This archived Web page remains online for reference, research or recordkeeping purposes. This page will not be altered or updated. Web pages that are archived on the Internet are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats of this page on the Contact Us page.
Criteria: The approach to managing risk to promote and make documentary heritage available is well communicated, understood and implemented by management.
Finding: The RDS has not implemented a formal and standardized risk management approach to ensure uniformity and consistency in the identification of risks and mitigation strategies for all its sectors of activity.
Our assessment was based on the expectation that a documented risk management process would be in place and well understood, and that the risks would be identified and mitigating measures developed and monitored.
In 2009, LAC published a document entitled Handbook on Integrated Risk Management for Managers. The Handbook does not provide a comprehensive approach to risk management and does not make a clear link between mitigating strategies and internal controls. It currently constitutes the major guidance material available to managers to assess operational risks and develop mitigating measures. A new version of the Handbook is under way and will be available to managers once revisions have been completed.
The Corporate Risk Profile identifies the risk that documentary heritage is not accessible to Canadians as one of the four main strategic corporate risks likely to hinder the achievement of the departmental mandate. The RDS has not adopted a formal approach to managing risks. It has, however, applied a risk model with success in some areas. During the review period, evidence of risk management in the RDS was mainly found in the MII charters. This was done summarily and, since the MIIs focus mainly on new initiatives, it does not include all on-going operations and activities in the RDS. There is also evidence that risks were identified when developing options for the Access Policy Framework. Finally, the Framework on Managing Partnering Activities contains standard documentation for the selection, risk assessment, monitoring and measurement of performance for partnering activities. However, since the approach to risk management in the RDS is not standardized, there is no assurance that similar criteria and weighting factors are used in ranking risks.
It was also noted that there was no evidence of involvement by LAC’s Corporate Sector in the RDS’s approach to risk management. There is a need to bring a more collaborative approach to the process by seeking input from, but not limited to, Finance, Legal Services, Human Resources and Strategic Research. This would ensure that all risk factors have been considered.
The Resource Discovery Sector should adopt and implement a formal and consistent risk management approach. This approach should seek the involvement of other corporate sectors when warranted.
Agreed. In 2009, LAC’s management of risk was evaluated. The LAC Corporate Risk Profile was finalized in November 2011. This document lists the risk responses proposed by LAC to meet the identified corporate risks to access, which include program or service design and delivery, and metadata.
In late 2011, LAC decided to restructure its operations around a Chief Operating Officer (COO) model. This model amalgamates all core business operations under one senior officer to ensure better coordination, collaboration and efficiency. As a result of this new model, the RDS ceased to exist on January 16, 2012. Most of it is now part of the Services Branch, and it is expected that the new Services Branch will also include all circulation operations and loans. The Services Branch will work closely within the COO Sector, with the Policy Branch and with the Corporate Sector to develop a risk management approach that will be integrated in its planning. As the accountabilities for planning have not yet been assigned in the COO Sector, it is difficult to identify a lead for risk identification and risk mitigation strategies for any of the branches within the COO Sector. It is also expected that the Corporate Risk Profile will need to be updated further with the adoption of the COO model.