Library and Archives Canada
Symbol of the Government of Canada

Institutional links


Archived Content

This archived Web page remains online for reference, research or recordkeeping purposes. This page will not be altered or updated. Web pages that are archived on the Internet are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats of this page on the Contact Us page.

Response of Library and Archives Canada Management and - Accountability Framework Assessment Round V (2007–2008)


The Government of Canada expectations for stewardship are to ensure that every institution has a "departmental control regime (assets, money, people, services, etc.)" that is "integrated and effective," and that its "underlying principles are clear to all staff."

Stewardship includes a large number of administrative, control and institutional planning functions. LAC undertakes to institute the required tools and mechanisms that will help it engage in integrated resource management and achieve the best possible outcomes. The institution will also ensure that sound management is taken up by all employees.

TBS uses no fewer than eight indicators to assess LAC's performance on stewardship. LAC's evaluation highlights excellence in efficient procurement, which benefits from a governance structure and a wide array of proactive measures aimed at improving its operational efficiency. Yet TBS recommends that LAC create an internal strategy for progress in effective information management, with special attention to internal audit functions to improve their effectiveness.

Indicators TBS evaluation
12. Effectiveness of information managementOpportunity for improvement
13. Effectiveness of information technology managementAcceptable
14. Effectiveness of asset managementAcceptable
15. Effective project managementAcceptable
16. Effective procurementStrong
17. Effectiveness of financial management and controlAcceptable
18. Effectiveness of internal audit functionOpportunity for improvement
19. Effective management of security and business continuityAcceptable

TBS recommendations:

Effectiveness of Information Management

  • LAC's internal information management (IM) function is in a unique position to adopt the outputs of the ADM Task Force on Recordkeeping initiatives. LAC should:
    • Include mechanisms to continuously evaluate and modify IM accountability in the corporate governance structure.
    • Establish an internal IM strategy including timelines, resource estimates, risks and mechanisms to continuously evaluate and modify IM implementation.
    • Develop and register personal information banks and classes of personal information to ensure that all personal information under the institution's control is appropriately described in accordance with the Privacy Act.
    • Ensure that all information relevant to the institution's functions, programs, activities and related information holdings is described in the Info Source publications.
    • Review LAC's corporate governance and business processes to ensure effective representation of internal IM.

Effectiveness of Information Technology Management

  • The organization should strengthen the information technology plan to include: opportunity assessment methodology (including criteria, prioritization, partnerships, synergy with others); high-level cost analysis of savings, reallocation, trends; implementation planning details; and a portfolio management approach (reporting, monitoring, governance).
  • The organization should establish a performance measurement framework for the management of information technology with developed key performance indicators based on industry and government best practices. The resulting performance metrics should be used to guide information technology investment decisions.

Effectiveness of Asset Management

  • Special purpose properties should be administered by program departments so that progress under way to review and realign real property occupancies is supported.
  • Resolve any issues related to the administration of special purpose real property with a view to appropriate custodianship.

Effective Project Management

  • LAC could benefit from integrating project management practices at all levels (senior management to operational levels) to share best practices in project management horizontally between information technology project management, facility project management and other areas.

Effective Procurement

  • The organization would benefit from conducting periodic audits, evaluations and reviews of its procurement management, and incorporating the results into continuous improvement.

Effectiveness of Financial Management and Control

  • Strengthen financial management documentation and procedures in respect of interdepartmental settlements.

Effectiveness of Internal Audit Function

  • The audit report reviewed should be improved by providing more context regarding the risks as well as a management action plan with the Office of Primary Interest.
  • Attention is required regarding the chief audit executive independence and internal audit charters.

Effectiveness Management of Security and Business Continuity

  • A work plan should be developed and approved by senior management to guide the continuous improvement of the organization's security program. It should include activities required to address deficiencies identified in the MAF assessment, with attention to the following priorities: (1) completion and formal ratification of the Departmental Security Policy (2) management of Information Technology Security – Risk Management and (3) completion of business continuity plans and arrangements.

Action plan:

Information Management

  • LAC is taking action to enhance its performance in the areas of Info Source and IM:
    • LAC ensures that the information provided is coherent with its official publications, its website and communication products. Thus, the information in the Info Source will be up-to-date with the institution's programs, initiatives and activities.
    • A rigorous comparison between English and French has been processed to ensure congruency between the original and revised translation.
    • LAC has undertaken a compete inventory of its personal information banks so as to describe them in Info Source (the work will be completed in June 2009).
  • Because of its functions and mandate, LAC is fully aware of the need to improve information management. To that end, the institution commits to undertaking the following activities:
    • LAC will set up a new internal committee on IM to continuously assess and modify IM accountability (September 2008).
    • LAC will implement an internal IM strategy that includes a new internal email management policy based on government standards (December 2008).
    • LAC will develop an information architecture that will align LAC's PAA, Business Activity Structure Classification System (BASCS) functions, business processes, content types, roles, projects and other facets pertaining to LAC business and management information (Fall 2008).
  • To ensure ongoing improvement of the contents of Info Source, LAC will continue the following activities:
    • The sectors that create and use the databases will handle the description of the personal information data banks (September 2008 to March 2009).
    • LAC will develop a control mechanism to ensure that no database containing personal information will be created without first having been described correctly (September 2008 to March 2009).
    • LAC will restructure the Info Source based on the institution PAA (September 2008 to March 2009).

Information Technology Management

  • To enhance the effectiveness of information technology management, LAC commits to doing the following:
    • LAC will continue to develop its information technology strategic plan, its portfolio management approach through selection, prioritization methodology, monitoring and reporting, and will further develop partnerships with clients and its governance structure and process (2008–2010).
    • LAC will continue to develop its information technology key performance indicators based on industry best practices such as control objectives for information and related technology, and information technology infrastructure library; LAC will also further develop its information technology services program and support processes (2008–2010).

Asset Management

  • LAC is currently developing a comprehensive custody transfer plan of its special purpose facilities in line with TBS directions. The custody transfer plan will address the proposed approach and set timelines for the transfer of custodianship. An implementation plan, which will address specific issues and requirements, will follow (Spring 2009).
  • A long-term investment plan is being developed as part of the process to acquire custody of LAC facilities. This plan will identify the highest priorities and risks (Spring 2009).

Project Management

  • LAC will continue to develop its project and portfolio management discipline and will implement the TBS policy on project management. LAC will develop tools, templates, guidelines, conduct information sessions and presentations, and communicate via its Intranet site (2008–2010).


  • Decentralized procurement activities awarded by responsibility centre managers are already subject to monitoring and control functions conducted by the procurement unit. Written procedures/policies within LAC, with clear definitions of roles and responsibilities as well as frequent interaction with senior and operating management promote sound procurement management within the institution.
  • LAC will increase the number of post-contract evaluations (Fall 2008).

Financial Management and Control

  • LAC will determine the documentation needs for managing interdepartmental settlement and develop necessary management documentation and procedures (March 2009).

Internal Audit Function

  • LAC has undertaken concrete actions to improve its internal audit function:
    • A chief auditor was hired, and this new position reports directly to the deputy minister.
    • A draft governance structure was approved, in principle, by the evaluation and audit committee in April 2008 and will be tabled, for approval, at the first External Audit Committee meeting. This new governance structure ensures the independence of the internal audit function.
  • To build the capabilities and effectiveness of its internal audit function, LAC will do the following:
    • An independent external committee will be created (2008–2009). The audit committee charter will be developed and submitted to TBS for approval.
    • The chief auditor will develop an audit charter for the internal audit function (Fall 2008).
    • The chief auditor will develop a human resources and learning plan to ensure that the audit plan is implemented (Spring 2009).
    • The audit plan and assurance engagements will follow a risk-based approach (March 2009).

Security and Business Continuity

  • An annual work plan will be submitted for approval, to guide the continuous improvement of the organization's security program. Security awareness and improving the security of the collection will be a priority for 2008–2009 (September 2008). To address specific deficiencies, the work plan will include the following actions:
    • A roll-out of the institution's security policy is planned (Fall 2008). A security awareness strategy will also accompany the policy (October 2008).
    • LAC will make threat and risk assessment part of its system development lifecycle (November 2008).
    • LAC will implement a certification and accreditation process to ensure the accountability of senior management for their systems (March 2009).
    • Branch business continuity plans will be revised and will be subjected to approval by LAC's Management Board (January 2009). The business continuity plan governance structure is in place and awaiting approval of Management Board (September–October 2008); the business continuity plan policy is drafted and is presently out for consultation (September–October 2008); information technology dependencies and recovery strategies will be developed in 2008–2009 following validation of dependencies; a crisis communication strategy will be developed (November 2008).

Previous | Table of Contents | Next