Audit of victim services, 2021

The Internal Audit Sector conducted the Audit of Victim Services as part of Correctional Service Canada’s (CSC) 2019–2022 Risk-Based Audit Plan. The audit is linked to CSC’s priority of “having productive relationships with diverse partners, stakeholders, victims’ groups, and others involved in public safety” and also to the corporate risk that “CSC will not be able to implement its mandate and ensure the financial sustainability of the organization.”

CSC has provided services to victims of crime since the implementation of the Corrections and Conditional Release Act in November 1992, and launched in September 2007 the National Victim Services Program to respond more comprehensively to victims’ requests.

The protected offender information that CSC provides at the victim’s request includes, among other disclosures, the date of commencement and length of the offender’s sentence, the offender’s eligibility dates and review dates for temporary absences, progress made with respect to the offender’s correctional plan and CSC’s victim-offender mediation services.

CSC primarily uses the Offender Management System (OMS), the Victims Module and the Victims Portal to provide services to victims.

The OMS is the system used to manage information about federal offenders throughout their sentence. It is used daily by staff at all levels within CSC for a variety of reasons related to offender management.

The Victims Module, also referred to as “CRM”, is the system used daily by CSC’s Victim Services Officers (VSOs) to manage the information of over 8,600^{Footnote 2} victims who are registered with CSC and receive information on a regular basis. With the coming into force of the Canadian Victims Bill of Rights (CVBR) in July 2015, CSC redeveloped the former Victims Module which was embedded in OMS using Microsoft’s Customer Relationship Management (CRM) Solution. “Electronic Exchange to VAM”^{Footnote 3} is created for each offender whose victims have registered, to allow the OMS to upload information or notifications of offender-related events to the Victims Module. The Victims Module then receives the uploaded data from the OMS.

CSC has also developed a web-based Victims Portal to allow registered victims to access the services and information to which they are entitled. Through their Victims Portal accounts, victims can submit their application for registration, victim statements, requests for copies of Parole Board of Canada (PBC)’s decisions, or information related to court orders. This information is then uploaded directly to the Victims Module.

Legislation

Canadian Victims Bill of Rights

The CVBR defines a victim of crime as “an individual who has suffered physical or emotional harm, property damage or economic loss as the result of the commission or alleged commission of an offence. The CVBR provides victims of crime with four rights:

• Right to Information – victims have the right to receive, on request, general information about the criminal justice system and the role of victims; available victim services and programs, including restorative justice programs; and specific information about their case, investigation, prosecution and sentence of the person who harmed them.
• Right to Protection – victims’ security and privacy must be considered at all stages of the criminal justice process, and victims have the right to reasonable and necessary measures to protect them from intimidation and retaliation; request testimonial aids when they are required to testify in court; and request that their identity be protected from public disclosure during the trial process.
• Right to Participation – victims have the right to express their views about decisions made by appropriate criminal justice authorities that affect the victim’s rights and have their views considered through a victim impact statement.
• Right to Restitution – victims have the right to have the court consider making a restitution order against the offender, order when not paid will be enforced as a civil debt.

Corrections and Conditional Release Act

Paragraph 26(1)(a) lists the information that the Commissioner must disclose to the victim on request. Paragraph 26(1)(b) lists the information that the Commissioner may disclose if, in the Commissioner’s opinion, the interest of the victim clearly outweighs any invasion of the offender’s privacy. Paragraphs 26(1)(c-d) list the information that the Commissioner shall disclose if the disclosure would not have a negative impact on public safety. Subsections 26(2) through 26(4) outline other provisions for the disclosure of information to victims of acts for which the offender was not prosecuted or convicted, when offenders are transferred to provincial correctional facilities; and subsections 26(5) through 26(8) cover victims designating a representative or withdrawing a request for services.

Criminal Code

Subsection 745.6(2.8) states that “[i]f a person convicted of murder does not make an application under subsection (1) within the maximum time period allowed by this section, the Commissioner of Correctional Service Canada, or his or her designate, shall immediately notify in writing a parent, child, spouse or common-law partner of the victim that the convicted person did not make an application. If it is not possible to notify one of the aforementioned relatives, then the notification shall be given to another relative of the victim. The notification shall specify the next date on which the convicted person will be eligible to make an application under subsection (1).”

Corrections and Conditional Release Regulations

According to subsection 5(2), “[a] staff member who is assigned responsibility for liaison with victims in Commissioner’s Directives may exercise the powers, perform the duties or carry out the functions that are assigned to the Commissioner by section 26 of the Act.”

CSC Policy Instruments

There are a number of Commissioner’s Directives (CD) and numerous protocols that apply to the National Victim Services Program (NVSP), including:

CD 784 Victim Engagement

The purpose of CD 784 is to manage the engagement of victims within the Correctional Service of Canada, by upholding victims’ rights and ensuring timely and effective information sharing pursuant to legislation. A Victim Services Notification Guide was prepared and included as Annex C of CD 784.

CD 785 Restorative Opportunities Program and Victim Offender Mediation Services

The purpose of CD 785 is to provide guidance on the Restorative Opportunities Program and its victim-offender mediation services.

CD 786 Victim Complaints

The purpose of CD 786 is to provide a fair and expeditious complaint process for victims who are of the opinion that their rights under the CVBR have been infringed or denied by the Correctional Service of Canada.

National Headquarters (NHQ)

The Communications and Engagement Sector is responsible for ensuring programs and processes are in place to engage victims within CSC’s mandate, the functional coordination of victim services and for developing protocols that must be followed regarding information sharing between victims and CSC.

The Manager, Victim Services, is responsible for submitting, on a quarterly basis, to the Assistant Commissioner, Communications and Engagement, a summary and analysis of complaints, a list of outstanding recommendations, emerging trends or issues, and to make recommendations to address them.

Regional Headquarters (RHQ)

Each of the five Victim Services Units (VSUs) reports to their respective Regional Deputy Commissioner and is responsible for the day-to-day conduct and management of operations.

The VSOs are responsible for providing victims with timely and accurate information about the criminal justice system, including CSC’s Restorative Opportunities Program, and the offender’s correctional plan. VSOs also review victims’ requests to register for services, invite victims to provide statements for CSC to consider in case preparation, and maintain a database of victims’ contact information and preference for receiving notifications.

Regional Victim Services Managers are responsible for training, assistance and coordination of VSOs. They also liaise with governmental and non-governmental partners and provide regional input to national initiatives. In addition, they maintain the quality assurance of victim services in terms of notification methods, timeliness and information communicated to victims, and provide additional information and referrals to victims as required, such as those relating to restitution orders.

Institutions and Districts

The Institutional Head or District Director is responsible for developing processes to ensure that the VSU receives notification of relevant events and decisions regarding offenders, with notification to victims in accordance with the Victim Services Notification Guide.

The Parole Officer is responsible for notifying the VSU when beginning case preparation for release decisions, and for requesting information or statements provided by the victim. The Parole Officer is also responsible for notifying the VSU of changes in the circumstances of offenders for whom notifications may be required, and for including relevant victim information and victim considerations in release planning and decision recommendations.

Regional Victim Advisory Committees

The Regional Victim Advisory Committee are advisory committees comprised of victims of crime as well as staff from both CSC and the PBC. The committee members work collaboratively to provide input and advice on current service delivery, policy, communications and emerging issues for both organizations. These committees also provide advice and participate in outreach initiatives to inform other victims of the services available from both organizations.

The audit team conducted a risk assessment based on the results of interviews with key stakeholders, and reviewed relevant legislation, Commissioner’s Directives, protocols, and previous audits. The main risks identified at the beginning of the audit based on a preliminary assessment were the controls in place may not ensure the accuracy and completeness of data within CRM, a lack of program monitoring, and an insufficient allocation of human and financial resources. There is also a reputational risk to the organization should victims’ rights not be respected. These risks were incorporated into this audit to assess the adequacy of mitigation strategies.

The overall objectives of this audit were to provide reasonable assurance that:

• A management framework was in place to support the effective and efficient management of CSC’s Victim Services.
• CSC offered services to victims in compliance with relevant legislation, policy and procedures.

The audit criteria are outlined in Annex A.

The audit was national in scope, and interviews were held with various staff at NHQ and RHQ. The audit team assessed the services provided to victims between April 2018 and March 2020.

The audit also examined CSC’s compliance with legislative requirements relating to victim consideration in offender release and case management decisions. The audit focused on assessing the accuracy and completeness of the information recorded in the Victims Module and that the information was provided to victims in a timely manner.

However, the audit did not validate or assess any decisions made regarding offenders. In addition, the restorative justice program and victim-offender mediation services were not examined in this audit.

The first audit objective was to determine whether a management framework was in place to support the effective and efficient management of CSC’s Victim Services.

The following sections highlight areas where expectations were met and those where management attention is required.

The overall assessment of all audit criteria is outlined in Annex A.

3.1.1 Policy Framework

The audit expected to find that CSC’s Commissioner’s Directives, guidelines and protocols are clear, that they support the Victim Services’ management framework and that they comply with the relevant legislation.

The audit team assessed this criterion as being partially met. The findings are discussed below.

A policy suite, consisting of Commissioner’s Directives and various protocols is in place, and complies with relevant legislation. However, the protocols are not up to date.

The Victim Services policy suite includes various Commissioner’s Directives, numerous protocols and a user guide for the Victims Module. Together, these documents provide the instructions and procedures that apply to Victim Services, and comply with the relevant legislation.

CD 784 – Victim Engagement was recently reviewed and updated to clarify the procedural implications of victim engagement in general, and the victim notification process in particular.

The majority of VSU staff indicated that, while CD 784 is clear, the protocols have to be reviewed and simplified for ease of use.

Given that Victim Services is subject to many legal particularities, the protocols are detailed instructions intended to guide VSOs in performing their duties by providing a clear and easy-to-follow approach. There is a long list of protocols, more than 30, which creates redundancies and makes them difficult to use. In addition, because there are so many, when a change to the CD or processes is made, updating the various protocols takes a considerable amount of time.

CSC was providing services to victims of crime long before the introduction of the CVBR. Previously, the Victims Module was part of the Offender Management System (OMS). With the implementation of the CVBR, the Victims Module was redeveloped using the CRM and was removed from the OMS. Most of the protocols were created while the Victims Module was still in the OMS, and some of them still refer to the old system. They would benefit from being simplified and updated to guide VSOs in providing services to victims under the new system.

There must be clear and consistent guidelines for outreach activities.

As part of the right to information under the CVBR, every victim has the right to obtain information about the offender who harmed them. CSC does not automatically inform victims about the offender who harmed them. Victims have to request the information or register with the organization to receive the information regularly.

In May 2019, CSC launched an ongoing awareness campaign to encourage victims of federal offenders to register with CSC and the PBC. This campaign included the review of CSC’s web content pertaining to victims, the creation of various web products, video, social media, infographics, and more, to inform the public about CSC’s services and to respond directly to victims’ questions. A victims’ communications working group was also established between CSC, the PBC, Public Safety Canada’s National Office for Victims and the Department of Justice.

In the VSUs, both Victim Services Managers and VSOs are responsible for undertaking outreach activities to raise awareness of the services available to victims, as reflected in their generic job descriptions. However, the policies in place lack clear direction on expectations regarding the outreach activities required of regional offices.

The absence of clear guidelines could result in a lack of visibility and consistency in outreach activities across regions, as well as an inability to evaluate their effectiveness.

3.1.2 Roles and Responsibilities

The audit expected to find that the roles and responsibilities are clear, communicated and well understood.

The audit team assessed this criterion as being met. The findings are discussed below.

The audit team found that the roles and responsibilities are clearly documented, communicated and overall well understood.

The VSUs deliver victim services based on information provided by institutional or community-based case management teams including parole officers, sentence management officers, and others. CD 784 - Victim Engagement, clearly defines the roles and responsibilities of each Office of Primary Interest involved with respect to disclosing offender information to victims, and the time frames for doing so.

The staff working in VSUs understand their roles and responsibilities. Case management team members, specifically parole officers understand their roles and responsibilities in relation to providing information to VSUs. However, some parole officers are not familiar with the requirements for cases involving offenders whose victims have registered to receive information, as denoted in instances of delayed notifications sent to VSUs.

There is a mechanism in place to review victims’ complaints in accordance with existing policies.

The CVBR states that every federal department, agency or body with a role in the criminal justice system must have a mechanism in place to handle complaints from victims. The CSC has a system in place to review and manage complaints received from victims. Complaints are received at NHQ and handled in coordination with institutional and district staff. The number of complaints received remains low, namely, 13 (only one of which was founded) in 2018–2019 and eight (two of which were founded) in 2019–2020.

The audit team found that all admissible and founded complaints examined were addressed and corrective action was taken where necessary. Moreover, the CSC publishes on its website an annual report of complaints received from victims, which presents quarterly statistics on complaints received from victims, an analysis of their admissibility, corrective action and various recommendations.

3.1.3 Monitoring and Reporting

The audit expected to find that CSC has a systematic approach in place to monitor the Victim Services performance and that relevant information is being used to inform decision-making at all levels.

The audit team assessed this criterion as partially met. The findings discussed below require management attention.

Absence of a well-established and standardized process for generating reports and for monitoring the Program both at the national and regional levels.

There are no clearly defined key performance indicators to examine whether objectives are being met, and no periodic analysis of the data in the system to identify trends. Consequently, it is difficult to determine whether the level of Program monitoring is appropriate.

With the implementation of the CVBR, CSC redeveloped the Victims Module using CRM (Microsoft Customer Relationship) and also created a Victims Portal. The previous Victims Module was removed from the OMS, updated under the CRM and reserved only for employees working for the Victim Services Program. One of the limitations of the new system is that it does not have a mechanism dedicated to producing reports and statistics on activities recorded in the database.

The CRM has an advanced search and retrieval tool for extracting data from the system, but the audit team found it difficult to use. There is no direct connection between notifications generated in the OMS, received in the CRM, and the notification activities performed by VSOs, as this type of query was not integrated into the system design.

NHQ remains heavily involved in the management of the Program through regular communication and meetings between the Manager Victim Services at NHQ and the Regional Victim Services Managers, while NHQ provides assistance, advice and training to the regional units.

There is also monitoring which consists primarily of random spot checks conducted by Regional Victim Services Managers, and occasionally by the VSOs at their level to ensure that the information available in the CRM is consistent with the data in the OMS.

Despite the lack of an established monitoring and reporting process, the audit team did not identify any major problems in reviewing the formal victim complaints received (thirteen in 2018-2019 and eight in 2019-2020). In addition, no issues were raised by interviewees with respect to the services provided to victims.

Implementing effective monitoring and reporting mechanisms would ensure that the Program fulfills its services to victims and achieves its objectives.

The categories of reasons for not meeting the timeframe for disclosure are not used consistently in the VSUs.

To ensure that late notifications are recorded and the delays are justified, the Timeframe to Release Information Not Met field is locked in the CRM and requires VSOs to provide the reason why the timeframe could not be met.

Several categories of reasons or justifications have been created for different situations such as: VSO did not inform the victim in time; Other; Institution did not inform VSO in time; Urgent release, transfer or travel permit; etc.

NHQ allows each VSU to decide how to apply each category of reasons. As a result, delays in notification of transfers or travel permits are reported under Other, for example, rather than under Urgent release, transfer or travel permit. Consequently, these two categories, for example, are not used consistently across VSUs. The lack of consistency in the classification of reasons makes it difficult to compare notification delays across regions.

Without clear guidelines on how to use the categories provided, CSC will not be able to make full use of the data related to notifications that do not meet the timeframe for disclosure. Without reliable monitoring and reporting mechanisms relevant data cannot be collected to support decisions at all levels.

3.1.4 Financial and Human Resources

The audit expected to find that sufficient financial and human resources are allocated to support the Program.

The audit assessed this criterion as being partially met. The findings are discussed below.

VSUs receive the human and financial resources as per the resources indicators.

The resources allocated to VSUs and used from April 2018 to March 2020 are outlined in the following tables.

Source: Salary Management System.

Source: Salary Management System.

In general, the audit team found for the April 2018 to March 2020 period that the workforce in VSUs fluctuates throughout the year due to departures or temporary absences. The CRM does not generate information in terms of the actual workload of each VSO to allow an assessment of whether the allocated resources need to be revised either downwards or upwards.

While the Program is able to serve victims with the resources allocated, obtaining more information on VSU’s volume of work by updating the VSO workload formula will assist in assessing whether resources allocated are sufficient.

With respect to the first objective, the audit team found that some elements of a management framework were in place. A policy suite exists that complies with legislative requirements and includes the Commissioner’s Directives and numerous protocols. Roles and responsibilities are clearly documented and understood by most stakeholders. In addition, financial and human resources are allocated to the Program as planned.

As previously stated, the management framework could be improved. More specifically, the audit found that:

• Guidelines, specifically protocols, need to be updated and simplified.
• Clear and consistent direction regarding outreach activities is required across regions.
• Reporting and monitoring mechanisms for the Program activities need to be strengthened to support the effective and efficient management of victim services.
• The VSO workload formula should be updated to assess their resources and work volume.

The audit’s second objective was to determine whether CSC offers services to victims in compliance with relevant legislation, policy and procedures. As previously stated in the “Scope” section of the audit report, the audit team focused on the accuracy and completeness of the information recorded in the Victims Module and its timely communication to victims registered with CSC. Consideration of victim statements and concerns in the decision-making process was also examined.

The overall assessment of all audit criteria is outlined in Annex A.

3.2.1 Accuracy and Completeness of Information

The audit expected to find that CSC has implemented system controls to ensure that victims’ information is accurately and completely recorded in the system.

The audit assessed this criterion as being partially met. The findings are discussed below.

Victims’ information, as well as offender information provided to victims, is generally recorded in the Victims Module, but existing controls need to be strengthened.

The following aspects met the expectations of the audit:

• Information provided by victims for their registration is recorded in the Victims Module in 100% (58 out of 58) of the files reviewed.
• Offender-related events generated in the OMS and uploaded to the CRM were found in the system based on the samples reviewed.
• The Communications and Engagement sector controls the access to CRM and cancel accounts when staff leave the Program.

The following sections highlight areas requiring management attention.

The Victims Module (CRM) shows some opportunities for improvement.

• There is no formal and automatic process in place to verify the completeness of data sharing among the various systems.
• Victims and notifications are not assigned a unique identifier which makes it difficult to track the information disclosed.
• Status of victims of inactive offenders (i.e. those who have completed their federal sentence) remains active in CRM to allow notifications to be automatically renewed should an offender return to CSC supervision. This creates a lack of clarity as to the actual number of active victims versus which victims are actually receiving information.
• CD 784 sets timeframes for VSUs to release information to victims, but also sets timeframes for case management teams in institutions and districts to share information with VSUs. The CRM monitoring tool is incomplete because it does not assess these timeframes for information sharing by case management teams.
• According to VSOs, manually verifying that any information in the Victims Module is consistent with the data in the OMS by comparing data from the two systems proves to be lengthy and intensive and cannot detect all errors or discrepancies. However, no instances with data sent from the OMS and not received in the Victims Module were found through the audit. This demonstrates that necessary offender related information was available to VSOs to share with victims.

The annual verification of victims’ information and preferences is not systematically carried out.

Under CD 784 – Victim Engagement, VSOs are required to update victims’ notification and contact information. To do so, the protocols require a checklist to be completed when victims register and the checklist must be reviewed with each victim every year. Notifications are suspended as a safety precaution when it is determined that the available contact information is not up to date.

The VSOs interviewed indicated that the interview checklist is completed when registering victims and verified when communicating with the victim. However, the verification is not conducted annually as required by policy, as preferences and contact details are updated when the victim is contacted.

The audit team noted in the CRM that the checklist of victims’ contact information and preferences was reviewed in several instances, but could not determine whether the checklist was reviewed at least once a year for each victim from April 2018 to March 2020. With no way to ensure that each victim’s contact information and preferences are actually verified at least once a year, victims may not receive notifications of information important to their safety, specifically, for victims who are not regularly contacted.

3.2.2 Services to Victim

3.2.2.1 Victim Registration in the Program

The audit expected to find that the VSUs process victim registrations as per policy requirements.

The audit assessed this criterion as being met. The findings are discussed below.

The VSUs process requests and register victims with CSC as per policies.

Pursuant to subsection 26(3) of the CCRA, a person meet the eligibility criteria when:

• that person suffered physical or emotional harm, property damage or economic loss, as the result of an act of an offender, whether or not the offender was prosecuted or convicted for that act; and
• a complaint was made to the police or the Crown attorney, or an information was laid under the Criminal Code, in respect of that act.

Anyone who meets these criteria can apply to register with CSC to regularly receive information about the offender who harmed them. The audit team noted on the basis of the files reviewed that:

• 100% (58 out of 58) of the approved registration files reviewed meet the eligibility criteria for receiving information about the offender who harmed them, as per legislation.
• 100% (28 out of 28) of the registration requests that were denied, and reviewed for the same period, have a rationale for the denial in accordance with CD 784. The rationales include, for example, insufficient information submitted by the applicant to be recognized as a victim, or the offender is not under the supervision of the CSC.

3.2.2.2 Information provided by institutions and districts and consideration of victim statements

The audit expected to find that the institutions and districts inform VSUs of certain events within specified timeframes, and request and integrate victim statements as part of decision-making.

The audit assessed this criterion as being met with some exceptions. The findings are discussed below.

Institutions and districts inform VSUs within specified timeframes with few exceptions.

Case management teams in the institutions and districts, primarily parole officers, must inform VSUs when the offender’s file indicates that information is to be disclosed to the registered victim. For each type of information to be provided to the victim, with some exceptions, the Victim Services Notification Guide in Annex C of CD 784 first sets out an initial timeframe for the institution or district to send the information to the VSU, then a second timeframe for the VSU to disclose the information to the victim.

Any delay in the communication of information to VSUs therefore affects when the victim is notified. While, VSUs were notified and were able to disclose information to victims on time, communications delivered outside the timeframe because the “site did not inform the VSU in time” represented 6% of communications in 2018–2019 and 7% in 2019–2020. For more details, refer to section 3.2.2.3 of this report.

Case management teams, primarily parole officers, request and integrate victim statements in case preparation and recommendations overall.

The Victim Statement is a written statement describing the harm done or loss suffered as a result of the commission of an offence, or the continuing impact of the commission of the offence on the victim—including any concerns about the victim’s safety or about the possible release of the offender—or requesting that conditions be imposed on the offender. Victim Impact Statements are different from Victim Statements in that the Victim Impact Statements are formal court documents used at the time of sentencing.

Parole officers contact VSUs early in their case preparation to request that a Victim Statement be obtained before a recommendation is made for conditional release decisions. VSOs have access to the OMS and send reminders to the institutions or districts when a case is submitted in the OMS and an automatic notification is generated in the CRM but a case consultation has not been sent to them. Of the 60 cases reviewed from April 2018 to March 2020:

• Victim Statements were considered in case preparation and recommendations in 100% of cases (50 out of 50). The remaining 10 cases were not taken into account either because the decision was deferred or because the offender withdrew the request.
• Victims are generally given sufficient time to provide their statements. Victims were given at least two weeks to provide their statements in 80% (44 out of 54), less than two weeks in 10% (5 out of 54) and there was no information on file about when victim was requested to provide statement in 10% (5 out of 54) of the cases. The audit team did not consider six cases out the sixty selected because victims had just registered or could not be contacted.

Victims may not receive important information for their protection if parole officers do not routinely share information with VSUs as required by policy.

3.2.2.3 Disclosure of Information to Victims

The audit expected to find that VSUs provide timely information to victims in compliance with CD 784.

The audit assessed this criterion as being met with exceptions. The findings are discussed below.

Information is generally provided to victims in a timely manner.

The CVBR states that the victim has the right to obtain information about the offender who harmed them, but does not set timeframes concerning the disclosure of information. Subsection 26 (1.1) of the CCRA sets a time limit of 14 days prior to temporary absence, work release, parole or statutory release to provide information to victims “unless it is not practicable to do so”.

Most VSOs and Regional Victim Services Managers indicated that the timeframes for disclosure set by CD 784 are difficult to meet because they are unrealistic and do not take into account their workload or the operational realities of the institutions and districts.

However, almost all the timeframes for disclosure set out in CD 784 are subject to exceptions in cases where the type of event or situation makes it impossible to meet the legislated or policy-based timeframe, such as temporary absences for medical purposes. The system considers the timeframe not met even in cases where the timeframe is not applicable:

• Case management teams, specifically parole officers, in some instances inform VSOs by email in advance so they can notify the victim in time. However, as the notification will not be uploaded in the CRM until the event has been formally entered in the OMS, by which time the victim will have already been notified.
• Victims can choose to receive information weekly or even monthly. Information disclosed on a monthly basis according to the victim’s preferences will also be considered late by the monitoring tool.

These exceptional situations are grouped together in the notifications not issued for the following reasons: Other; Urgent release, transfer or travel permit; etc. The following table provides an overview of disclosures sent on time to victims.

Source: Data extracted from the Victims Module as at March 31, 2020

*Various exceptions: Urgent release, transfer or travel permit; Bed space has just become available; etc.

The interviewed members of Regional Victims Advisory Committees, some of whom are registered victims with CSC, indicated that they have no concerns about the disclosure of information to victims.

Procedures are in place to ensure victims are served in both official languages

There are procedures in place to provide services to victims in both official languages:

• Atlantic, Quebec and Ontario VSUs have at least one bilingual staff each;
• Prairie and Pacific VSUs work closely with Quebec VSU and NHQ for cases that require notifications in French.

With respect to the second objective, the audit team found that, overall, CSC offers services to victims in compliance with relevant legislation, policy and procedures.

As noted, some areas require further improvements. The audit found that:

• Appropriate controls are not in place to ensure accurate and complete sharing of data among the various systems used.
• There are deficiencies in the Victims Module that need to be addressed to allow for better recording and tracking of victim data, as well as notifications issued.
• Victims’ contact information and preferences are not verified and updated annually as required.

Overall, the audit team found no areas of major concern with respect to the information to be provided to victims, and considers that the deficiencies observed will be corrected once management has resolved the issues related to the management framework.
The audit team found that certain elements of a management framework are in place. A suite of policies that comply with legislative requirements and include Commissioner’s Directives and numerous protocols are in place. Roles and responsibilities are clearly documented and understood by most stakeholders. In addition, financial and human resources are allocated to the Program as planned.
As previously stated, the management framework could be improved. More specifically:

• Policy documents, specifically protocols, need to be updated and simplified.
• Clear and consistent direction regarding outreach activities is required across regions.
• Reporting and monitoring mechanisms for the Program activities need to be strengthened to support the effective and efficient management of victim services.
• The VSO workload formula should be updated to assist in assessing their resources and work volume.

With respect to compliance, the audit found that CSC offers services to victims in compliance with relevant legislation, policy and procedures. However, some areas require further improvements. More specifically, the audit demonstrated that:

• Appropriate controls are not in place to ensure accurate and complete sharing of data among the various systems used.
• There are deficiencies in the Victims Module that need to be addressed to allow for better recording and traceability of victim data, as well as notifications issued.
• Victims’ contact information and preferences are not verified and updated annually as required.

Interviews

The audit team interviewed senior management and employees at NHQ. At the RHQs, in institutions and in the districts, interviews were conducted with Regional Administrators, Communication and Executive Services, Regional Victim Services Managers, Victim Services Officers, Parole Officers, Chairs or Members of Regional Victim Advisory Committees.

Interviews were also conducted with the Office of the Federal Ombudsman for Victims of Crime and the PBC.

Review of Documentation

Relevant documentation, including legislation, policies, procedural documents, reports and other relevant organizational documents, were examined.

Testing

The audit team performed file reviews to provide assurance that information is accurately recorded, provided to victims per timelines set in legislation and policy, and safeguarded.

Sampling

Statistical and judgmental sampling was used depending on the areas being tested.

These documents were also used to establish the scope of the audit work.

Audit of the Release Process (2012)

The audit found that the notification of the release of an offender to key stakeholders was not always done and, when it was, it was not always done in a timely manner. With respect to victim notification, the audit found that 95% of files reviewed revealed that victims were notified, and 5% of the files showed evidence that notification was attempted without success.

One recommendation highlighted the need for a more focused approach to ensure that all stakeholders, including victims, are always informed about offender releases and that it is done in a timely manner.

Evaluation Report – National Victim Services Program (2010)

The evaluation team found that the majority of victims were satisfied with the quality of services, the accessibility of services, the clarity of information provided, and the timeliness of information sharing. Similarly, the steady increase in the number of registrations, outreach services and notifications since 2007, and the availability of a toll-free telephone number demonstrated that the NVSP was achieving its intended results.

The recommendations from the Program evaluation are relevant to the audit. They include the following recommendations:

CSC should implement alternative approaches to outreach activities, including collaboration with private, federal, provincial and territorial partners, in order to enhance victims’ and communities’ level of awareness of the NVSP services.

In order to sustain program outcomes, the quality of key services provided to victims, as well as to plan for a potential increase in services, CSC should:

• update the analysis of the workload formula of Victim Services resources; and
• engage other appropriate partners in order to reduce overlap and/or to develop any potential shared services agreements that will support a continued high level of service delivery to victims of crime.

CSC should explore and implement, where appropriate, the use of alternative communication technology in order to facilitate victim registration and the dissemination of information to registered victims.

In my professional judgment as Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria that were agreed on with management. The opinion is applicable only to the area examined.

The audit conforms to the Internal Auditing Standards for Government of Canada, as supported by the results of the quality assurance and improvement program. The evidence gathered was sufficient to provide senior management with proof of the opinion derived from the internal audit.

Christian D’Auray, CPA, CA
Chief Audit Executive

The following table outlines the audit criteria developed to meet the stated audit objective and audit scope: