Audit of the Memorandum of Understanding (MOU) between CFIA and CBSA

The timeframe under consideration included the period from January 2005 (date the MOU was signed) to present.

May 2010

Table of Contents

• 1.0 Executive Summary
  • 1.1 Introduction
  • 1.2 Findings and Recommendations
  • 1.3 Statement of Assurance
  • 1.4 Audit Opinion
• 2.0 About the Audit
  • 2.1 Background
  • 2.2 Objective
  • 2.3 Scope
  • 2.4 Methodology
• 3.0 Findings and Recommendations
  • 3.1 Introduction
  • 3.2 Governance
  • 3.3 Control
  • 3.4 Risk Management
• 4.0 Appendix A
  • 4.1 Audit Criteria
• 5.0 Appendix B: Management Response and Action Plan

1.0 Executive Summary

1.1 Introduction

Effective December 12, 2003, by Order-in-Council (OIC), Canada Border Services Agency (CBSA) was transferred control and supervision of portions of the public service within the Operations Branch of the Canadian Food Inspection Agency (CFIA) that provide passenger and initial import inspection services performed at airports and other Canadian border points other than Import Service Centres (ISCs). The OIC assigned responsibility for the initial inspection of imported commercial goods to either CBSA or CFIA depending upon the circumstances of the transaction. As well, a Memorandum of Understanding (MOU) was developed between the two organizations. While the MOU is not a contractual document and does not create legal obligations (i.e. it is not legally enforceable) it formalizes the roles and responsibilities of the signing organizations and lays out the foundation for a cooperative arrangement.

Within CFIA, responsibility for the administration of the MOU and for the execution of the Agency’s activities rest with the Operations Branch and within it, the National Import Control Division.

Audit Objective

The objective of this audit was to provide reasonable assurance that CFIA is in compliance with the terms and conditions of the MOU between CFIA and CBSA. The audit assessed the management controls in place to ensure compliance and also assessed governance, roles, responsibilities and administration to support CFIA import control activities related to the MOU.

Audit Scope

The scope of the audit was national and included all CFIA activities covered by the MOU, as well as management practices for administration of the MOU and delivery of import control related activities as required under the MOU. The audit examined only CFIA related activities and processes, and did not examine CBSA related activities and processes. Further, the scope of this audit was limited to those CFIA-owned activities and controls that relate to import controls from the time of request from an importer/broker up to the point of the release decision of the goods or commodities; activities and controls that occur at the Country of Origin as well as those activities performed post-CBSA release were excluded. The timeframe under consideration included the period from January 2005 (date the MOU was signed) to present.

The audit was carried out between November 2008 and March 2009.

1.2 Findings and Recommendations

Governance

Finding 1.0: Oversight and Execution of the MOU

Mechanisms providing for oversight and execution of the MOU are in place at CFIA, both at National Headquarters and within the Areas. The organizational structures within CFIA allow for a clear delineation of roles and responsibilities, and appropriate linkages between CBSA and CFIA at all levels.

Finding 2.0: Communication

Formal lines of communication have been established between the two agencies at all organizational levels (local, regional, and national) for operational communications, issues identification, dispute resolution and emergency response. Dispute resolution mechanisms appear to require further enhancements, although recent attention in this area is being applied.

Finding 3.0: Information Exchange

Sufficient and appropriate mechanisms exist to exchange transactional information, and update information needs and systems as required. However, beyond the transactional level (i.e., for strategic and operational information), information sharing activities may not be sufficient to support CFIA in its monitoring and decision-making activities.

Finding 4.0: Resource Transfer

Resources committed to transfer in Annex A of the MOU have been transferred to CBSA.

Recommendations – Governance:

1. Executive Director, Operations Strategy and Delivery, together with the Director, National Import Control Division should work with CBSA to enhance information exchange practices and enhance reporting requirements from CBSA on inspection, compliance and enforcement activities carried out on behalf of CFIA.

Control

Finding 5.0: Joint Emergency Preparedness Planning and Exercise

Emergency preparedness contingency plans are not jointly developed and exercised between CFIA and CBSA. Rather, established inter-Agency communication mechanisms are used as the vehicle for inter-Agency cooperation in the event of emergencies.

Finding 6.0: Training of Import Service Centre Personnel

CFIA has in place appropriate and sufficient processes for the training of Import Service Centre personnel.

Finding 7.0: Training of CBSA’s Border Service Officers

While CFIA has processes in place to contribute to the training of CBSA staff, CFIA is not formally engaged by CBSA for the identification of new employee, re-fresher and specific initiative training.

Recommendations – Internal Control:

2. CFIA should complete the development of its Business Continuity Plans and other emergency preparedness contingency plans, and engage CBSA, as applicable, for input into the aspects of plans that may implicate CBSA.

3. Executive Director, Operations Strategy and Delivery, together with the Director of National Imports Control Division should establish a protocol with CBSA as to CFIA’s contribution to regular training and refresher training for CBSA Border Services Officers.

Risk Management Finding

Finding 8: Monitoring, Review and Analysis of ISC and BSO Decisions

Formal mechanisms and practices are not in place for periodic monitoring, review and analysis of decisions made by CFIA’s Import Service Centres and CBSA’s Border Services Officers.

Finding 9: Risk Management Practices

CFIA has in place sufficient and appropriate risk management practices to identify, assess, and treat risks related to CFIA regulated commodities, including mechanisms for communicating risk information internally and to CBSA.

1.3 Statement of Assurance

In my professional judgment as Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria. The opinion is applicable only to the entities examined and within the scope described herein.

1.4 Audit Opinion

In my opinion, the Agency’s import control processes, as they relate to the MOU with CBSA have moderate weaknesses, with low risk exposures related to the control processes relative to the Agency’s compliance with the MOU that require management attention.

Peter Everson
Chief Audit Executive, Canadian Food Inspection Agency

2.0 About the Audit

2.1 Background

The Canadian Food Inspection Agency (CFIA) is responsible for regulating the import of food, plant and animal products. The CFIA also regulates the import of plant products such as forestry commodities, wood packaging and material, grains and field crops, horticultural commodities, insects, plants with novel traits, potatoes, and seeds. The animal health import program regulates the import of live animals, animal products and by-products, semen and embryos.

Effective December 12, 2003, by Order-in-Council (OIC), Canada Border Services Agency (CBSA) was transferred control and supervision of portions of the public service within the Operations Branch of the Canadian Food Inspection Agency (CFIA) that provide passenger and initial import inspection services performed at airports and other Canadian border points other than Import Service Centres (ISCs). The OIC assigned responsibility for the initial inspection of imported commercial goods to either CBSA or CFIA depending upon the circumstances of the transaction.

As well, a Memorandum of Understanding (MOU) was developed between the two organizations. While the MOU is not a contractual document and does not create legal obligations (i.e. it is not legally enforceable) it formalizes the roles and responsibilities of the signing organizations and lays out the foundation for a cooperative arrangement. Within CFIA, responsibility for the administration of the MOU and for the execution of the Agency’s activities rest with the Operations Branch and within it, the National Import Control Division.

2.2 Objective

The objective of this audit was to provide reasonable assurance that CFIA is in compliance with the terms and conditions of the MOU between CFIA and CBSA. The audit assessed the management controls in place to ensure compliance and also assessed governance, roles, responsibilities and administration to support CFIA import control activities related to the MOU.

2.3 Scope

The scope of the audit was national and included all CFIA activities covered by the MOU, as well as management practices for its administration and delivery of its required import control related activities. To ensure complete coverage, all sections of the MOU were included in the scope of this audit. The audit examined only CFIA related activities and processes, and did not examine CBSA related activities and processes, as CBSA conducted a separate Internal Audit of the MOU to examine CBSA’s activities and processes related to it in parallel with the CFIA audit.

Further, the scope of this audit was limited to those CFIA-owned activities and controls that relate to import controls from the time of request from an importer/broker up to the point of the release decision of the goods or commodities; activities and controls that occur at the Country of Origin are excluded. Activities performed post-CBSA releases were also excluded, as these activities fall within the scope of the recently completed Import Controls audit that has been conducted by the CFIA Internal Audit Directorate.

The timeframe under consideration included the period from January 2005 (date the MOU was signed) to present.

2.4 Methodology

All sections of the MOU were included in the scope of this audit. Appendix A contains the audit criteria. The audit criteria were based primarily on the requirements as laid out in the MOU and associated annexes, as well as consideration of CFIA’s overall management of the MOU and associated annexes. The audit criteria spanned the following seven areas:

• Roles and Responsibilities
• Communications
• Compliance, Enforcement and Risk Management
• Contingency Planning
• Training
• Information Exchange
• MOU Administration

The audit was carried out between November 2008 and March 2009. In order to ensure representative and adequate audit coverage, the audit fieldwork included the conduct of interviews with CFIA staff representing various areas of the organization and activity levels, a site visit to the Toronto Area (identified as higher risk), walk-throughs of processes and facilities at the Central Import Service Centre in Toronto, and review of documentation gathered throughout the fieldwork phase to carry out the audit program.

3.0 Findings and Recommendations

3.1 Introduction

This section presents detailed findings from the audit of the Memorandum of Understanding (MOU) between CFIA and CBSA. Findings are based on the evidence and analysis from our detailed audit conduct.

In addition to the findings presented below, observations of conditions that were non-systemic and of low materiality and risk have been communicated to management for their consideration.

3.2 Governance

Finding 1.0: Oversight and Execution of the MOU

A clear delineation of roles and responsibilities, supported by an enabling organizational structure is necessary to support efficient and effective oversight of the MOU and related activities. This is particularly the case in a regionally decentralized operation.

The audit found that roles and responsibilities are clearly established and understood, enabling effective Headquarters oversight and Area operational effectiveness. In practice, governance is enabled by the presence of a clear and well understood organizational structure, allowing for a clear delineation of accountabilities at all levels. Job descriptions of key personnel, such as Area Import Coordinators exist and also support clear roles and responsibilities. Oversight committees within CFIA and inter-agency fora and points of contact exist and are used regularly to identify, discuss and resolve issues and in some cases, such as the ED-DG meetings, are becoming more formalized, through the planned creation of terms of reference.

Several structures exist within CFIA to enable operational oversight. The Agency Import Coordination Committee (AICC) is comprised of director-level representatives from all programs, IM/IT, International, Legal (if needed) and the National Import Control Division. The AICC meets semi-annually and more frequently (if specific issues require it). The committee is chaired by the Director, National Imports Control Division. Area personnel use this vehicle to have discussion and resolution. As well, the Operations Working Group, a sub-committee of AICC, meets monthly, via teleconference. The Working Group is chaired by the Manager, National Import Operations and consists of all Area Import Coordinators, who act as the single point of contact in the Areas for imports. Regional working groups also exist to permit the monitoring of activities that fall within the scope of the MOU.

As well, an established regime of inter-agency, bi-lateral committees and regular meetings exists to enable operational oversight. The bilateral meetings are held at various levels in the hierarchy, including the following: President and VP level (also known as Senior Management Committee), DG/ED level, Director level, and the Operational level (e.g., national manager level, region to region).

These mechanisms are used to oversee the MOU and also to execute key aspects of the agreement, including reviewing the MOU to ensure its currency, and to amend it as necessary.  The effectiveness of oversight mechanisms is attributable to the presence of formal controls as outlined above. Established oversight mechanisms provide assurance that risks in relation to misalignment and operational clarity are effectively mitigated.

Finding 2.0: Communication

Effective communication mechanisms are key enablers of good governance, providing the means by which information on issues, risks and performance is identified, shared and resolved.

The audit found that formal lines of inter-agency communication have been established to facilitate responsive communication between CFIA and CBSA at all organizational levels (local, regional, and national) and for all types of operational communications. The organizational structure, established accountabilities and points of contact, as discussed above under Finding 1, all enable appropriate and effective linkages between the two Agencies. Effectiveness of formal controls is strengthened by the quality of personal relationships between CFIA staff and their counterparts at CBSA. The role of the Area Import Coordinator as the key operational link between CFIA and CBSA in the Area and Regions is also a key strength in this area.

Within CFIA, these communication channels are also used for issues identification and dispute resolution. These channels combined with a formal and consistently understood and applied escalation process, allow for daily interaction on issues of disagreement, interpretation and dispute. The chain of escalation corresponds to the Operations organizational structure and is consistently applied across the CFIA operation. In the Areas, communication is facilitated and managed primarily by the Area Import Coordinator, who is the primary CFIA contact for CBSA and MOU-related communications.

While the escalation and dispute resolution mechanism is considered to be generally effective, there remains concern that incidents, once identified and communicated, are not resolved in an adequate or timely fashion. As a result, National Imports Control Division has recently modified its incident monitoring processes, to increase effectiveness in this area. More active involvement of national personnel in the monitoring of incident resolution between Agencies will now take place.

In addition to day-to-day operational communication, the audit also concluded that communication mechanisms in relation to emergency response are appropriate.  Specifically, a formal communications protocol exists at the National level to enable CFIA and CBSA responses to immediate or emergency communications to be coordinated and developed collaboratively. Such communication mechanisms are relevant to issues requiring immediate communications or emergency response with regulated parties or the Canadian Public. Communication with regulated parties and/or the Canadian public at the Area and Regional level is different in nature than at the National level, and tend to be issue-specific. As such, these communications do not follow the same protocol as those issues that require a National response. Issues are resolved through the operational structure, and are escalated through the organizational structure if required (i.e., Area Import Coordinator, Regional Director, Area Executive Director, National level).

Overall, existing communication controls are viewed as effective and adequate. Strengths are attributable to the existence of formally defined and commonly understood roles and responsibilities, good interpersonal relationships and an appropriate organization structure. As a result, CFIA has increased assurance that effective governance, issue and dispute resolution and oversight are in place.

Finding 3.0: Information Exchange

Effective information exchange on both transactional activities and on more strategic items are necessary to support an effective, inter-dependent operation, particularly to ensure that both Agencies are equipped with the necessary information and guidelines to adequately direct and support their activities. In CBSA’s case, information received from CFIA allows them to target and carry out their inspections. This information is generally that which relates to program requirements (e.g., SOPs, targets and look-outs). In CFIA’s case, information received from CBSA on inspections performed permits them to conduct analysis and risk assessment, necessary to support ongoing programming.

The formal sharing of information between Agencies is effected largely through established information systems that comprise the Automated Import System (AIS). On a transactional basis, CFIA’s information needs of CBSA are established by Program requirements and are articulated in CFIA program directives and standard operating procedures. Updates to information needs related to specific commodities and related transactions are identified and shared with CBSA periodically through the use of a formal process, established channels and information systems. The audit revealed that these processes, channels and systems are adequate and effective to identify and communicate information needs from CBSA and to convey information required by CBSA.

Information CFIA obtains from CBSA is not in all cases sufficient to adequately support monitoring and program decision-making by CFIA.  Information required by CFIA from CBSA includes statistics on CBSA release decisions which are required by CFIA for use in programming, tracking and recalls. Such information requirements are identified through the established IRS data transfer requirements.  Concern exists presently that CFIA requires more fulsome information on release decisions than what is currently provided in IRS data transfer. While the IRS data transfer reports provide regular statistics on imported commodities, because IRS does not contain full HS code data, reports are of limited value in support of fulsome program analysis on such things as trends, risk or implications of program changes. In some cases, CFIA has been granted access to CBSA systems (e.g., TITAN for wood packaging inspections) to permit CFIA to better analyze trends in exporter non-compliance, and issue notices to exporting countries – all of which will be useful in helping to modify, as necessary, program requirements. However, this degree of information access is not present in all programs.

Effective out-bound information is attributable to established processes involving both Programs and National Import Control Division personnel. Reporting limitations from IRS are attributable to system limitations and differential use of HS codes. The effect of the current condition in relation to information exchange is some minor level of risk related to program effectiveness.

Finding 4.0: Resource Transfer

Annex A of the MOU outlines the resources that were to have been provided to CBSA, per the transfer of responsibility and resources to CBSA as outlined in the Order-in-Council. The audit confirmed that financial resources committed for transfer were actually and accurately transferred to CBSA. In January 2005, a request for resource transfer from CFIA to CBSA was made by CFIA and CBSA to the Assistant Secretary, Expenditure and Management Strategies Sector. This letter requested an adjustment to each Agency’s respective 2005-06 Main Estimates and the 2005-2006 Annual Reference Level Update (ARLU) to reflect the negotiations between the two Agencies stemming from the reorganization announcement. The request outlined figures by fiscal year to be removed from the CFIA reference levels Vote 30 Operating and added to CBSA vote 10 Operating, as follows.

• Total authorities of 9.93² million for year 2004-05 were to be transferred through the Supplementary Estimates (B)
• Total authorities for 9.957 million for year 2005-06 to 2007-08 and future fiscal years were requested for transfer through the ARLU updates.

A detailed review of the ARLU information indicates that these monies have been transferred.

Recommendations – Governance:

1. Executive Director, Operations Strategy and Delivery, together with the Director, National Import Control Division should work with CBSA to enhance information exchange practices and enhance reporting requirements from CBSA on inspection activity, compliance and enforcement activities carried out on behalf of CFIA.

3.3 Control

Finding 5.0: Joint Emergency Preparedness Planning and Exercise

Effective coordination and preparation for crisis or emergency situations that implicate both agencies is a key internal control activity. In order for CFIA and CBSA to provide a coordinated, effective, and timely response in the event of a crisis or emergency situation, we would expect the agencies to cooperate in the development and exercise of emergency preparedness contingency plans and business continuity plans.

The audit found that CFIA does not jointly develop emergency preparedness contingency plans with CBSA. As CFIA and CBSA do not jointly develop emergency preparedness contingency plans, cooperative exercise of emergency preparedness contingency plans does not occur.

In the event of an emergency or incident, the established inter-Agency communication mechanisms are used to raise and address issues. The audit found evidence that these inter-Agency communication forums have historically been used to address emergencies, including the 2008 melamine from China situation and the 2007 avian influenza outbreak. CFIA also participates in broader joint planning and emergency management activities, such as federally-run (Public Safety/DND) tabletop exercises that engage multiple departments and agencies, and the inter-departmental DG Working Group on Border Management (co-chaired by CBSA and Public Safety Canada).

At the time of the audit, CFIA’s business continuity planning (BCP) templates were under development, and as such, the extent of CBSA’s involvement in CFIA’s BCP development could not be assessed. AIRS, a key information system supporting communication and information exchange between CFIA, CBSA and Importers/Brokers, is designated a mission critical system, and practices are established for communicating with Importers/Brokers and CBSA in the event that AIRS is down. Interviewees indicated that this process is documented and joint service level agreements between CFIA and CBSA and Importers/Brokers are in place, but these documents were not provided and therefore could not be assessed as part of the audit. 

The absence of joint emergency preparedness contingency planning and exercise is attributable to the fact that the agencies rely on established inter-Agency communication mechanisms to coordinate and collaborate as necessary. The absence of joint emergency preparedness contingency planning activities can result in inefficiency and/or ineffectiveness and may result in misaligned responses in the event of emergency situations.

Finding 6.0: Training – Import Service Centre Personnel

The provision of sufficient and appropriate training is a key internal control for ensuring that personnel have the necessary knowledge, skills and tools to achieve program objectives. As such, we would expect CFIA to have in place sufficient and appropriate practices for the training of ISC staff.

The audit found that the CFIA has sufficient and appropriate practices in place for training ISC staff. New ISC employees receive several weeks of training in CFIA’s legislative, regulatory and enforcement obligations and ISC procedures and protocol. The audit found that the ISC training manual covers all of CFIA’s program areas and is up-to-date with current CFIA policies and procedures.  Subsequent to the provision of classroom training, new employees shadow an experienced ISC employee for a period of time (which may vary), and on an on-going basis, ad hoc training needs may be identified by the ISC supervisor. Re-fresher training is not considered necessary by the ISCs, as new or revised program information is regularly communicated to ISC personnel (via email or updates to AIRS), and ISC staff are expected to stay up-to-date on new import and inspection requirements.

The practices in place for training ISC staff provides increased assurance that ISC personnel have the knowledge, skills and tools necessary to carry out their responsibilities. 

Finding 7.0: Training – CBSA Border Service Officers

The provision of sufficient and appropriate training is a key internal control for ensuring that personnel have the necessary knowledge, skills and tools to achieve program objectives. As the provision of Training by CFIA is a requirement of the MOU, we would expect CFIA to have in place sufficient and appropriate practices to contribute to the training of CBSA’s border service officers (BSOs), as they carry out work that relates to CFIA’s programs at border points.

As per the scope of the audit, the currency of training, tools and resources in place at CBSA for BSOs was not assessed. The audit found that CFIA has practices in place to contribute to CBSA’s training, tools and resources. When the MOU was first established CFIA was engaged by CBSA to contribute to the development of the CBSA training program; since that time CFIA has not been engaged by CBSA to assist in training new employees, developing re-fresher training material or training specific to new initiatives.

On an on-going basis, when CFIA legislation, policies and directives change, CBSA is formally notified and responsible for updating their own standard operating procedures (i.e., with CFIA review) and training programs. Additionally, the audit found that CFIA periodically offers to provide training to CBSA staff or provide supplementary material to support CBSA inspection SOPs and activity, as a result of items raised by CFIA staff (e.g., veterinarians or inspectors) or through CFIA’s incident management process.

Recommendations – Control:

2. CFIA should complete the development of its Business Continuity Plans and other emergency preparedness contingency plans, and engage CBSA, as applicable, for input into the aspects of plans that may implicate CBSA.

3. Executive Director, Operations Strategy and Delivery, together with the Director of National Import Control Division should establish a protocol with CBSA as to CFIA’s contribution to regular training and refresher training for CBSA Border Services Officers.

3.4 Risk Management

Finding 8.0: Monitoring, Review and Analysis of ISC and BSO Decisions

Periodic monitoring, review and analysis of decisions made by CFIA’s ISCs and CBSA’s BSOs are key mechanisms for providing CFIA with information to discharge its responsibilities, including ensuring compliance with CFIA’s Acts and Regulations. As highlighted in Finding 3.0 above, such information permits CFIA to conduct analysis and risk assessment necessary to support ongoing programming.

The audit found that formal channels or mechanisms are not in place for CFIA to conduct periodic monitoring, review and analysis of CBSA release decisions, nor is authority to do so specifically articulated in the MOU. However, practices are in place to track, escalate and resolve issues once they are identified with respect to CBSA release decisions. Additionally, evidence exists that some programs within CFIA have arrangements to receive specific data from CBSA that is used to understand non-compliance and issue notifications to exporting countries. As an example, the Forestry Division within Programs Branch receives databases every four months containing data of the wood packaging inspection activities carried out by CBSA at four marine ports. As an additional example, CFIA receives quarterly statistical reports from CBSA regarding the enforcement of the Agriculture and Agri-food Administrative Penalties Act (AA AMPs) as it relates to food, plant and animal interceptions conducted by CBSA at select border points.

With respect to ISCs, the audit found that scheduled monitoring of release recommendations made by ISC staff is not conducted. However, the design of work processes (within the ISC and within the broader workflow) and periodic supervisory review provide mechanisms for the monitoring of release recommendations and service levels. The audit found evidence of periodic supervisory review and communication with staff as a result of the identification of errors or issues.

The effect of the current condition in relation to periodic monitoring, review and analysis of decisions made by CFIA’s ISCs and CBSA’s BSOs is some minor level of risk related to CFIA’s program effectiveness, as CFIA may not have sufficient and complete information to support analysis and risk assessment in support of ongoing programming.

Finding 9.0: Risk Management Practices

Effective risk management is a key control activity that enables an organization to identify, assess and respond to risks that may impede the achievement of objectives. In the context of this audit, we would expect the Agency to have in place risk management practices that allow the Agency to identify, assess and respond to risks that relate to the import of CFIA-regulated commodities. We would also expect to CFIA to have practices in place to communicate risk information both internally and to CBSA for action.

The audit found that CFIA has practices in place for the ongoing identification, assessment, and treatment of risks related to CFIA regulated commodities, including risks arising from the import and in-transit movement of food, agricultural inputs and agricultural products for travelers and commercial imports.  Formal processes and tools exist within the agency to enable these activities, including clear roles and responsibilities and linkages across Programs, Science and Operations for risk management activities.

Audit results indicate that mechanisms exist to keep risk information current, based on regular identification and review of relevant sources of risk information.  As risk information is identified or revised, mechanisms are in place to communicate the information and its implications for actions both within CFIA and to CBSA. Key mechanisms that are particularly pertinent to this audit include: updates to AIRS, routing import requests through EDI/ACROSS based on risk level, issuing lookouts to communicate specific cases or situations, and the use of established inter-Agency communication forums.  

The practices that CFIA has in place for identifying, assessing and responding to risks that related to CFIA-regulated commodities, combined with the communication mechanisms that the agency has in place both for internal communication and communication with CBSA provides assurance that potential risks resulting from the import of CFIA-regulated commodities will be managed. However, risk management practices must be complemented by sufficient and appropriate training, tools and resources, to provide increased assurance that risk information will result in personnel taking sufficient and appropriate actions when faced with potential risks.

4.0 Appendix A

4.1 Audit Criteria

Area #1: Roles and Responsibilities

1-1 Authority, roles, and responsibilities for oversight of the CFIA-CBSA MOU are established and implemented and communicated to all stakeholders.

1-2 Authority, roles, and responsibilities for CBSA/CFIA import inspection activities are documented and communicated, so that decisions and actions are taken by the appropriate individuals.

1-3 Authority, roles and responsibilities for the enforcement of Acts and Regulations are specified and include assessment, recording, collection, and redress.

Area #2: Communications

2-1 Effective communications channels are established to communicate operational, program and other information between CFIA and CBSA and between CFIA and Brokers/Importers.

Area #3: Compliance, Enforcement and Risk Management

3-1 Effective and efficient mechanisms exist for ensuring CFIA’s compliance with Acts and Regulations.

3-2 Effective and efficient mechanisms exist for Enforcement of Acts and Regulations.

3-3 Significant border risks are identified and assessed collaboratively by CFIA and CBSA for food, agricultural inputs and agricultural products entering the country by land, air, and water.

Area #4: Contingency Planning

4-1 Mechanisms exist for providing a coordinated and effective response by CFIA/CBSA at times of crisis and/or outbreaks.

Area #5: Training

5-1 CBSA Border Security Officers (BSO) are provided with the necessary training, knowledge, skills, and tools to achieve the program objectives.

5-2 CFIA Import Service Centre (ISC) personnel are provided with the necessary training, knowledge, skills and tools to achieve the program objectives.

Area #6: Information Exchange

6-1 Relevant Information is identified and communicated to meet obligations under CBSA or CFIA legislation.

Area #7: MOU Administration

7-1 Mechanisms are in place for the effective management and administration of the MOU.

7-2 Mechanisms exist to recover costs associated with extra activities required by CFIA.

7-3 Mechanism exists for CBSA to recover fees under Section 28 of CFIA Act.

7-4 Mechanism exists to coordinate the administration, implementation, and operation of MOU.

7-5 Mechanism exists for resolving disputes with respect to MOU.

7-6 Mechanism exists to keep the MOU, appendices, and annexes current.

7-7 Amendments to MOU or termination are made by mutual consent between CBSA and CFIA.

7-8 Mechanisms exist for periodic assessment of the use and distribution of sensitive CBSA information held by CFIA.

5.0 Appendix B: Management Response and Action Plan

Audit Recommendation

Governance:

1. Executive Director, Operations Strategy and Delivery, together with the Director, National Import Control Division should work with CBSA to enhance information exchange practices and enhance reporting requirements from CBSA on inspection activity, compliance and enforcement activities carried out on behalf of CFIA.

Control:

2. CFIA should complete the development of its Business Continuity Plans and other emergency preparedness contingency plans, and engage CBSA, as applicable, for input into the aspects of plans that may implicate CBSA.

Control:

3. Executive Director, Operations Strategy and Delivery, together with the Director of National Imports Control Division should establish a protocol with CBSA as to CFIA’s contribution to regular training and refresher training for CBSA Border Services Officers.

¹The 2008 December Report of the Auditor General of Canada observed on the Exchange of Information.

² Employee benefits plan contributions in the amount of $1,216 K related to the 2004-05 transfer were already covered by existing Parliamentary Authority and therefore not included in the Supps B submission.

³The 2008 December Report of the Auditor General of Canada observed on the Training of CBSA Staff.

⁴Monitoring in this context is not intended to infer supervisory oversight of Border Services Officers, but for the purpose of ensuring awareness of actions for CFIA planning and risk management activities.