| Recommendation | Planned Action on the Recommendation | Responsible Official (position) | Target Completion Date |
|---|---|---|---|
| Recommendation 1 (Medium Risk): The Quality Assurance team should proactively strengthen detection of potential contract-splitting by updating the contracting testing methodology to include the review of all related contracting files. | The contracting monitoring methodology will be modified to ensure that potential contract splitting is more thoroughly assessed by leveraging the existing tools developed by OCG on a quarterly basis. This will ensure that all the relevant files are considered through an automated process. | Director General, CFSPB, CMS | April 1, 2020 |
| Recommendation 2 (Low Risk): Results from quality assurance testing of contracting files should be presented to the Investment Oversight Committee, and include compliance rates, trends, and areas of highest risk in order to inform oversight areas of interest. | The results of QA monitoring (including compliance rates, trends and areas of highest risk) will be presented to IOC annually. Comments and suggestions from the IOC will be incorporated in the planning phases of the next year's monitoring activities. | Director General, CFSPB, CMS | June 30, 2020 |
| The IOC can then use this information to determine its areas of oversight and modify its Terms of Reference as needed on an annual basis. | Director General, CFSPB, CMS | June 30, 2020 | |
| Recommendation 3 (Low Risk): CMS should develop a communication plan to ensure all departmental users are aware of the full guidance and training inventory. | We will compile a list of guidance and training inventory and add the links to our Staying in Touch issues. We will use the above inventory to develop a communication plan in regards to guidance. The plan will include periodic messaging schedule for communication via the @ISED Corporate Communications newsletter. Messages will include links to the established intranet sites. These sites provide a plethora of information on relevant directives and policies, the Shared Travel Services (STS) portal, financial signing authority as well as who to contact for help. Messages will also highlight and link to related articles published in the quarterly Staying in Touch bulletin. | Director General, CFSPB, CMS | March 31, 2020 |
| Recommendation 4 (Medium Risk): CMS should, in consultation with DTSS, establish and communicate consistent records management practices for key corporate controls, including interim compensating controls for system limitations, and monitor their effectiveness. | With the PPMI project, storage of information will no longer be an issue. CMS will seek funding to continue the PPMI project and ensure that all relevant documentation is stored within IFMS. | Director General, CFSPB, CMS | March 31, 2021 |
| In the interim, we are currently working with DTSS to increase storage capacity in IFMS for uploading all our documents. | Director General, CFSPB, CMS | April 30, 2020 | |
| CMS will also provide consistent guidance to the various sectors regarding information management requirements related to key corporate controls. | Director General, CFSPB, CMS | January 31, 2020 | |
| With the implementation of MyIFMS, the delegation issues will be resolved once all sectors are on boarded, as acting memorandums will no longer be required. This process will be automated. | Director General, CFSPB, CMS | February 29, 2020 | |
| Recommendation 5 (Medium Risk): In order to enhance timeliness and ensure consistency in the signing and dating of delegated authorities, CMS should strengthen its monitoring through the payment verification process. | PPMI will introduce electronic signatures and controls will be embedded, ensuring that only individuals with appropriate delegated authority can sign off, with automatic date stamps recorded. | Director General, CFSPB, CMS | March 31, 2021 |
| In the interim, we will resend our "Did you Know" communiqué to the admin community that emphasises the importance of the signature and dating of all documents. | Director General, CFSPB, CMS | December 31, 2019 | |
| These errors are now being communicated to the Director of Finance of each sector on a quarterly basis as part of the quarterly monitoring. CMS will continue to rely on the delegation escalation matrices to enforce compliance. | Director General, CFSPB, CMS | September 30, 2019 | |
| Recommendation 6 (Low Risk): CMS should develop continuous improvement plans for contracting processes and documentation, and report annually to senior management on their effectiveness. | CMM has begun tracking service standards, and will continue to do so. Senior management will be briefed annually. | Director General, CFSPB, CMS | March 31, 2020 |
| CMM will define a continuous improvement regime based on the review of service standards, foundational documents, guidance to users, results of QA activities and other documents. | Director General, CFSPB, CMS | June 30, 2020 |