Audit of VaccineConnect: Management response and action plan

October 2021

PDF version (544 Kb, 5 pages)

Recommendations Management response and planned management action Deliverables Expected completion date Responsibility

Recommendation 1

The Senior Vice-President of the Chief Technology Officer Branch should ensure that all risks are included in the risk register. In addition, the risk management process should be updated and documented to include a risk escalation mechanism that reflects greater transparency and the responsibility and accountability of the Project Steering Committee in this process.

Management agrees with this recommendation.

  • VaccineConnect will continue to update, mitigate, document, and report on risks and issues in its Risk Register.
  • VaccineConnect will continue to ensure the communication and escalation of risks in a timely and transparent manner through regular working level Joint Status Update and executive Leadership meetings between Deloitte and PHAC.
  • VaccineConnect’s risk management process will be updated to include the role of the Project Steering Committee in the escalation of key risks as well as the monitoring and review of risk mitigation strategies being implemented.

Q3 2021-22

Digital Strategy and Product Solutions Directorate (DSPS), Chief Technology Officer Branch (CTOB)

Recommendation 2

The Senior Vice-President of the Chief Technology Officer Branch should, in consultation with the Logistics and Operations Branch and the Immunization Branch, develop and implement a strategy for transitioning and implementing VaccineConnect in the context of a long-term vision. The strategy should include the three modules (ISC, IIS, IPM).

Management agrees with this recommendation.

  • VaccineConnect is currently developing a long-term vision and strategy for transitioning the project into a sustainable program, which can continue to address the digital needs of the current pandemic, as well as future public health requirements.
  • One of the outcomes of the surveillance IM/IT review led by Corporate Data and Surveillance Branch will be to table a plan that will be taken into account for longer-term planning for VaccineConnect.
  • Develop VaccineConnect long-term strategy for (Project Gate 4 requirement).

Q3 2021-22

DSPS

Recommendation 3

The Senior Vice-President of the Chief Technology Officer Branch should introduce a Vendor Management role with clearly defined responsibilities to manage and routinely report on vendor performance in meeting contractual obligations, and ensure that software releases are delivered on time, within budget, and with minimal requirements for change management. Key Performance Indicators for vendor performance measurement should be identified and implemented.

Management agrees with this recommendation.

  • VaccineConnect will build a vendor management function, including a Performance Management Framework with Key Performance Indicators, to manage and routinely report on vendor performance in meeting contractual obligations, and ensuring software releases are delivered on time.
  • Hire a Vendor Manager
  • Develop VaccineConnect Vendor management performance framework

Completed
(Q3 2021-22)

Q4 2021-22

DSPS

Recommendation 4

The Senior Vice-President of the Chief Technology Officer Branch should revise the project management plan and incorporate a clearly laid out work breakdown structure and corresponding critical path dependencies, including associated risks and mitigation measures.

Management agrees with this recommendation.

  • VaccineConnect will revise its Project Management Plan, which includes a RASCI chart and corresponding critical path dependencies, to include associated risks and a risk mitigation and management process.
  • Renewed Project Management Plan

Q3 2021-2022

DSPS

Page details

Date modified: