Management Response and Action Plan - Audit of the Biosecurity Program at the Public Health Agency of Canada

PDF version - 4 pages, 97KB

Recommendations Management Response and Planned Actions Deliverables Completion Date Accountability/Responsibility

Recommendation 1A

The Vice-President, Health Security Infrastructure Branch, should raise employees' awareness of their conflict of interest obligations.

  Management agrees with the recommendation.

 

To maintain confidence in the impartiality of regulatory processes, and as part of our obligations under Chapter 2 of the Public Health Agency of Canada's Values and Ethics Code, all Centre for Biosecurity employees are required to declare that they have read, understood, and have acted according to their conflict of interest (COI) obligations under the Code.

In support of this, the Centre for Biosecurity has developed a program-specific document to raise employee awareness of their obligations and of potential or perceived conflicts of interest that may apply specifically to their regulatory role.

Program-specific case studies

Complete

Director, Office of Biosafety Programs and Planning

Recommendation 1B
 
The Vice-President, Health Security Infrastructure Branch, should establish procedures for the selection of designated Human Pathogens and Toxins Act (HPTA) analysts that have no potential or perceived conflicts of interest, in the event of a situation at the National Microbiology Laboratory (NMl) or involving a NML employee that would require pathogen analysis by a designated analyst.

Management agrees with the recommendation.

 

To maintain confidence in the impartiality of regulatory and penal enforcement processes, the Centre will develop procedures for the appropriate selection of HPTA analysts that have no potential or perceived conflicts of interest.

Procedures for the appropriate selection of designated HPTA analysts that have no potential or perceived conflicts of interest.

September 30, 2019

Director, Office of Biosafety Programs and Planning

Recommendation 2

The Vice-President, Health Security Infrastructure Branch, should establish a risk-based process to monitor user activity within iSTOP to verify the accuracy of records and the reporting process. 

Management agrees with the recommendation.

 

Management recognizes the importance of preventing fraud and error in the reporting process. Since the period covered by the audit, standard operating procedures have been implemented to reinforce the division of responsibilities and delegated authorities in the use of iSTOP.  In response to an IT Security audit, iSTOP access controls were further strengthened to align privileges with user roles and delegated authorities. In addition to the measures already taken, the Centre will establish a risk-based operational process to verify that user activity within iSTOP is being conducted in accordance with established policies and procedures.

Risk-based operational process to verify that user activity within iSTOP is being conducted in accordance with established policies and procedures.

December 31, 2019

Director, Office of Biosafety Programs and Planning

Recommendation 3

The Vice-President, Health Security Infrastructure Branch, should articulate senior management's risk tolerance with regard to the frequency of inspections for Risk Group 2 licence holders and re-evaluate the inspection selection risk factors and ratings once sufficient data is gathered to represent a statistically relevant sample size.

Management agrees with the recommendation.

Management recognizes the importance of deploying resources to where they are most needed, and targeting monitoring and verification activities to areas of higher risk. The Centre will engage with senior management in order to articulate risk tolerance for the frequency of inspections of Risk Group 2 licence holders and develop a plan to evaluate Risk Group 2 inspection selection risk factors and ratings once sufficient data is gathered. 

Engage with senior management to articulate risk tolerance and set associated Risk Group 2 baseline inspection targets. June 30, 2019

Director, Office of Biosafety and Biocontainment Operations

Implement a plan for the evaluation of Risk Group 2 inspection selection risk factors and ratings.

April 1, 2020

Recommendation 4

The Assistant Deputy Minister, Corporate Services Branch (CSB) should ensure the security clearance process is administered accurately, efficiently and in accordance with the service level agreement established with the Centre for Biosecurity.

Management agrees with the recommendation

CSB's Security Management Division (CSB-SMD) will improve and align the monitoring, processing, and reporting systems and practices for HPTA Security Clearances.  Weekly reporting and bi-weekly meetings will occur to allow for accurate and efficient reporting.

CSB-SMD, in collaboration with the Biosecurity Program, will develop security training and reporting tools that will ensure that service standards are met for HPTA Security Clearances. 

Renewed Standard Operating Procedures to align with the HPTA Program requirements:
a) Consultation with key stakeholders.
b) Completion of final draft processes and procedures that will meet the service standards of the MOU.
c) Obtain the approval of the DG of the Centre for Biosecurity on new procedures and monitoring tools.

January 15, 2019

Assistant Deputy Minister, Corporate Services Branch

Page details

Date modified: