Archived - Audit of IM/IT Expenditures and Management Control Framework - Follow-up Report Status Update as of September 30, 2011
Archived information
This Web page has been archived on the Web. Archived information is provided for reference, research or record keeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
PDF Version (29 Kb, 4 Pages)
Action Plan Implementation Status Update Report to the Audit Committee - As of September 30, 2011
Chief Financial Officer (CFO)
Audit of IM/IT Expenditures and Management Control Framework (09-063)
Approval Date: 24/09/10
| Project Recommendations |
Action Plan | Expected Completion Date |
Program Response |
|---|---|---|---|
| 1. The CFO, in collaboration with the CIO, should develop and implement a directive that clearly defines IM/IT expenditures, specifying the respective line objects to be used for financial reporting. | The CIO will work with the DG, Planning and Resource Management and the DG, Corporate Accounting and Materiel Management to specify and define how the Departmental chart of accounts is to be used to track IM/IT expenditures effectively. The application of elements of the CoA will be clearly defined as a national standard. These requirements will be communicated in the form of a directive. | January 2011 | Status: Underway Update/Rationale: As of 30/09/2011: IT expenditure definitions have been defined, adopted and communicated as part of a TBS request for departmental expenditure information. The AANDC Directive is being drafted based on the work that is currently being done by TBS. TBS has delayed the release of their COA changes to Q3 (or Q4). The CIO will be working with FMAs in Q3 and Q4 to identify and improve financial coding and reporting within the context of the current COA. Once the TBS COA is identified, a decision will be made regarding when the new COA will be adopted. The Corporate Accounting and Reporting Directorate participated in meetings to review the line objects to be used in financial reporting. AES: Implementation is ongoing. The recommendation will be closed once the directive has been finalized and communicated across the department. |
| 2. The CFO, in collaboration with the CIO and Assistant Deputy Ministers (ADM) responsible for regional operations and staff, should implement a national system to track all IM/IT assets. This system should track device life-cycle, warranty, user and location information and should provide functionality to ensure that all devices and licenses assigned to employees and consultants are reacquired and/or removed upon departure. Once a national tracking system has been implemented, the CIO should conduct a Department-wide inventory of IM/IT assets. | The CIO has a software tool (viaTIL Remedy) that is capable of tracking assets and verifying inventory. The CIO will adjust existing processes to ensure that entry and exit procedures include the assignment and re-acquisition of hardware and software assets, and the effective management of system access rights and permissions. Once these measures are in place, the CIO will initiate a national baseline inventory and introduce inventory management processes. The CIO will issue a directive specifying the process to be followed and making mandatory the use of the Remedy tool as a national standard. |
January 2011 | Status: Underway Update/Rationale: As of 30/09/2011: AANDC has a tool deployed software (ITSP/Remedy) that can track the IT hardware assets software licences installed on individual desktop/laptops, we use Microsoft System Management Center (formerly SMS). The hardware assets are tracked at HQ. Consistent processes have not been documented and communicated across regional offices. CIO will engage regions and sectors via the Information Technology Stewardship Group to develop and adopt the processes necessary to populate and maintain the enterprise databases (e.g. ITSP/Remedy) and Microsoft System Management Center. The item is planned for discussion at ITSG in late November/early December and it is expected that the approved processes will be in place in January/February 2012. AES: Implementation is ongoing. |
| 3. The CFO, in collaboration with the CIO, should establish a consistent, documented and communicated procurement process for acquiring IM/IT assets that enforces appropriate segregation of duties across all regions and headquarters. | The CIO will issue a directive under the policy on the governance of IM/IT that will specify the processes and authorities for the procurement of IM/IT professional services and hardware and software. The CIO will work with the DG, Corporate Accounting and Materiel Management to ensure that the necessary controls and reporting capabilities exist to support these processes. These measures will include dedicated procurement capacity, monitoring, tools and templates, etc. The CIO will also encourage greater use of the centralized procurement of IT assets which may address such issues as the segregation of duties with respect to procurement and receipt as was observed during the audit. |
March 2011 | Status: Underway Update/Rationale: As of 30/09/2011: A draft directive on the acquisition of IM/IT Goods and Professional Services was presented to the Information and Technology Stewardship Group (ITSG). The comments require a second round at ITSG which is planned for late November/early December 2011. ITSG will recommend that the Directive go to DGIOC for approval or recommendation by DGIOC for Operations Committee approval. The directive is expected to receive departmental approval before the end of fiscal year 2011-2012. Material and Assets Management – Procurement Services Section has developed a Procurement and Contracting Checklist to be used by client when doing their IM IT requests. AES: Implementation is ongoing. The recommendation will be closed once the directive has been finalized and communicated across the department. |
| 4. The CFO should establish and maintain a complete inventory of IM/IT contracts, SLAs and MOUs. The CFO, in collaboration with the CIO, should also formalize a process to perform appropriate cost-benefit analyses for IM/IT service agreements based on strategic significance. | The CIO will specify the parameters for defining and measuring performance of acquired services, service agreements, and Memoranda of Understanding that pertain to IM/IT. This will include the requirement for an explicit statement of the expected benefits associated with the 3rd party arrangement, and the means and periodicity of reviewing and reporting. The CIO will endeavour to define a standard approach for the determination of benefits realized from such arrangements. This requirement will be communicated in the form of a Directive under the policy on governance of IM/IT. The CIO will develop an inventory of these agreements which will be reviewed by the Information and Technology Stewardship Group, and monitored on an annual basis. | December 2010 | Status: Underway Update/Rationale: As of 30/09/2011: The inventory is currently being conducted. Initial results indicate that the vast majority of contracts have been completed, and therefore, provide value for money. All future contracts, MOUs and service level agreements developed by IMB will have explicit statements on expected benefits. AES: Implementation is ongoing. The recommendation will be closed once an approach to cost-benefit analysis is finalized and communicated across the department, and once the inventory is complete, and the requirement to register all future IM/IT contracts with the inventory is communicated across the department. |
| 5. The CFO, in collaboration with the CIO and ADMs responsible for regional operations and staff, should finalize a Departmental IM/IT strategy to which local strategies and processes align across all regions and headquarters. Root causes of inconsistent practices should be addressed to establish a consistent approach to managing IM/IT initiatives across the Department. | The CIO will complete and obtain approval of the draft IM/IT Strategy. This strategy will provide the context for the policy on the governance of IM/IT and will form the basis for plans and activities across the Department's sectors and regions. | January 2011 | Status: Underway
Update/Rationale: As of 30/09/2011: IMB has prepared a draft strategy that has been presented to the Information and Technology Stewardship Group (ITSG). The Strategy will be presented to DGIOC in late November or early December. Once DGIOC is ready to recommend it for approval by Operations Committee, the IM/IT Strategy will be presented to Operations Committee. The approval of the Strategy is an RPP commitment and the dates for the DGIOC and Operations Committee presentations will be based on obtaining approvals in order to report it as completed for this fiscal year. To address inconsistent practices to managing IM/IT initiatives across AANDC, Operations Committee recently approved the Enhanced Portfolio Management Framework. This will allow different "gating" approaches based on the risk and complexity of the initiative. AES: Implementation is ongoing. |