Information Technology Shared Services

Opening Statement to the Standing Committee on Public Accounts

Information Technology Shared Services

(Report 4—2015 Fall Reports of the Auditor General of Canada)

10 March 2016

Michael Ferguson, CPA, CA
FCA (New Brunswick)
Auditor General of Canada

Mr. Chair, thank you for this opportunity to discuss our Fall 2015 Report on Information Technology Shared Services. Joining me at the table is Martin Dompierre, the Principal who was responsible for the audit.

This audit examined whether Shared Services Canada had made progress in implementing key elements of its transformation plan and maintained the operations of existing services. Specifically, the audit focused on Shared Services Canada’s objectives of improving services, enhancing IT security, and generating savings. We also looked at how the Treasury Board of Canada Secretariat assisted and provided governance and leadership on the strategic vision for Shared Services Canada and how it fits into the government IT landscape.

As part of the audit, we consulted seven federal government departments and agencies to get an understanding of how they viewed their collaboration with Shared Services Canada.

Our 2010 audit report on Aging Information Technology Systems indicated that the federal government infrastructure was aging and at risk of breaking down. In turn, this could affect the government’s ability to deliver some essential services to Canadians. The report recommended that a plan be developed for the government as a whole to mitigate risks associated with aging IT systems on a sustainable basis.

In August 2011, the government announced the creation of Shared Services Canada as a new department to manage and transform the IT infrastructure of 43 individual departments, including servers, data centres, human resources, and IT budgets. The IT infrastructure included 485 data centres, 50 networks, and about 23,400 servers.

In 2013, Shared Services Canada developed a seven-year transformation plan to consolidate, standardize, and modernize the Government of Canada email, data centres, and network services. Shared Services Canada committed to maintain and improve the level of IT services and security during the transformation.

Overall, we found that there were weaknesses in Shared Services Canada’s implementation of government IT shared services to date, specifically in managing service expectations with its partners and in measuring and tracking progress on transformation initiatives and savings.

For example, we found that Shared Services Canada did not set clear and concrete expectations with its partner departments in providing IT infrastructure service to support their services and applications. As a result, it could not show if and how it was maintaining or improving services. This finding is important because Shared Services Canada needs to understand whether its services meet its partners’ needs. As the recipients of these services, Shared Services Canada’s partner departments need to have confidence that the levels of IT service they receive from Shared Services Canada adequately support their ability to deliver services to Canadians.

In addition, we found that Shared Services Canada rarely established expectations or provided sufficient information to partners on core elements of security. This is important because Shared Services Canada plays an important role in implementing Government of Canada security policies, directives, standards, and guidelines to ensure the security of government IT shared services. As the government’s IT infrastructure service provider, it is important that the Department collaborate with partners to manage security threats, risks, and incidents to help protect the government’s critical IT-related assets, information, and services.

Finally, we found that Shared Services Canada did not have consistent financial practices to accurately demonstrate that it was generating savings. For example, there was no standard costing methodology in place to determine savings and there were incomplete baselines to measure total savings generated. This finding matters because Shared Services Canada spends about $1.9 billion each year to deliver IT services to partners, invest in projects, and fund its operations.

As this audit is a mid-transition review of the Department’s progress in implementing key elements of the government’s IT transformation, our recommendations provide concrete opportunities to look at what has been done so far, and to identify needed adjustments.

Our report makes eight recommendations to Shared Services Canada and one to the Treasury Board of Canada Secretariat. Both entities have agreed with our recommendations.

Mr. Chair, this concludes my opening remarks. We would be pleased to answer any questions the Committee may have. Thank you.