Archived - Audit of IM/IT Expenditures and Management Control Framework - Follow-up Report Status Update as of September 30, 2012
This Web page has been archived on the Web. Archived information is provided for reference, research or record keeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
PDF Version (31 Kb, 5 Pages)
Action Plan Implementation Status Update Report to the Audit Committee - As of September 30, 2012
CHIEF FINANCIAL OFFICER (CFO)
Audit of IM/IT Expenditures and Management Control Framework (09-063)
Approval Date: 24/09/10
|1. The CFO, in collaboration with the CIO, should develop and implement a directive that clearly defines IM/IT expenditures, specifying the respective line objects to be used for financial reporting.
|The CIO will work with the DG, Planning and Resource Management and the DG, Corporate Accounting and Materiel Management to specify and define how the Departmental chart of accounts is to be used to track IM/IT expenditures effectively. The application of elements of the COA will be clearly defined as a national standard. These requirements will be communicated in the form of a directive.
|Status: Request to Close- Completed
As of 31/03/2012:
CIO: The Directive on IM/IT Procurement Authorization was approved by the DGIOC in early March 2011. The Directive outlines the necessary roles and requirements of impacted stakeholders when acquiring IM/IT good and services. Furthermore, the Directive includes a prescriptive mapping of mandatory financial coding for IM/IT goods and services once appropriately approved for acquisition.
CAMM: Full advice on using project codes given to IM/IT.
PRM: Actively participating in the IM/IT expenditures tracking initiative. The FMAs are making sure that IM/IT expenditures are coded appropriately for reporting purpose and especially for expenditures that we incurred on behalf of Shared Services Canada that the Department has to report on every month.
The Working Group takes into consideration the COA restriction, the gating process for IM/IT projects to meet the different reporting requirements. Instructions as to how IM/IT expenditures should be coded will be communicated soon to Sectors and Regions so it is consistent across the department.
AES: Fully implemented. Closed.
|2. The CFO, in collaboration with the CIO and Assistant Deputy Ministers (ADM) responsible for regional operations and staff, should implement a national system to track all IM/IT assets. This system should track device life-cycle, warranty, user and location information and should provide functionality to ensure that all devices and licenses assigned to employees and consultants are reacquired and/or removed upon departure. Once a national tracking system has been implemented, the CIO should conduct a Department-wide inventory of IM/IT assets.
|The CIO has a software tool (viaTIL Remedy) that is capable of tracking assets and verifying inventory. The CIO will adjust existing processes to ensure that entry and exit procedures include the assignment and re-acquisition of hardware and software assets, and the effective management of system access rights and permissions. Once these measures are in place, the CIO will initiate a national baseline inventory and introduce inventory management processes.
The CIO will issue a directive specifying the process to be followed and making mandatory the use of the Remedy tool as a national standard.
As of 31/03/2012:
Server Configuration Centre Manager (SSCM) is being used as the tool for managing inventory configuration items. For the NCR, all Desktop and Laptop items have been loaded in SSCM. The forms and templates for data collection and loading are available and are shared with the regions.
There are bi-weekly ITSM meetings outlining the tool availability and functionality. Regions have been provided access to all forms and templates within SSCM. Currently Quebec, BC, Alberta, Saskatchewan have loaded and are using the tool.
Enterprise Network and Computer Operations equipment are tracked via spreadsheets maintained by the Network Operations team and the Computer Operations Team. These items have not been loaded to the AANDC tracking tool as we are waiting on how Shared Services Canada wishes to proceed with tracking this type of equipment.
Regions have been engaged within the ITSM group bi-weekly meeting with various regions. Processes have been documented and distributed for review and comments to the team members. The ITSM team will continue to provide support and guidance to regions that have not entered their IT Assets in ITSP/Remedy and finalize the processes and procedures.
Processes will be finalized and draft IT Asset Management directive will be presented to ITSG in Q1 2012/2013.
|3. The CFO, in collaboration with the CIO, should establish a consistent, documented and communicated procurement process for acquiring IM/IT assets that enforces appropriate segregation of duties across all regions and headquarters.
|The CIO will issue a directive under the policy on the governance of IM/IT that will specify the processes and authorities for the procurement of IM/IT professional services and hardware and software. The CIO will work with the DG, Corporate Accounting and Materiel Management to ensure that the necessary controls and reporting capabilities exist to support these processes. These measures will include dedicated procurement capacity, monitoring, tools and templates, etc.
The CIO will also encourage greater use of the centralized procurement of IT assets which may address such issues as the segregation of duties with respect to procurement and receipt as was observed during the audit.
|Status: Request to close
As of 31/03/2012:
The Directive on IM/IT Procurement Authorization was approved by the DGIOC in early March 2012. Communication forthcoming.
AES: substantially implemented. Closed.
|4. The CFO should establish and maintain a complete inventory of IM/IT contracts, SLAs and MOUs The CFO, in collaboration with the CIO, should also formalize a process to perform appropriate cost-benefit analyses for IM/IT service agreements based on strategic significance.
|The CIO will specify the parameters for defining and measuring performance of acquired services, service agreements, and Memoranda of Understanding that pertain to IM/IT. This will include the requirement for an explicit statement of the expected benefits associated with the 3rd party arrangement, and the means and periodicity of reviewing and reporting. The CIO will endeavour to define a standard approach for the determination of benefits realized from such arrangements. This requirement will be communicated in the form of a Directive under the policy on governance of IM/IT. The CIO will develop an inventory of these agreements which will be reviewed by the Information and Technology Stewardship Group, and monitored on an annual basis.
As of 30/09/2012:
The advent of the Directive on IM/IT Procurement Authorization, which includes provisions for all responsibility centre managers (RCMs) to appropriately code IM/IT expenditures, will allow for centralized reporting to identify where funds are allocated with agreements both inside and outside the Information Management Branch (IMB).
All RCMs with coded IM/IT expenditures will be required to submit Benefits Realization (BR) responses to the Chief Information Officer (CIO) where such expenditures are identified as a contract or other agreement.
BR template(s) are being reviewed by IMB. Once finalized, they will be distributed to Information and Technology Stewardship Group (ITSG) for discussion at an upcoming meeting. The BR template(s) will capture Benefits associated to the various contracts, MOUs, and SLAs as they relate to IM/IT. The template(s) will be completed in Q3 2012-13.
In Q4, the BR template(s) will be used to analyse the MOUs implemented between IMB and internal clients. In Q1 of 2013-14, the analysis will be presented to ITSG.
In parallel, a Benefits Realization Directive will be drafted for presentation to ITSG in Q4 2012-13.
Given the volume of contracts to support the maintenance of existing IT assets (software and systems support) with external organizations (including other Government Departments – Shared Services Canada (SSC), Public Works and Government Services Canada (PWGSC)), BR for these will be phased in throughout fiscal year 2013-14 as contract renewals are processed.
AES: Implementation ongoing
|5. The CFO, in collaboration with the CIO and ADMs responsible for regional operations and staff, should finalize a Departmental IM/IT strategy to which local strategies and processes align across all regions and headquarters. Root causes of inconsistent practices should be addressed to establish a consistent approach to managing IM/IT initiatives across the Department.
|The CIO will complete and obtain approval of the draft IM/IT Strategy. This strategy will provide the context for the policy on the governance of IM/IT and will form the basis for plans and activities across the Department's sectors and regions.
|Status: Request to Close
As of 31/03/2012:
The IM/IT Strategy was approved by the Departments Operations Committee in February, 2012. Communications forthcoming.
AES: substantially implemented. Closed.
Thank you for your feedback