Risk management frameworks are seeing use in governments around the world. The Canadian government is seeing some success with the practice, and they could be a good source for comparable risk assessments. The Canada Revenue Agency is utilizing the practice in their decision-making workflow. Brian Philbin, chief audit executive for the CRA’s Evaluation and Risk Branch, says that their risk assessment tools are easily accessible.
“Our tools are intended to be available to all employees at the agency. They are on the employee portal. We designed them to be simple, not simplistic. Think of a simple app on your phone, but has a lot of strong thinking behind it,” Philbin said. “For you as the user, it is simple to use and it does what you want, but there’s a lot of thinking and programming that sits behind it. People like that simple to use approach. It is very client-centric, but they also like the strong thinking behind it.”
Maxime Guenette, chief privacy officer and assistant commissioner for public affairs at CRA, says that the agency is facing similar challenges to their counterparts south of the border.
“The awareness and the expectations when it comes to privacy management on the part of citizens. Citizens are becoming more savvy, the general data protection regulations in the European Union are pushing envelope on that front, All these notions of consent. The landscape is evolving dramatically.” Guenette said. “In Canada this year, we changed the freedom of information laws… for the first time in 30 years. We are in the process of updating the privacy act as well. The landscape is changing and taxpayers expectations and savviness when it comes to privacy is changing as well. We have to keep pace with that.