2014 VRAB Management Action Plan

Management Action Plans

This management action plan identifies the steps the Board will take to address the recommendations from the report of the Office of the Comptroller General entitled Horizontal Internal Audit of the Protection of Personal Information in Small Departments.

AUDIT RECOMMENDATION MANAGEMENT ACTION AREA RESPONSIBLE EXPECTED COMPLETION DATE


3. Departments should ensure that Privacy Impact Assessments (PIAs) are considered and conducted appropriately when developing new, or substantially modified, programs and activities.


Response: Management agrees with this recommendation.

The Board will :
1. Complete the PIA for the VRAB Scheduling Application

2. Update VRAB's Access to Information and Privacy (ATIP) procedures regarding PIA to include the following steps:
  • Communicate to managers and directors that whenever there is a substantial change or new program or activity involving personal information, they need to complete the Treasury Board Secretariat (TBS) checklist to determine the requirement for a PIA;
  • Document the result of the assessment; and
  • Whenever a PIA is necessary, the PIA is to be conducted before the new program or activity is implemented.


Director of Strategic and Corporate Services






28 Feb 2014 Completed.

30 June 2014
Completed.