Algoma District Services Administration Board 

CAO Report – Director of Finance Joint Report

Risk Management 

October 2004 

This month’s report will focus on risk management.  This Board runs five programs which provide services which are inherently risky.  Through Children’s Services we fund operators who care for children.  Through Emergency Medical Services we provide life or death emergency medical care. Through the North Intake Screening Unit we are dealing with very vulnerable and disadvantaged persons who are seeking the basic necessities of life through the Ontario Works application process. Through Housing Services we act as the direct landlord for persons who are primarily elderly, or who have been abused or who may be disabled.  Through Ontario Works we are dealing with primary needs of food and shelter for the most vulnerable segment of our society.  In providing these programs we are dealing with disadvantaged persons and also dealing with significant amounts of money.  The Board also has considerable assets and owns many properties.

Typical risks include but are not limited to:

          - loss of life, injury to service recipients or staff

          - fraud

          - loss of provincial / federal funding

          - loss or deterioration of assets

          - fire / flood loss

          - loss of privacy of service recipients or staff

          - loss of service management status

          - loss of non-profit provider accountability / governance

          - civil liability

As a result of the inherent risks in these programs, risk management is an ongoing focus of the entire management group.  The lead for this activity is the Director of Finance.  Fortunately, his background education as a Chartered Accountant has provided him with an extensive education in various forms of risk management and ways to try to mitigate/minimize these risks. 

As any new program or activity is developed, risk management is part of the planning and implementation.  As events occur, the CAO, Director of Finance and often the program Manager conduct a review to assess and identify risks, take appropriate risk mitigation strategies and if warranted develop new control mechanisms, policies and procedures to try to these risks to an acceptable level.  It must be noted that risk can never be completely eliminated but rather managed to attempt to minimize potential impacts.  The emphasis is always on advance risk avoidance whenever possible rather than after the fact corrective action.  The most difficult task is the identifying of risks that were ingrained into the programs prior to the point of transfer.

The CAO has primary responsibility for the corporate risks of the Board.  The Board Chair also shares responsibility related to Board corporate risk.   Board members have particular responsibilities related to declarations of pecuniary interest and privacy.  The Director of Operations has specific risk management responsibilities for privacy legislation and for buildings used by Board staff, service recipients and Co-tenants.  The Director of Finance is responsible for documenting, evaluating and monitoring the system of internal control with the objective of increasing the assurance that assets and programs operations are safeguarded against risk of fraud or errors. Each program Manager has specific responsibility to identify and reduce risks within their own program. 

Previous reports have focused on the external controls which determine the activities of the Board and its staff.  Each of these reports covered a part of the overall risk management strategy. 

The first report focused on applicable legislation.  See October 25, 2003, Applicable Legislation.  An essential component to risk management is to ensure that we are following the applicable legislation as it relates to programs or the key areas of operations, finance and human resources.  This is a complex matter because so many pieces of legislation impinge on the operation of each program.  In some cases, the legislation is not clear when it comes to implementation details or the applicability of the legislation to unique or infrequent circumstances.  In these instances efforts must be made to ensure the spirit of the legislation is upheld and not just the letter of the law.  As with those administering legislation we have a common law obligation to ensure that we employ due diligence and reasonableness.

The second report focused on the external review processes and entities.  See November 27, 2003, External Review Processes.  The decisions of these bodies provide ongoing direction as to the intent of legislation.  They also provide guidance and standards of conduct when interpreting that legislation and providing services.   In many cases these external bodies ensure that mandatory provincial policies and procedures are adhered to by providing specific recommendations.  Whenever staff are making decisions they must be conscious not just of the legislation but also of the possibility that their decision may be challenged or appealed.  Risks are significantly lowered when staff make decisions which ultimately can be upheld in an appeal process or which adhere to legislative intent.  These decisions must show evidence of due diligence and reasonableness. 

The third report focused on specific program directives, provincial program policies and Local Services Realignment (LSR) program transfer orders.  See January 2004- External Controls.  Again risk is reduced when we ensure directives are followed and provincial requirements set through the LSR process are met.  This is not easy as sometimes directives and procedures follow after the program implementation.  In these cases, prudent common sense is the key to reducing risk. 

The fourth report explained the various mandatory and discretionary software programs which support the delivery of the Board’s activities.    See May 2004- Supporting Software.  A significant amount of the programming in the mandatory provincial systems is designed to reduce error, prevent fraud, match data bases, establish audit paths and prevent unauthorized access.  The non mandatory software which we have selected is also chosen with risk management as a primary requirement.  The provincial software and databases allow for automated data matching to ensure the identity of the recipient and to ensure information is consistent across programs.  All of the software has extensive hierarchies of rights to ensure that only staff who have the authority to take certain actions also have the computer rights to do so.  All the software has imbedded audit trails to track who has produced a particular change in the system.

The sixth report focused on the service contracting process which impacts on each of the five program areas.  See June 2004- Service Contract Management.  These service contracts and the required statistical reporting are very much part of the provincial risk management strategy.  Adhering to them ensures the flow of federal / provincial funds and reduces our risk of recoveries.

This report focuses on the additional internal steps which we take to reduce risk.  Over the years, policies have been developed to ensure risk reduction.  These are placed on a website available to all staff. See the Staff website Employee Information Section:

- Communication, Telephone, use of

- Conflict of Interest Guidelines

- Email Rules

- Health and Safety- Employee and Health and Safety Reps Responsibilities

- Health and Safety - Reporting of Injuries

- Internal Security Measures

- Personnel Files

- Reporting Child Abuse

- Security- card reader access

- Technology and Equipment Policy

- Travel Expense Rules- Mileage Chart

Ontario Works

- Confidentiality

- Harassment Policy

Social Housing

- Confidentiality in Social Housing

Emergency Medical Services

- Ambulance Service Review

- Policies and Procedures Manual (With Checklists)

Board website

Committee Structure, Rules, Conflict of Interest

The above documents are reviewed as new risks become apparent.  We do not consider that these policies are complete and are continuing to develop new policy and amend existing policy as needed.

Summary 

District Social Services Administration Boards are one of the most constraint forms of local governance.  They are subject to a level of accountability far greater than that imposed on other levels of government.  The accountability far exceeds anything which applies to the private sector.  DSSABs are subject to rigid limiting legislation, extensive external controlling agencies and processes, strict LSR requirements, multiple forms of audit and specific service contract reporting requirements.  It operates using provincially mandated software that embodies additional levels of controls and audit functions. 

Given the nature of these programs and the amount of funds involved this is understandable.  However, it is also a significant factor in the cost of program delivery and program support.  Risk Management is a concern for all those involved in social and health programs.  It is becoming more of a concern as our society becomes more prone to litigation and we must take appropriate action to mitigate the potential impact this could have on our Board.  

David Court CAO 

Keith Bell, Director of Finance