • Frustrated teams
  • Incremental ideas
  • Rarely implemented
  • Little impact
  • Satisfied teams
  • Reasonable ideas
  • Occasionally implemented
  • Some new products/ services
  • Engaged teams
  • Good ideas
  • Regularly implemented
  • Predictable flow of ideas
  • Engaged organization
  • Disruptive ideas
  • Regularly implemented
  • Innovation leadership

Page details

Date modified: