Internal Audit Report
Audit of CFIA External Stakeholder Complaints Process

4.0 Appendices

Appendix A: Audit Criteria

The audit criteria were developed from key controls set out in the Treasury Board of Canada Secretariat (TBS) Guideline on Service Standards and the Office of the Comptroller General's Audit Criteria related to the Management Accountability Framework: A Tool for Internal Auditors.

The audit criteria are organized under the lines of enquiry below:

Line of Enquiry 1: Performance Measures and Service Standards

  • 1.1. Management has identified appropriate performance measures linked to planned results. (MAF – RP-2)
  • 1.2. Service standards are relevant, measurable and communicated to external stakeholders and CFIA staff. (TBS Guideline on Service Standards; CFIA Complaints and Appeals Administrative Policy)
  • 1.3. Service standards are met, monitored and accurately reported on to internal and external stakeholders. (TBS Guideline on Service Standards; CFIA Complaints and Appeals Administrative Policy)

Line of Enquiry 2: Communication and Awareness

  • 2.1 CFIA has in place a communications strategy to guide communications and awareness with external stakeholders and Agency employees. (MAF – CFS-5b; TBS Guideline on Service Standards)
  • 2.2 Outreach and communication strategies and activities are implemented to inform external stakeholders and Agency employees on the complaints process. (MAF – CFS-5c; TBS Guideline on Service Standards; CFIA Complaints and Appeals Administrative Policy)
  • 2.3 External stakeholders are able raise a complaint via multiple service delivery channels. (MAF – CFS-5a; TBS Guideline on Service Standards)

Line of Enquiry 3: Continuous Improvement

  • 3.1 Results / outcomes from complaint reviews are formally communicated, considered and used to coordinate and integrate changes to existing CFIA policies and programs. (MAF – PP-2; TBS Guideline on Service Standards)

Line of Enquiry 4: Process and Controls

  • 4.1 Complaints handling processes and controls are efficient and operating in accordance with CAO standard operating procedures. (MAF – ST-16)
  • 4.2 CFIA provides CAO Analysts with the necessary training and tools to support the discharge of their responsibilities. (MAF – PPL-4)
  • 4.3 Records, data and information pertaining to complaints are appropriately secured (MAF – CFS-4c)

Appendix B: Management Response and Action Plan

Audit of CFIA's External Stakeholder Complaints Process

Overall Management Response:

The Chief Redress Officer (CRO) is committed to ensuring the appropriate management response for the recommendations put forward in this audit report. The CRO will track progress on the action plan and provide status reports as required. The Complaints & Appeals Office (CAO) accepts and agrees with the finding of the audit, and will use its recommendations to improve the Office's processes in place so that Canadians can continue to have access to an impartial redress mechanism.

Recommendation 1: The Chief Redress Officer should clarify file documentation requirements and ensure all files adhere to these requirements.

Management Response and Action Plan Implementation Or Completion Date Responsible Lead(s)

The CAO will clearly demonstrate that its transitory documents are for working purposes only and that final files are properly stored electronically for recording purposes.

The CAO will modify its checklist respecting file documentation to include an acknowledgement when a particular step or document is not included in a file, and why.

June 2017 Director, CAO

Recommendation 2: The Chief Redress Officer should ensure all complaint files meet the requirements of the CFIA Security Management Policy with respect to the security marking of files. Additionally, the Chief Redress Officer should periodically review system access to the CAO's electronic database.

Management Response and Action Plan Implementation Or Completion Date Responsible Lead(s)
The CAO will clarify the documentation requirement clearly within its Standard Operating Procedures to include "Protected A" information on all CAO generated documentation as the required information security markings. The CAO will ensure that it continues to protect information as appropriate. June 2017 Director, CAO
The CAO will also review system access to the CAO's electronic database semi-annually (beginning in January 2017) as per its revised policy to ensure its accuracy, and this review will be documented in the CAOs yearly work plan. January 2017 Director, CAO

Recommendation 3: The Chief Redress Officer should develop and implement a communications strategy to help better align communication activities with identified priorities.

Management Response and Action Plan Implementation Or Completion Date Responsible Lead(s)

The CAO will evaluate its communication objectives in order to determine if the current communication activities align with the identified priorities and then will develop a strategy.

If the implementation of the strategy identifies that a communication plan is deemed warranted with specific outreach activities, the CAO will develop a detailed plan.

June 2017 Director, CAO

Recommendation 4: The Chief Redress Officer should undertake a review of the CAO's performance measurement strategy framework to ensure that objectives and performance expectations are appropriate and being met.

Management Response and Action Plan Implementation Or Completion Date Responsible Lead(s)

As described in the report, the CAO first implemented their performance measurement strategy framework in fiscal year 2015-16. As a result, at the time of the audit the CAO had not yet completed a review of its performance measures and service standards.

The CAO will formalize a semi-annual review process of its indicators within its policy to oversee that the office objectives and performance expectations are being met.

January 2017 Director, CAO
The CAO will also review the appropriateness of the performance measurement targets, and use the information collected in the review in order to make informed decision on the targets set out for the Office, and adjust as necessary. After the review in 2017, this review of appropriateness of targets will be done every second year. June 2017 Director, CAO

Recommendation 5: The Chief Redress Officer should implement a strategy and process to broadly inform senior management and CFIA oversight bodies on key themes and systemic issues raised through the complaints process to help promote continuous improvement.

Management Response and Action Plan Implementation Or Completion Date Responsible Lead(s)
The CAO will analyze and develop options for consideration by the CRO, for broadly informing senior management and CFIA oversight bodies with respect to systemic issues that are identified. June 2017 Director, CAO
The CRO will implement a strategy for raising the identified opportunities for improvement to the senior management and oversight bodies at the Agency. December 2017 CRO
Date modified: