Follow-up report on the 2014-2015 Procurement practice review “Employment and Social Development Canada information technology services”

“Employment and Social Development Canada Information Technology Services”

March 2018

Promoting Fairness, Openness and Transparency in Federal Procurement

Main points

What we reviewed

1. In 2014-2015, the Office of the Procurement Ombudsman (OPO) conducted a procurement practice review entitled Employment and Social Development Canada, Information Technology Services.

2. In July 2017, OPO asked Employment and Social Development Canada (the Department) to provide information regarding actions taken in response to the recommendations in the above-noted review.

3. The purpose of the follow-up exercise was to determine whether the Department considered and took action, or developed plans, in response to the Procurement Ombudsman’s recommendations. In this regard, OPO assessed the information provided by the Department for overall reasonableness and credibility. This report provides a summary, as well as specific examples, of progress made by the Department in implementing the recommendations from the original review.

Why it’s important

4. There are three main reasons why reporting on progress made in response to the Procurement Ombudsman’s recommendations is important. First, it informs interested stakeholders of specific actions organizations have taken to improve procurement practices. Second, by sharing information on changes being implemented by the organizations whose practices were reviewed, OPO facilitates other federal organizations’ ability to introduce similar improvements. Lastly, the information on the nature and extent of responses to the recommendations provides an indication of the usefulness of OPO’s reviews in promoting fairness, openness and transparency in federal procurement.

What we found

5. The Department stated it took action in response to the two recommendations made in the original review including: updating policies and guidelines regarding contract amendments, task authorizations and file documentation; creating a risk-based monitoring framework for procurement; and conducting monitoring activities, including monitoring of contract amendments. Using a scale provided by OPO^{Footnote 1}, the Department self-assessed the level of implementation of these actions as “full implementation” (level 5). When asked for documentation to substantiate this assertion, the Department provided OPO with supporting documentation for each action.

Introduction

6. OPO published the following report in June 2015:

• Employment and Social Development Canada, Information Technology Services

Objectives

7. The objectives of this follow-up review were to determine:

• Whether the Department considered the recommendations made by the Procurement Ombudsman in the June 2015 review with respect to its procurement practices;
• Whether action plans to respond to the recommendations were prepared and approved; and,
• What actions were undertaken in response to the recommendations, and the extent to which each action had been monitored and completed.

8. OPO expected the Department to have introduced changes to improve its procurement practices in response to the Procurement Ombudsman’s recommendations.

Scope, methodology and timing

9. OPO requested the Department provide information on actions planned or implemented as a result of the recommendations in the original (that is June 2015) review. This report reflects actions reported to OPO by the Department up to September 2017.

10. The approach OPO uses for follow-up exercises differs from the approach used in OPO’s procurement practice reviews. The assessment of progress made against recommendations was based upon the Department’s self-assessment and assertions regarding its plans and actions coupled with supporting (that is substantiating) documentation. For each recommendation in the original review, OPO reviewed the information provided for overall reasonableness and credibility. This was done by:

• Verifying whether any contradiction existed between the Department’s assertions and information available from publicly accessible sources or obtained during the original review;
• Analyzing the Department’s responses to understand how its actions addressed the recommendations and whether there were plans to monitor the results or effectiveness of these actions or changes; and,
• Seeking clarification, as required, to ensure a clear understanding of the information and supporting documentation provided by the Department.

11. This report provides an overview of the Department’s assertions, as well as OPO’s assessment, on progress in implementing changes in response to the recommendations contained in the original review.

Assessment of implementation of the department’s actions

Summary of original review findings

12. The original review examined the procurement management control framework in place, as it applied to the procurement of information technology (IT) services, specifically examining the following key elements: internal policies and guidelines; roles and responsibilities; training and guidance; monitoring and reporting; and planning. The original review’s findings for each element are summarized below.

13. The Department’s Procurement Policy and guidelines had been found to be consistent with the Treasury Board Contracting Policy. Nonetheless, OPO’s analysis had noted areas for improvement related to the policies and direction associated with task authorizations (TAs), contract amendments, and documentation requirements.

14. Clear roles and responsibilities had been found regarding procurement, with established procedural checks in place.

15. There had been varying forms of training available and used by the Department, and procurement personnel also proactively offered guidance to other Departmental employees.

16. OPO had found that while numerous monitoring and reporting activities were occurring, a systematic, risk-based approach to the monitoring of Departmental procurement, including a Department-wide challenge function, was not evident.

17. OPO had noted Departmental business planning existed and was supplemented by project procurement plans for all projects greater than $1M, as well as a risk register used by the Department’s Innovation, Information and Technology Branch. While the procurement team did not have a formal plan in place, a list of commonly procured services was published on the Departmental website, including past expenditure amounts.

18. As part of the original review, OPO had examined select procurement files to assess whether the Department’s procurement framework was operating as intended as it related to procuring IT services. Results had showed:

• In 85% (34/40) of the files reviewed, the procurement was competitively tendered and contained appropriate exceptions when procured non-competitively.
• Overall, the Statements of Work on files reviewed were clear with specific deliverables and timeframes. There were, however, 5% of files which had unclear Statements of Work due to vague work descriptions and imprecise deliverables.
• In 90% (36/40) of files, contracts were administered according to policies and guidelines; three of the four exceptions related to TAs.
• While the majority of files were publicly disclosed, in 5% (2/40) of files, the contracts were not disclosed on proactive disclosure, as required. OPO had been informed that due to the new financial system the Department had put in place, reporting challenges arose but were being addressed.

Original review conclusion

19. The original review had concluded the Department had a procurement management framework in place to procure IT services, and the framework was consistent with applicable legislation, regulations, policies and guidelines. In addition, the majority of files reviewed had been procured and administered in compliance with the framework. As such the original review noted no systemic issues with the Department’s procurement practices had been found. The procurement practices used by the Department to acquire IT services had been consistent with relevant policies, legislation and the principles of fairness, openness and transparency, with some exceptions noted.

20. Good practices had been recognized with regard to: the proactive offering of guidance from procurement staff to clients; the use of a risk register to enhance branch planning; and the establishment of capacity-on-demand contracting vehicles to support the execution of IT projects quickly and with less administrative effort.

21. Areas for improvement had been identified in the procurement management framework, specifically with regard to policies and direction to support the administration of contract amendments, TAs, and file documentation. The lack of a systematic, risk-based approach to monitoring had also been identified.

22. The original review noted that, following the examination work but prior to the publication of OPO’s report, the Department developed a “Risk-Based Monitoring Framework: Procurement” document, which had been provided to OPO during the report clearance process.

23. The Procurement Ombudsman recommended the Department continue to improve its procurement policies and practices in order to support consistent and compliant procurement practices for IT services by:

1. Updating internal policies and guidelines in key areas relating to amendments, TAs and file documentation; and
2. Taking the necessary measures to ensure a senior management sanctioned risk-based approach to monitoring Departmental procurement activity is applied consistently across the Department.

Summary of departmental response to follow-up

24. The Department stated it took action on both recommendations made in the original review, and that all of these actions were fully implemented. The Department provided substantiating documentation for the actions.

Response to recommendation 1

25. In response to the Procurement Ombudsman’s first recommendation, the Department stated it had updated its internal policies and guidelines in the areas of amendments, TAs and file documentation, and shared the updated documents with procurement personnel. In addition, it communicated the change to the TA process to Departmental employees.

26. In October 2016, the Department shared information with procurement personnel to clarify amendment coding requirements in the Department’s financial system (SAP). This information was also included in instructions for procurement specialists, which was published in January 2017. In addition, in July 2017 the Department revised the “Amendment” section of its Procurement Policy. All procurement personnel were notified of this change through a Procurement Bulletin.

27. Regarding TAs, the Department stated changes to how TAs were handled began in July 2016. Procurement specialists were provided with instructions on how to manage expired TAs in the Department’s financial system to ensure usage was accurately reflected in financial reports. Subsequently, in October 2016, the Department’s Procurement Policy was amended to add sections addressing outline agreements and contracts with TAs. Finally, a Procurement Bulletin was issued in June 2017 to advise Departmental employees of changes to the TA process under a specific subset of contracts.

28. The Department also stated it developed guidelines for procurement file structure, which were shared with procurement personnel in May 2017. These guidelines contain details on the records to be kept on file for the different types of contracts issued by the Department, and should assist in ensuring consistent file documentation moving forward.

Response to recommendation 2

29. In response to the Procurement Ombudsman’s second recommendation, the Department stated it developed a Risk-Based Monitoring Framework for the Department, which includes a detailed and stand-alone Risk-Based Monitoring Framework for Procurement. The Procurement Monitoring Framework was approved by the Department’s Chief Financial Officer in January 2016 and the Department has monitored its procurement in accordance with this framework since April 2016.

30. The Department also stated it produced monitoring reports regarding confirming orders, amendments, comprehensive land claim agreements, general monitoring, and was preparing to monitor sole-source contracts.

Assessment of the response

31. The Department stated it implemented a number of actions to respond to the Procurement Ombudsman’s two recommendations. All actions were reported, by the Department, as being fully implemented. The Department provided documentation to substantiate the actions taken.

32. Regarding the first recommendation, the Department introduced and communicated a series of changes to its policies and guidelines in the areas of contract amendments, TAs, and file documentation.

33. Regarding the second recommendation, the Department developed a Risk-Based Monitoring Framework for Procurement and monitoring was undertaken by the Department in a number of areas, including amendments.

Conclusion

34. The Department considered the Procurement Ombudsman’s recommendations from the original procurement practice review and provided information on its plans and actions. The Department stated it had fully implemented all actions to respond to the Ombudsman’s recommendations, and provided documentation to substantiate this statement. OPO’s analysis found the Department’s response (that is the self-assessment and the substantiating documentation) to be reasonable and credible. OPO noted that all of the actions were implemented, many well in advance of this follow-up review.

Annex A—Office of the Procurement Ombudsman Recommendations and the Department’s Responses

OPO recommendations	Department’s responses
The Procurement Ombudsman recommended ESDC improve its procurement policies in order to support consistent and compliant procurement practices for IT services by: 1. Updating internal policies and guidelines in key areas relating to amendments, Task Authorizations and file documentation.	a) On 2016-10-18 shared information with Procurement Staff to clarify amendment coding requirements in SAP. This information was included in the myEMS (SAP) instructions for ESDC Procurement Specialists which was published on 2017-01-04. On 2017-07-21 ESDC revised the Amendment section of the ESDC Procurement Policy to address the deficiencies as identified in the OPO review. A Procurement Bulletin was shared with all Contracting Officers announcing this change on 2017-07-26. b) ESDC has developed Procurement File Structure guidelines which were shared with procurement staff on 2017-05-31. c) On 2016-07-28 Procurement Specialists were provided with instructions on how to manage expired Task Authorizations in SAP to ensure usage is accurately reflected in reports. On 2016-10-31 the ESDC Procurement Policy was amended to add sections addressing Outline Agreements and Contracts with Task Authorizations. On 2017-06-07 ESDC issued a Procurement Bulletin to advise clients of changes to the Task Authorization process under the Capacity on Demand Contracts for Project Management and Business Services which will allow the department to better monitor and manage the contracts.
The Procurement Ombudsman recommended ESDC improve its procurement policies in order to support consistent and compliant procurement practices for IT services by: 2. Taking the necessary measures to ensure a senior management sanctioned risk-based approach to monitoring departmental procurement activity is applied consistently across the department.	ESDC has developed an Integrated Risk Based Monitoring Framework which includes a Risk-Based Monitoring Framework for Procurement. This Framework (Procurement) was approved by the Chief Financial Officer of ESDC on 2016-01-14 and risk-based monitoring has been performed in accordance with this framework since Q1 16/17. Since implementing the monitoring framework ESDC has performed the following monitoring activities based on risk: Confirming Orders Amendment Monitoring General Monitoring CLCAs ESDC will be doing a monitoring exercise on Sole-Source contracts during Q2 of 17/18.

Date modified:

2018-11-01