|
Workplace Safety and Insurance Board Executive Summary
|
Issued: November 27, 2006 Print version  [ 133 kb / 12 Pages ]Related Documents: Related Documents Table of Contents |
Introduction
From March to May of 2004, an independent audit of the Workplace Safety and Insurance Board (WSIB) was conducted by Grant Thornton LLP on behalf of the Internal Audit Division of the Management Board Secretariat serving the Ministry of Labour. An Independent Third Party Audit report was prepared which included several issues and recommendations for enhancements throughout the organization. The recommendations were identified to improve the efficiency and effectiveness of management practices and to improve internal controls.
Deloitte & Touche LLP (Deloitte) was engaged by the Ministry of Labour to perform a follow up review of the recommendations identified in the 2004 Independent Third Party Audit Report of the WSIB. Each recommendation identified in the Independent Third Party Audit Report was reviewed to determine whether the recommendation had been assessed by the WSIB and the extent to which each recommendation had been addressed and the related action steps (or tasks) implemented. There were some recommendations in the report that were addressed by the WSIB but the authority to implement the recommendation resides with the Provincial Government (Ministry of Labour).
Approach and Overall Findings
There were 64 recommendations contained in the 2004 Independent Third Party Audit Report of the WSIB in the following areas:
- Corporate and Administrative Services
- Investments
- Corporate Project and Program Management
- Information Services Division Effectiveness and Efficiency
- Modern Controllership
The Corporate and Administrative Services section was further broken down into the following areas:
- Budget Process and Financial Operating Results Oversight
- Past Value for Money Audits
- Procurement
- Board of Directors and Executive Expenses
- Grants
- Facilities Planning and Management.
The complete list of the 64 2004 Independent Third Party Audit Report recommendations is provided in Appendix 2 in the full report.
The WSIB assessed and identified action steps to address each recommendation contained within the 2004 audit report that was within their control and developed an audit response plan that was aligned with eight key modern management areas:
- Board and Management Governance
- Strategic Leadership
- Clear Accountability
- Shared Values and Ethics
- Motivated People
- Integrated Performance Management
- Rigorous Stewardship
- Mature Risk Management.
The WSIB identified 72 distinct tasks within these eight modern management areas and accountability was established by identifying a leader for each distinct task who was responsible for completing the assigned task. The complete list of the 72 distinct tasks is provided in Appendix 3 in the full report.
The WSIB provided a mapping document which aligned the 72 distinct tasks (or action steps) in their audit response plan to the 64 recommendations in the 2004 Independent Third Party Audit Report. In some cases one task specifically addressed one recommendation while in other cases there were multiple tasks that were required to address a single recommendation. More details on this mapping process are provided in Appendix 4 in the full report.
The WSIB provided a baseline status update for each of the 64 recommendations as of April 1, 2006. This baseline status update provided the WSIB with the opportunity to outline the tasks that had been completed by the organization in response to the recommendations.
Deloitte Overall Findings
On an overall basis, the WSIB has made significant progress in responding to the 64 recommendations in the 2004 Report. All of the recommendations were assessed by WSIB. The WSIB comprehensive response approach included the mapping of tasks to address each recommendation. In addition the WSIB developed solutions to the root cause of the underlying issues, aligned to the eight modern management areas identified above.
The action steps (or tasks) identified by WSIB to substantially address 59 of the recommendations have been completed. In five of these instances, the WSIB has addressed the recommendation to the extent possible but the authority to complete the recommendation resides with the Provincial Government (Ministry of Labour). The remaining action steps required for four of these recommendations are expected to be completed in 2006.
The WSIB identified, initiated and completed a number of action steps in a further five recommendations. These are evolving processes and the WSIB has plans in place to further develop these areas to practice maturity with time horizons beyond 2006. These plans will include the implementation of tactical solutions to enhance adoption of processes as they are entrenched into the WSIB culture. We recommend that WSIB management continue to monitor the activities that are not fully complete to ensure that appropriate action steps continue to be taken.
Based on our review of the information provided as described in the Project Approach, Section 3 in the full report, the WSIB has established many business processes and controls that are adequate and appropriate to promote sound business practices. As with any organization, establishing and maintaining an effective risk management and control environment will require effective and continuous monitoring of the organization’s changing enterprise wide risks for possible additional control requirements as well as the continuous monitoring of existing controls to confirm they are designed and operating effectively.
More detailed Deloitte findings are provided in Section 4 in the full report.
The 64 recommendations in the May 2004 audit report were reviewed by Deloitte and summarized as follows:
| 1. |  |
The WSIB has completed the recommendation as stated in the 2004 audit report. |
| 2. |  |
The WSIB has assessed the recommendation and implemented action steps intended to address the substance of the underlying issue. The WSIB has determined that no further action is required. |
| 3. |  |
The WSIB has assessed the recommendation and implemented action steps which substantially address the recommendation. The WSIB intends to complete the remaining action steps in 2006. |
| 4. |  |
The WSIB has addressed the recommendation to the extent possible but the authority to complete the recommendation in the 2004 audit report resides with the Provincial Government. |
| 5. |  |
The WSIB has assessed the recommendation and has begun to implement an action plan with time horizons beyond 2006, intended to ensure continuous improvement as this area matures. |
The following table summarizes the extent to which each recommendation has been assessed and completed.
|
|
|
|
|
Total | |
|---|---|---|---|---|---|---|
| Corporate and Administrative Services | ||||||
| Budget Process and Financial Operating Results Oversight | 4 | 2 | 1 | 0 | 0 | 7 |
| Past Value for Money Audits | 1 | 0 | 0 | 0 | 0 | 1 |
| Procurement | 5 | 1 | 0 | 0 | 0 | 6 |
| Board of Directors and Executive Expenses | 6 | 1 | 0 | 0 | 0 | 7 |
| Grants | 1 | 0 | 1 | 0 | 0 | 2 |
| Facilities Planning and Management | 2 | 0 | 1 | 0 | 0 | 3 |
| Investments | 1 | 0 | 1 | 2 | 0 | 4 |
| Corporate Project and Program Management | 13 | 0 | 0 | 1 | 2 | 16 |
| Information Services Division Effectiveness and Efficiency | 9 | 0 | 0 | 0 | 3 | 12 |
| Modern Controllership | 3 | 1 | 0 | 2 | 0 | 6 |
| Total | 45 | 5 | 4 | 5 | 5 | 64 |
WSIB Management Comments
The WSIB has been committed and dedicated to acting upon the recommendations for further improvement outlined in the original audit. The WSIB is on a journey of continuous improvement and has taken this opportunity to build on our organizational excellence and accomplishments. We have worked diligently over the last 18 months to respond to and address all the recommendations in the original audit that are within our control.
To properly address these recommendations, the WSIB developed an Audit Response Plan that is aligned with the eight key modern management areas identified in the audit. In order to embed sound management practices throughout the organization, we have not only responded to the audit recommendations but have developed solutions to the root cause of the issues identified. The WSIB has established and instituted sound policies and processes to improve the overall governance and management practices of the organization that will become fully integrated and entrenched into the WSIB culture and work ethic.
The WSIB’s new Modern Management Model (previously referred to as Modern Controllership) has paved the way for the WSIB to embark on a journey that will springboard the organization into the future, while ensuring we remain open, accountable and transparent to the government, workers and employers of the province.
WSIB senior management wishes to thank Deloitte for their input into improving business practices at the WSIB.
Review of Status of Recommendations
The following section provides additional commentary related to the recommendations in the 2004 Independent Third Party Audit Report.
Corporate and Administrative Services
Budget Process and Financial Operating Results Oversight
|
|
|
|
|
Total | |
|---|---|---|---|---|---|---|
| Corporate and Administrative Services | ||||||
| Budget Process and Financial Operating Results Oversight | 4 | 2 | 1 | 0 | 0 | 7 |
| Past Value for Money Audits | 1 | 0 | 0 | 0 | 0 | 1 |
| Procurement | 5 | 1 | 0 | 0 | 0 | 6 |
| Board of Directors and Executive Expenses | 6 | 1 | 0 | 0 | 0 | 7 |
| Grants | 1 | 0 | 1 | 0 | 0 | 2 |
| Facilities Planning and Management | 2 | 0 | 1 | 0 | 0 | 3 |
| Total | 19 | 4 | 3 | 0 | 0 | 26 |
- 2004 Recommendations #1, #2, #3 and #7 – completed
- 2004 Recommendation #4
Current practice should be codified into policy for monitoring budget overruns. The policy should ensure that approval is required prior to the expenditure being incurred and should address circumstances that trigger Board of Directors approval. As well, the policy should provide for accountability by Division and require Board of Directors approval for overages at the Divisional level rather than overall WSIB budget.
The WSIB has codified their current procedures for monitoring budget overruns into the WSIB Budget Control Policy. This policy requires that the Board of Directors are apprised of potential WSIB budget overruns related to overall WSIB administrative expenses and capital expenditures. The Board of Directors must approve any expenditure in excess of the overall budget prior to the disbursement of funds. The WSIB Budget Control Policy does not require Board of Directors approval for budget overruns at the Divisional level. Overages at the Divisional level are managed by each Cluster Chief and overages at the Cluster level are managed by the President. The WSIB has determined that as a number of the divisions are relatively small, this ensures that the Board of Directors does not get directly involved in operational level management and trade-offs. The WSIB has concluded that no further action is required.
- 2004 Recommendation #5
The delegated authorities should be reviewed for appropriateness to ensure that the Board of Directors is sufficiently apprised and involved in the approval of budgetary overruns.
The delegated authorities for the approval of budgetary overruns have been reviewed by the WSIB and codified into the WSIB Budget Control Policy. The WSIB Budget Control Policy does not require Board of Directors approval for budget overruns at the Cluster or Divisional level. Overages at the Divisional level are managed by each Cluster Chief and overages at the Cluster level are managed by the President. The WSIB has determined that as a number of the divisions are relatively small, this ensures that the Board of Directors does not get directly involved in operational level management and trade-offs. The WSIB has concluded that no further action is required.
- 2004 Recommendation #6
The Audit and Finance Committees should be independent of each other as their focus and accountabilities are different. The Finance Committee should be responsible for reporting and monitoring financial performance, while the Audit committee would be responsible for ensuring appropriate checks and balances in place, including oversight of reporting.
The WSIB conducted a review of the mandate of the Audit and Finance Committee which included benchmarking governance, oversight and reporting practices to best practices. The mandate of the Audit and Finance Committee was approved by the Board of Directors, after receiving input to the proposed revised mandate from the Statutory External Auditor and the Office of the Auditor General of Ontario. It was determined that the mandate is effectively that of an Audit Committee and that issues normally before a Finance Committee do not exist due to the nature of WSIB business. Therefore, the WSIB has determined that the Audit and Finance Committee will not become two separate entities. The WSIB will consider changing the name of the Audit and Finance Committee to the Audit Committee in 2006.
Past Value for Money Audits
- 2004 Recommendation #8 – completed
Procurement
- 2004 Recommendations #9, #10, #11, #13 and #14 – completed
- 2004 Recommendation #12
Implement, communicate and enforce an integrated vendor management system that captures all documentation in a centralized location. (currently invoices, contracts and or agreements are not consistently located in one location).
The WSIB has completed significant work towards implementing an integrated vendor management system to further mature the Strategic Procurement program that captures all documentation in a centralized location. All documentation has now been captured in the procurement and the accounts payable departments. The WSIB believes that this consolidation respects the substance of the recommendation, operationalizes internal control principles and logical separation of duties and leverages operational and process efficiency and effectiveness. The WSIB has concluded that no further action is required.
Board of Directors and Executive Expenses
- 2004 Recommendations #15, #16, #17, #19, #20 and #21 – completed
- 2004 Recommendation #18
Expense reports, procurement card and corporate travel card charges should reflect only those charges incurred by the individual for their own business use. Therefore executives should be assigned both procurement and corporate travel cards. The policies should be updated to reflect the above recommendations and should include appropriate approval processes.
Not all executives at the WSIB possess both a procurement card and a corporate travel card. The WSIB does not require that an executive has a travel or procurement card unless there is a business need. It is the responsibility of the higher delegated authority that approves an executive’s expenses to ensure that all expenses are appropriate. The Travel and Business Expense Policy and the Procurement Policy do not state that expense reports, procurement card and corporate travel card charges should only reflect charges incurred by the individual for their own business use. The Travel and Business Expense Policy requires the most senior individual at a meal to pay on his/her travel card and get approval from the next level of authority. The policies also do not identify the requirement for all executives to have both a procurement card and a corporate travel card. The WSIB has concluded that additional policy modifications are not required at this time.
Grants
- 2004 Recommendation #22 – completed
- 2004 Recommendation #23
There should be periodic monitoring and reporting of all grants to the Board of Directors. This will enhance WSIB’s ability to maintain and demonstrate the transparency and accountability of the granting process.
There are three types of grants authorized by the WSIB: Research Advisory Council (RAC), Health Services and Prevention. A status report is prepared for all RAC grants for presentation to the Board of Directors for their approval. All Prevention and Health and Safety grants are contained within the annual budget and business plan of each division and are reviewed by the Executive Committee in advance of submission to the Board of Directors for approval. Prevention and Health and Safety grants do not need to be reviewed and approved by the Board of Directors unless the grant is in excess of $350,000. The WSIB will provide a formal summary of RAC, Prevention and Health Services grants in 2006 and beyond to the Board of Directors to complete the recommendation.
Facilities Planning and Management
- 2004 Recommendation #24 and #25 – completed
- 2004 Recommendation #26
Optimize opportunities for consultants to work off-site at consultant’s premises rather than housing them at WSIB.
The WSIB has codified the Facilities mid year plan to state that effective January 1, 2006, large projects requiring office space will be charged with occupancy costs. The Facilities mid-term plan establishes, as governing principles, that space is held only within appropriate cost controls and meets business requirements. For future request for proposals (RFPs), the WSIB will also ask for respondents to provide facilities solutions offsite options as part of their response.
Investments
|
|
|
|
|
Total | |
|---|---|---|---|---|---|---|
| Investments | 1 | 0 | 1 | 2 | 0 | 4 |
- 2004 Recommendation #30 – completed
- 2004 Recommendation #29
The terms of reference for the Investment Committee should be reviewed and amended to include
- A shorter term for committee membership, twelve years is too long. An original term with renewals should be restricted to eight or nine years.
- Performance evaluation of commitee members should be formalized, this can be self evaluation or peer evaluation.
- A clause prohibiting the President and Chair from being the Chair of the Investment Commitee.
- There should be a requirement to have a Vice-Chair of the committee, wich should also be a member of the Board of Directors, but not the President or Chair.
- The requirement to have two external members included in the majority for a vote to carry should be amended, such that the external members cannot override the majority rule.
- A requirement for in-camera meeting, at least once annually to provide the committee the opportunity to raise issues.
- Clarify the role of the VP Investments as a resource for the committee.
This recommendation has been assessed and substantially completed by the WSIB. The remaining action steps will be completed in 2006 as follows:
- There is not a requirement in the Statement of Investment Policies and Procedures (SIPP) for in-camera meetings, at least once annually. However, six Board of Directors meetings in 2005 had an Executive Session that was held in-camera. The WSIB will explore in 2006 the concept of an automatic annual in camera meeting with members of the Investment Committee.
- The WSIB has recognized that there should be a formalized annual performance evaluation process of committee members and has investigated potential ways to implement this evaluation. The WSIB has stated that this issue will be discussed in the context of performance review with the Governance and Policy Committee at its 4th quarter meeting in 2006.
- The responsibility resides with the Provincial Government (Ministry of Labour) to determine both Board size and selection/appointment of members. The WSIB has addressed this recommendation to the extent possible. The Investment Committee holds an advisory capacity providing investment advice to the Board of Directors who has the ultimate voting responsibility.
- 2004 Recommendation #27
The composition of the Investment Committee should ensure that the membership has a majority of members from the Board of Directors to ensure accountability. Adoption of this recommendation would need to be in conjunction with a review of the composition of the Board of Directions to ensure that there is sufficient number of Board members to populate the committees with the appropriate skills and experience.
The responsibility resides with the Provincial Government (Ministry of Labour) to determine both Board size and selection/appointment of members. The current composition of the Investment Committee consists of a majority membership of external representatives. The Investment Committee provides investment advice to the Board of Directors who have the ultimate voting responsibility to make decisions based on the information and advice provided. The recommendation has been addressed to the extent possible by the WSIB.
- 2004 Recommendation #28
The size of the Board of Directors should be increased to at least nine members to provide for broader representation and broader skill bases and experience from which to populate the committees. We recognize that Board members are appointed by the government and accordingly this would require discussion related to the appointment process.
The responsibility resides with the Provincial Government (Ministry of Labour) to determine both Board size and selection/appointment of members. The recommendation has been addressed to the extent possible by the WSIB.
Corporate Project and Program Management
|
|
|
|
|
Total | |
|---|---|---|---|---|---|---|
| Corporate Project and Program Management | 13 | 0 | 0 | 1 | 2 | 16 |
- 2004 Recommendations #33, #35, #36, #37, #38, #39, #40, #41, #42, #43, #44, #45 and #46 – completed
- 2004 Recommendation #31
Effective corporate governance requires organizations to implement controls and assurance practices to ensure they have received value for money from the investment in projects and risks are managed. A critical part of managing project risk where contributions from external vendors is a significant part of the solution, is the negotiation of a contract that not only protects the organization’s interests, but also envisages, and prepares the organization, for the “worst case”, such as a non-performance, or a breakdown of the relationship.
We recommend that WSIB adopt a policy that requires critical governance roles related to large project management and execution, such as Quality Assurance, Legal Support, Risk Management and Internal Audit to be clearly documented, and segregated from Project Sponsorship responsibilities.
The WSIB has performed significant work towards the completion of this recommendation. Quality Assurance is a key practice of mature project management and the WSIB will continue to support the quality assurance practice as a key area of focus for further development to practice maturity. The WSIB requires additional effort within its Quality Assurance practices. Within these practices, there is a need to formalize policies or for a specific function that is assigned these responsibilities.
- 2004 Recommendation #32
Project managers are responsible for ensuring that appropriate management practices are applied to the project and that the desired business outcomes are achieved. Use of consultants for any project activities does not reduce WSIB’s responsibility for the continuing management of any program or project. Project Managers should not be obtained from the same vendor that performs other significant project roles or provides significant resources to the project. If WSIB does not have sufficiently experienced personnel to fill program or project management positions, then these positions should be filled by contract with a third party that is independent of the project consultants. Further, risk management and quality assurance positions should be independent from the project consultants.
The WSIB has performed significant work towards the completion of this recommendation. The quality assurance positions are not independent from project functions as these activities are conducted throughout the lifecycle of the project but the organization currently lacks a specific quality assurance area. Quality Assurance is a key practice of mature project management and the WSIB will continue to support the quality assurance practice as a key area of focus for further development to practice maturity.
- 2004 Recommendation #34
We also recommend that Board of Directors governance policy require that at least one member of the Board of Directors have recognized IT oversight experience.
The responsibility resides with the Provincial Government (Ministry of Labour) to determine the selection/appointment of members.
The recommendation has been addressed to the extent possible by the WSIB.
Information Services Division Effectiveness and Efficiency
|
|
|
|
|
Total | |
|---|---|---|---|---|---|---|
| Information Services Division Effectiveness and Efficiency | 9 | 0 | 0 | 0 | 3 | 12 |
- 2004 Recommendations #47, #48, #49, #50, #52, #53, #56, #57 and #58 – completed
- 2004 Recommendation #51
It is also recommended that the Information Systems (IS) Division develop and implement performance measures to allow IS Division and stakeholders to understand the degree to which the “four statements of intent” are being achieved. This may comprise Balanced Scorecard measuring activities and initiatives that contribute to the statements of intent combined if necessary to provide an index measure that can be associated directly with the statement of intent.
The WSIB’s IT strategic plan identifies the organization’s four critical strategic statements of intent and has developed tactical approaches and potential associated costs to address them. However, the IT strategic plan has recently become a component of the annual planning process and tracking of achievements across defined tactical approaches is at its initial stages. Therefore, this is an evolving process and the WSIB has plans to continue to implement tactical approaches and monitor for effectiveness.
- 2004 Recommendation #54
A leading practices based enterprise wide standards framework based on industry accepted standards such as the Information Technology Infrastructure Library, should be adopted for the entire WSIB IT organization. Current standards should be reviewed to ensure they are in compliance with the framework, and standards “gaps” identified and addressed in risk priority order.
This recommendation has been fulfilled from a development and initial implementation perspective (ITIL framework has been developed). Operationalizing this is part of an ongoing operating plan, which has a multi-year implementation horizon to enhance adoption and increase effectiveness.
- 2004 Recommendation #55
Services should be provided based upon pre-defined business service requirements. These service levels should be stipulated as specifically as possible so that they can be measured and mechanisms to measure compliance should be put in place. Through negotiation with the vendor the cost of providing required service levels should be assessed against the benefits and criticality of the service levels, and appropriate penalties and contract incentives should be included in vendor contracts.
Service specific criteria which would identify specific measurable service levels based on customer defined service requirements should be selected on an individual basis for every service.
Service level agreements content should avoid superfluous process descriptions and inclusion of related service level criteria should be referenced where necessary and not inserted into the body of the service level agreement.
WSIB is currently piloting its first “eChannel” service, providing IT services directly to the WSIB customer (employers). WSIB must establish clear and measurable service levels for all of its significant IT services and ensure that the measurement of these service levels is carried out and services performance improved when they are not meeting pre-defined standards.
WSIB has implemented a Service Level Management Framework based on ITIL. Pre-defined service levels are assigned during the procurement of services and they are monitored through OLA's. However, the monitoring of OLA's and attached sanctions for deviations in vendor service agreements is an evolving process which WSIB recognizes will change over the years as maturity with the process is gained.
Modern Controllership
|
|
|
|
|
Total | |
|---|---|---|---|---|---|---|
| Modern Controllership | 3 | 1 | 0 | 2 | 0 | 6 |
- 2004 Recommendations #62, #63, and #64 – completed
- 2004 Recommendation #60
In light of the recent reorganization of WSIB senior management into the “four clusters”, job descriptions and performance expectations of newly created positions of Chiefs should be formalized and communicated.
The WSIB prepared job descriptions for the newly created positions due to the internal reorganization of WSIB senior management. However, the identified job responsibilities within each job description are not job title specific to every senior management position. The emphasis on job performance and development is individualized by the WSIB through performance development plans and performance evaluations. The WSIB has concluded that no further action is required.
- 2004 Recommendation #59
Best practices would suggest that the role of the Chair and President should be separated and held by two individuals. Formal job descriptions that clearly articulate the roles and responsibilities for both positions should be provided.
Subsequent to the completion of our field work for the follow-up review, the Government of Ontario appointed, Steven W. Mahoney to the position of Chair of the Board of Directors of the Workplace Safety and Insurance Board. He succeeded Jill Hutcheon, the former Interim Chair, who continues as the WSIB’s President and CEO.
The formal job descriptions that articulate the roles and responsibilities for the Chair and President have been prepared. In October 2006, the job descriptions were approved by the offices of the Deputy Minister and the Minister of Labour. The job descriptions have been submitted to the Public Appointments Secretariat for filing.
- 2004 Recommendation #61
The size of the WSIB’s Board of Directors is small and should be increased to at least 9 members to provide for broader representation, skill base and experience.
The responsibility resides with the Provincial Government (Ministry of Labour) to determine both Board size and selection/appointment of members. The recommendation has been addressed to the extent possible by the WSIB.
The detailed findings for each of the recommendations are contained in Section 4 of the full report.
Deloitte would like to take this opportunity to extend our appreciation for the courtesies and co-operation extended to our representatives by WSIB throughout this engagement.
© Deloitte & Touche LLP and affiliated entities.
Deloitte, one of Canada's leading professional services firms, provides audit, tax, consulting, and financial advisory services through more than 6,200 people in 50 offices. Deloitte operates in Québec as Samson Bélair/Deloitte & Touche s.e.n.c.r.l. The firm is dedicated to helping its clients and its people excel. Deloitte is the Canadian member firm of Deloitte Touche Tohmatsu.
Deloitte refers to one or more of Deloitte Touche Tohmatsu, a Swiss Verein, its member firms, and their respective subsidiaries and affiliates. As a Swiss Verein (association), neither Deloitte Touche Tohmatsu nor any of its member firms has any liability for each other's acts or omissions. Each of the member firms is a separate and independent legal entity operating under the names "Deloitte," "Deloitte & Touche," "Deloitte Touche Tohmatsu," or other related names. Services are provided by the member firms or their subsidiaries or affiliates and not by the Deloitte Touche Tohmatsu Verein.
