Audit of the Governance Framework over Information Management
Appendix C: Management Action Plan
| Recommendations | Action Plan | Responsibility | Target Date |
|---|---|---|---|
| 1. IMTB should enhance the current IM Strategic Plan by developing IM standards, an IM performance measurement strategy and an IM human resource plan. | In consultation with TBS (functional owner of IM) and LAC (functional authority for record keeping), IMD will develop or update IM standards. | Information Management Directorate | CIC IM Standards will be completed by March 31, 2012. |
| In consultation with CIC stakeholders (all sectors and regions), IMD will update the IM Strategic Plan that will include an IM performance measurement strategy and IM human resources plan. Approvals will be obtained from the Knowledge and Information Management Committee, MAC and ExCom. | Information Management Directorate | October 31, 2011. | |
| 2. IMTB should ensure that the IM Strategic Plan is presented to ExCom for their review and approval. This would generate organization-wide visibility and would serve as a mechanism to enlist the support of senior managers in communicating and promoting IM-aware behaviours. | IMD will present the updated IM Strategic Plan to ExCom for approval. | Information Management Directorate | October 31, 2011 |
| 3. IMTB should enhance the current IM Strategic Plan by developing a detailed risk mitigation plan. | In consultation with CIC stakeholders (all sectors and regions), IMD will update the IM Strategic Plan to include a detailed risk mitigation plan. Approval will be obtained from the Knowledge and Information Management Committee, MAC and finally from ExCom. | Information Management Directorate | October 31, 2011 |
| 4. IMTB should ensure that the Project Charter approval process for all IM/IT initiatives includes sign off from the Director, Information Management. | IMD will submit this recommendation to the IMTB Management Committee for approval. | Information Management Directorate | September 30, 2011 |
| 5. IMTB should investigate the root causes of the lack of RDIMS adoption in order to develop and implement a remediation plan. | The RDIMS software that presently exists at CIC is approaching the end of its life and therefore IMTB is now focused on implementing a newer, robust solution called GC Docs (ECM LiveLink 10). The movement to this newer solution is in accordance with the Government of Canada’s new direction to deliver Document and Records Management (DRM) functionality as a Software, as a Service (SaaS) for federal departments that is consistent with the GoC IM Strategy, IM policy, directives and standards, and aligned to departmental requirements and the ITSS Community Cloud Security Framework. Consequently, IMTB will not be investing additional resources to inquire as to the root causes for the lack of adoption of the RDIMS tool. IMTB will instead invest time and resources into advancing the GC Docs (ECM LiveLink 10) solution at CIC. IMD is partnering with TBS, LAC and best of breed GoC implementers of Electronic Record Document Management Software (EDRMS) to build IM business requirements to ensure that the GC Docs implementation addresses the root causes of the issues associated with RDIMS. |
Information Management Directorate | October 31, 2011 |
| 6. IMTB should investigate options for central storage and tracking of documents that are not stored in RDIMS because of their security classification. | IMTB has begun investigating options for central storage and tracking of documents which are not stored in RDIMS because of their security classification. Implementation will be finalised on March 31, 2014. The following milestones have been identified by the Executive Director of IT Infrastructure Services: |
Computer Operations Directorate; and Information Management Directorate | |
Completion of an IT Security Needs Assessment |
March 31, 2012 | ||
Completion of an IT Security Architectural Design and implementation plan; and |
March 31, 2013 | ||
Implementation of a Secret IT Network |
March 31, 2014. | ||
| 7. IMTB should ensure that the requirements of MOUs that govern information sharing align with CIC’s IM policies and procedures, and implement measures to ensure that information sharing partners adhere to CIC’s policies under those MOUs. | The creation of the Information Sharing Branch as a central repository for all MOUs has enhanced CIC’s ability to follow through with verification that data sharing agreements will respect the CIC Business Process Mappings and Business Record Definitions. Functional authority for this repository is being transferred to International and Intergovernmental Relations Branch. Making the MOUs accessible and findable will be completed before September 2011. The CIC Library’s public-facing catalogue houses the access points and the electronic storage is presently being studied. The implementation of an information-sharing control framework is a considerably larger and more complex initiative with multiple interdependencies within CIC. Insofar as there are in excess of 500 MOUs that will require the engagement of information-sharing partners, IMTB will need to ensure that it is adhering to the policy requirements that are pertinent to these agreements. To do so, this will require building capacity, as well as reconciling the large volume of MOUs with partners. |
Information Management Directorate; and International and Intergovernmental Relations Branch | March 31, 2015 |
| 8. IMTB should continue with the development of the disposition and retention schedules to ensure compliance with LAC requirements, as well as ensure that compliance with R&D schedules is tracked. | IMTB completed the development of all CIC retention and disposition schedules on May 31, 2011. | IMD in partnership with the CIC functional authorities, regions and LAC. | Completed |
| By March 31st, 2012, CIC will have identified and defined its records of business value. This is in accordance with the TBS Recordkeeping Directive (April 20, 2009). Thereafter, IMTB will begin identifying a compliance tracking methodology that can be used from an operational perspective. | March 31, 2012 |
Page details
- Date modified: