Audit of the Explosives Program - AU1806
Audit and Evaluation Branch
Natural Resources Canada
Presented to the Departmental Audit Committee (DAC)
October 11, 2018
TABLE OF CONTENTS
EXECUTIVE SUMMARY
INTRODUCTION
Natural Resources Canada’s Explosives Safety and Security Branch (ESSB) is responsible for administering Canada’s Explosives Act and Regulations. ESSB is comprised of two divisions: the Explosives Regulatory Division (ERD) and the Canadian Explosives Research Laboratory (CERL). The ERD authorizes and licences the use of explosives and oversees a compliance inspection and restoration program. In addition to managing finished-goods explosive products, ESSB also regulates certain high-risk chemicals known as precursor chemicals (i.e. restricted components). Through licensing and inspection activities, ERD ensures that manufacturers, importers, exporters, and vendors of explosives, as well as those who store explosives, comply with Canada’s Explosives Act and Regulations, and works to keep explosives and precursor chemicals out of the hands of criminals and terrorists. CERL directly supports ERD in the advancement of explosives safety and security technology, through research and the classification of explosives.
Explosives are defined by Canada’s Explosives Act as “any thing that is made, manufactured or used to produce an explosion or a detonation or pyrotechnic effect, and includes any thing prescribed to be an explosive by the regulations.” Explosives are manufactured for use in various commercial and industrial applications including oil and gas exploration, mineral mining, pipeline, tunnel and highway construction as well as many other applications. Given the inherent dangers associated with improper use, manufacturing and handling of explosives, inappropriate explosives management practices may potentially pose a high threat to the safety and security of Canadians.
Under the leadership of ESSB, the Explosives Act and Regulations, which came into force in 1920, recently underwent a modernization exercise in response to new and emerging security concerns and evolving industry practices. The modernized Explosives Regulations (2013) effective February 1, 2014, are intended to provide both industry and regulators with greater clarity and enhanced safety and address outstanding obligations under the Public Safety Act regarding permits, collection of information, and security screening requirements. The ESSB has also recently implemented an electronic License Management System (eLMS) which provides individuals and organizations online access to their licensing information at any time. The system allows applicants to apply for/renew applications, make amendments, check the status of submissions and make online payments.
The audit of the Explosives Program was included in the 2017-2020 Risk-Based Audit Plan, approved by the Deputy Minister on March 30, 2017.
STRENGTHS
Overall, the Explosives Safety and Security Branch has demonstrated explosives expertise as evidenced by established processes in stakeholder awareness, outreach and education as well as their active role in both national and international working groups. In an effort to modernize outdated processes, the ESSB has made significant progress in enhancing the Explosives Regulations as well as transitioning manual licensing application processes to an electronic licensing management system.
AREAS FOR IMPROVEMENT
Opportunities were identified to clarify governance mechanisms and strengthen inspection planning by improving the standardization and consistency of compliance activities as well as formalizing the process for tracking and monitoring of inspections.
INTERNAL AUDIT CONCLUSION AND OPINION
In my opinion, the ESSB has taken significant steps in recent years to establish effective processes identifying and addressing stakeholder needs. Opportunities exist to clarify and improve management processes regarding effective planning and allocation of inspector resources.
STATEMENT OF CONFORMANCE
In my professional judgement as Chief Audit Executive, the audit conforms with the Institute of Internal Auditors' International Standards for the Professional Practice of Internal Auditing and the Government of Canada’s Policy on Internal Audit, as supported by the results of the Quality Assurance and Improvement Program.
Christian Asselin, CPA, CA, CMA, CFE
Chief Audit and Evaluation Executive
October 11, 2018
ACKNOWLEDGEMENTS
The audit team would like to thank those individuals who contributed to this project and, particularly employees who provided insights and comments as part of this audit.
INTRODUCTION
Explosives are defined by Canada’s Explosives Act as “any thing that is made, manufactured or used to produce an explosion or a detonation or pyrotechnic effect, and includes any thing prescribed to be an explosive by the regulations.” Explosives are manufactured for use in various commercial and industrial applications including oil and gas exploration, mineral mining, pipeline, tunnel and highway construction as well as many other applications. Given the inherent dangers associated with improper use, manufacturing and handling of explosives, inappropriate explosives management practices may potentially pose a high threat to the safety and security of Canadians.
The Explosives Safety and Security Branch (ESSB) within the Lands and Minerals Sector (LMS) of NRCan aims to protect the safety and security of Canadians and all workers involved in the explosives industry of Canada and is responsible for administering the Explosives Act and Regulations. The Branch has regional representation across Canada, including offices located in Vancouver, Calgary, Regina, Hamilton, Varennes and Fredericton. As at Fiscal Year 2017-2018, ESSB had 66 full-time equivalents (FTE) spread across two divisions: the Explosives Regulatory Division (ERD) and the Canadian Explosives Research Laboratory (CERL).
The ERD authorizes and licences the use of explosives and oversees a compliance inspection and restoration program, partially funded via user fees and regulatory charges. In addition to managing finished-goods explosives products, ESSB also regulates certain high-risk chemicals known as precursor chemicals used as “ingredients” in manufacturing homemade explosives or improvised explosive devices (IEDs). Through these activities, ERD ensures that manufacturers, importers, exporters, and vendors of explosives, as well as those who store explosives, comply with Canada’s Explosives Act and Regulations, and works to keep explosives and precursor chemicals out of the hands of criminals and terrorists. In Fiscal Year 2017-18, 12 field inspectors in ERD were responsible for explosives site inspections in addition to their licensing responsibilities while an additional 11 inspector specialists were responsible for managing security screening, fireworks/pyrotechnics, import, export and in-transit authorization programs. Approximately 18% of all possible inspection sites (4,200 in total) including restricted component sites were inspected.
The research conducted at CERL is primarily aimed at protecting Canadians by improving the safety and security of explosives during manufacturing, transportation and use, and by reducing the harmful effects of explosions. CERL’s research also contributes to national security through its expertise in blast effects and chemical precursors.
Under the leadership of ESSB, the Explosives Act and Regulations, which came into force in 1920, recently underwent a 10-year endeavour to modernize the nearly 100-year old Regulations. The modernized Explosives Regulations (2013) effective February 1, 2014, are intended to provide both industry and regulators with greater clarity and enhanced safety while addressing outstanding obligations under the Public Safety Act regarding permits, collection of information, and security screening requirements. The ESSB has also recently implemented an electronic License Management System (eLMS) which provides the stakeholder base the ability to apply for and renew both permits and certificates, check submission status and pay fees online. The system was the result of a six-year endeavour to build a robust IT system that fulfilled NRCan’s commitment to the Single Window Initiative (SWI) led by Canada Border Services Agency (CBSA). This initiative provided full integration and connectivity with CBSA for the importation of goods across the border.
The audit of the Explosives Program was included in the 2017-2020 Risk-Based Audit Plan, approved by the Deputy Minister on March 30, 2017.
AUDIT PURPOSE AND OBJECTIVES
The objective of the audit was to assess the adequacy and effectiveness of governance, management processes and controls supporting the administration of NRCan’s Explosives Program.
Specifically, the audit assessed whether:
- NRCan has established and implemented governance mechanisms to ensure effective allocation of resources and to support NRCan in its responsibilities for the administration of the Explosives Act and Regulations;
- ESSB has established and employed effective processes to identify and address stakeholder needs; and,
- ESSB has established and employed adequate and effective processes to monitor compliance with the Explosives Act and Regulations.
AUDIT CONSIDERATIONS
A risk-based approach was used in establishing the objectives, scope, and approach for this audit engagement. The following areas were identified as having significance in the achievement of the Department’s explosives management objectives, and were therefore assessed as increased areas of risk for this audit:
- NRCan is responsible for the administration of the Explosives Program (i.e. Explosives Act and Regulations), which directly impacts the safety and security of Canadians. Supporting governance mechanisms are critical to setting the strategic direction, objectives and priorities, and providing clear direction on how resources should be allocated in NRCan’s administration of the Explosives Program.
- ESSB provides specialized expertise to stakeholders and engages in outreach and collaborative activities to identify and address emerging risks in the explosives industry that may impact regulation.
- ESSB conducts monitoring and reporting activities to support compliance activities (i.e. security screening, inspections and issuance of permits and licenses), including the identification of potential instances of non-compliance and misuse.
SCOPE
The scope of the audit focused on ESSB’s explosives regulatory activities during the period March 1, 2013 to March 31, 2018, with emphasis on activities in the last two fiscal years. The decision to exclude the authorization of explosives and research conducted at CERL was made during the planning phase of the audit to ensure focus on the areas of highest risk.
Audits of NRCan’s Occupational Health and Safety Program, and Physical Security Framework were conducted in 2016; and the resulting recommendations are currently in process of being implemented. These audits included site visits and documentation reviews at CERL given that storage and handling of explosive materials were identified as inherently higher risk activities than work conducted in an office setting. The Audit of the Explosives Program considered the status of the recommendations resulting from these audits in order not to duplicate work that has recently been completed.
Similarly, the results of the Audit of NRCan’s activities as a regulator (2016) was considered in order to inform the audit and reduce duplication of efforts.
APPROACH AND METHODOLOGY
The approach and methodology followed the Institute of Internal Auditors' International Standards for the Professional Practice of Internal Auditing and the Government of Canada’s Policy on Internal Audit. These standards require that the audit be planned and performed in such a way as to obtain reasonable assurance that audit objectives are achieved. The audit included tests considered necessary to provide such assurance. Internal auditors performed the audit with independence and objectivity as defined by the International Standards for the Professional Practice of Internal Auditing.
The audit included the following key tasks:
- Interviews with key personnel and site visits;
- Review of key documents, business processes, and communication materials;
- Review of information and documentation pertaining to facilities inspection planning, reporting and post-inspection monitoring; and,
- Review of due diligence procedures in new or renewed licenses and permits.
The conduct phase of this audit was substantially completed in July 2018.
CRITERIA
Please refer to Appendix A for the detailed audit criteria. The criteria guided the audit fieldwork and formed the basis for the overall audit conclusion.
FINDINGS AND RECOMMENDATIONS
GOVERNANCE
Summary Finding
The authority, responsibility and accountability of Natural Resources Canada for the administration of the Explosives Act and Regulations is clearly defined and communicated. The Department’s duty to provide regulatory oversight over the explosives industry is documented in various legislative instruments and communicated to relevant stakeholders; however, the audit team identified opportunities to better document and communicate interdependencies between the several departments and agencies that have a role supporting NRCan in delivering the Explosives Program.
Overall, management processes have been established to inform senior management of the results of the explosives program’s operations as it relates to security screening, licensing, and results of compliance verification activities; however, there are opportunities to enhance the quality, content and frequency of information provided to senior management to support effective decision-making.
Supporting Observations
Adequate governance processes are required for management to effectively exercise oversight and achieve program objectives. The audit sought to determine whether NRCan’s role as Canada’s explosives regulator is clearly defined, documented and communicated and that adequate governance processes exist to support effective decision making and resource allocation.
Authority, Responsibility and Accountability
The Department has clearly communicated NRCan’s authority in regulating the explosive and precursor chemical environment for Canada. The audit noted that, as required by the Explosives Act and Regulations, NRCan has delegated authority to a Chief Inspector of Explosives who is responsible for overseeing the authorization and classification of explosives.
The ESSB’s working relationship with partner organizations is imperative in achieving the objectives of the program. Certain responsibilities identified within the Act require that NRCan work in partnership with OGDs such as CBSA, Transport Canada (TC) and the Royal Canadian Mounted Police (RCMP) in fulfilling the obligations of the Act. CBSA assists NRCan with the administration of the Explosives Act relating to the import, export and in-transit movement of explosives. The audit team noted roles and responsibilities of the two entities are clearly defined in a formal agreement (D-19 memo). Transport Canada’s role in administering the Transportation of Dangerous Goods Act is linked with NRCan’s responsibility in administering the Explosives Act; however, the audit team noted the MOU between TC and NRCan is dated 1985 and does not capture the current relationship. The RCMP and NRCan work collectively under the Explosives Security Partnership to administer safety and security aspects of the Act and its Regulations, including emergency preparedness activities, reporting suspicious transactions and reporting/ investigating incidents of misuse.
Overall, the audit found that the roles, responsibilities and accountabilities of the ESSB for administrating the Explosives Act and Regulations are clearly defined, documented and communicated to relevant stakeholders. The degree of formalization of agreements across provincial jurisdictions, interdepartmental, agency and law enforcement did vary significantly. The audit found that the ESSB has in some cases prepared descriptions of some of these interdependencies; however, they were for one-time use and distribution was very limited. While this approach does meet the needs of those working in close proximity to ESSB operations, having key interdependencies between NRCan and its OGD partners clearly documented would be helpful for communicating the importance of the shared responsibility within NRCan and, in some instances, outside the Department.
Governance Reporting Mechanisms
The current organizational structure places the ESSB within NRCan’s Lands and Minerals Sector (LMS), with ESSB being led by a DG reporting to the ADM, LMS. In order to support effective decision-making, the audit team expected effective governance reporting mechanisms to be established in ERD. The audit team found that while several reporting mechanisms were designed to provide senior management with accurate, complete and timely information to support decision-making, there were periods where these mechanisms were not used.
Historically, an important component supporting decision-making in ERD is the ERD Policy Committee, comprised of the Chief Inspector of Explosives, the National Manager of Licensing and Inspections and the Manager of Specialist Inspectors. The audit noted the committee did not meet in Fiscal Year 2017 and has only met once in Fiscal Year 2018. The committee did not meet during Fiscal Year 2017 as two of the three committee positions were in the process of being staffed during this time and therefore a quorum could not have been reached by the committee.
Providing senior management with regular performance reporting metrics is a key element supporting effective and timely decision making and resource allocation. ERD has taken significant steps in recent years to develop performance indicators and implement a performance monitoring system, reporting on key statistics both quarterly and annually. Quarterly statistics include: number of licenses and approvals issued; number of inspections conducted by type of license/certificate and the associated rating; number of incidents/ accidents; and user fees collected. Annual reporting consists of quarterly statistics mentioned previously but also includes: details of non-conformities and inspection orders; an annual rating summary; targets for higher-risk inspections; and details on inspectorate requirements versus actuals. However, in reviewing the quarterly and annual reporting, the audit team noted that some information and analysis contained in several ERD annual reports was not updated from prior year information. For example, analysis and conclusion sections in the Fiscal Year 2017 report was carried over and unedited for changes from the report covering the prior two Fiscal Years.
RISK AND IMPACT
There is a risk that incomplete/ fragmented documentation outlining roles and responsibilities of NRCan and ODG partners for the delivery of the Explosives Program does not provide sufficient clarity of the key interdependencies. Furthermore, in the event of turnover of key employees existing documentation would not sufficiently inform business continuity.
There is a risk that incomplete information and performance metrics are being reported to senior management in an untimely manner, affecting ESSB’s ability to make informed decisions.
There is a risk that a lack of clarity regarding the intended purpose of a governance body can lead to confusion and inefficiencies.
Recommendations
Recommendation 1: It is recommended that the Assistant Deputy Minister LMS document and make available a comprehensive description of the interdependencies between NRCan and key partners that have a role in delivering the Explosives Program.
Recommendation 2: It is recommended that the Assistant Deputy Minister LMS clearly define performance reporting requirements used in annual reporting for ESSB regulatory activities, including timelines, as well as implement measures to ensure the quality and accuracy of data used in annual and quarterly reporting.
Recommendation 3: It is recommended that the Assistant Deputy Minister LMS review the intended role of the ERD policy committee to determine whether it remains a relevant component of the ERD governance process.
Management Response AND Action Plan
Management agrees with Recommendation 1:
Roles and responsibilities of NRCan and key partners will be included in the ERD Regulatory Background Information folder. This contextual information will provide an historical and current ‘snapshot’.
Position Responsible: Director ERD
Timing: completion by June 30th, 2019.
Management agrees with Recommendation 2:
ESSB will ensure appropriate mechanisms are in place for robust performance-reporting and accurate annual/quarterly reporting.
Position Responsible: Director General ESSB
Timing: completion by June 30th, 2019
Management agrees with Recommendation 3:
The ERD Policy Committee will be formally abolished. Former policies were adopted in the Regulations in 2013, minimizing the need for such a Committee that was required when the previous outdated Regulations were still in place. The existing Divisional Management Committee will address any potential new needs on a project basis e.g. for new regulatory initiatives; in addition to having a strengthened focus on the training/audit program overviewed by the Inspectors Specialists group for ERD’s regulatory and compliance activities.
Position Responsible: Director ERD
Timing: November 1, 2018
STAKEHOLDER MANAGEMENT
Summary Finding
Overall, the ESSB has established effective mechanisms to engage with stakeholders, solicit feedback and incorporate knowledge from various explosives governing bodies. In addition, the ESSB has implemented an electronic license management system (eLMS) in order to provide a secure and streamlined approach for the electronic collection, use and dissemination of explosives licensing data.
Supporting Observations
The transfer of knowledge between NRCan and restricted component/explosives stakeholders allows for efficiencies in administering the explosives mandate and identifying leading practices. The audit team expected that processes to identify and address stakeholder needs would be in place and effective in achieving the goals of the program. In addition, the audit team expected that the ESSB would have a mechanism in place to foster positive relationships with the public, license holders and explosives industry leaders.
Ensuring appropriate safeguards are in place to protect the privacy and confidentiality of data managed by ESSB is critical to the success of the program. The audit team also sought to determine whether effective business processes were in place to safeguard confidential license holder data stored and managed by the Department. This is especially important given the risks associated with inadequately safeguarding confidential information collected and managed by the Department.
Stakeholder Outreach and Engagement
In order to promote awareness of the Explosives Act and its Regulations to both the public and explosives license holders, the ESSB developed the Explosives Security Partnership program. This program educates these stakeholders in various security measures with respect to the sale, use and storage of explosives and precursor chemicals. Publications are made available on the NRCan website where stakeholders can access information regarding: explosives forms; explosives guidelines; safety brochures and posters; explosives standards; and safety alerts. Furthermore, the audit noted the ESSB takes a proactive approach in security awareness and education as demonstrated through presentations delivered by inspectors to vendors. Previous presentation topics have included: include point-of-sale precautions; store security tips; and methods to report suspicious behaviour.
The ESSB engages in provincial and industry consultations for the purpose of identifying the current threat environment and ensuring that provinces, territories and affected OGDs are included in consultative processes in enhancing the safety and security of explosives. These consultations increase awareness and acceptance required to both achieve and enhance ESSB program objectives related to public safety, while not unduly impeding commerce.
The audit noted that a working group led by the Chief Inspector of Explosives had been established in March 2018 to formalize a “Consultative Action Plan”, specifically for enhancing security screening measures. Though in early stages, the consultations have provided NRCan senior management with neutral, timely evidence related to provincial and territorial endorsement of enhancing security screening processes.
The audit also identified that the ESSB actively seeks input from its stakeholders to enhance program delivery and respond to stakeholder needs. The audit found the Chief Inspector of Explosives to be an active participant at industry events, attending and presenting at various conferences and seminars. Most recently, the Chief Inspector of Explosives represented Canada at the “United Nations Globally Harmonized System of Classification and Labelling of Chemicals” public meeting as well as providing ERD updates at a meeting with the Canadian Explosives Industry Association. Active participation in conference and industry events demonstrates ESSB’s commitment to maintaining expertise in the field of explosives and encourages further partnerships helping to identify global leading practices.
Confidentiality of License Holder Data
NRCan is responsible for the management of licenses, permits, certificates for individuals and organizations as mandated by the Explosives Act and its Regulations. Prior to the implementation of eLMS, the ERD utilized a manual license management system (LMS) with a paper-form intake process. The eLMS supports legislated activities by enabling an electronic in-take process for the issuance and renewal of licenses, permits and certificates, and explosive product authorization. This system also accommodates changes from the Explosives Regulations 2013 and includes security-screening capabilities for applicants.
The audit team examined eLMS project documentation, which included an attestation from the Department’s Access to Information Privacy group that identified a Privacy Impact Assessment was not required as there was no change to the information being collected from the prior manual process. It was also identified that documents created and maintained by the system are stored in NRCan’s SharePoint repository, which conforms to record keeping standards and departmental document management policies. The system includes a public facing portal, which leverages the NRCan Corporate ePortal services for authenticating its users. The development of the ePortal was led by the Department’s IT group (CIOSB) in partnership with ESSB based on eLMS architecture. The audit team found that a Security Assessment and Authorization Report was completed for the ePortal system, granting eLMS an interim authorization to operate. Furthermore, eLMS facilitates on-line payments for individuals and organizations applying or renewing for their licenses, permits or certifications using the Receiver General Buy Button.
The audit noted eLMS implemented appropriate security measures to safeguard client information, while providing an integrated, online portal for explosives regulation services. The electronic system promotes internal efficiencies and data integrity through automated processes while minimizing the administrative burden of handling paper applications.
MONITORING, COMPLIANCE AND REPORTING
Summary Finding
Rigorous application and screening processes are pivotal to securing authorized access to precursor chemicals and explosives. Currently, processes are only in place to screen individuals looking to obtain access to high-hazard explosives via federally-issued ESSB licences.
Established monitoring and compliance programs exist; however, ESSB has recognized the need to improve planning processes to ensure a risk-based focus when developing the annual inspection plan.
Overall, it was observed that although inspection and compliance programs have been established, the tendency to rely on a resource-based approach lessens the strategic compliance focus and may result in inconsistent reporting and inspection rating justification.
Supporting Observations
Denying explosives access to individuals who pose a threat to the security of Canada is an integral component of regulating the explosives supply chain. The audit team sought to determine whether security measures for granting access to explosives and/or precursor chemicals were adequate. In order to effectively monitor and report compliance activities, the audit team also expected that planning processes for explosives and restricted component site inspections would encompass a risk-based approach.
Application processes
Applications for access to high-hazard explosives
The August 2014 amendments to the Explosives Regulations introduced the requirement of obtaining an “approval letter”, necessitating all permit, factory and magazine license holders of types E (high), I (initiation systems) and D (military and law enforcement) explosives to undergo prerequisite security screening. The requirement was introduced at the federal level for the purposes of protecting persons, property, and the environment from harm and keeping dangerous substances secure.
In applying for an approval letter, an applicant must submit a criminal record check dated no later than one year prior to the approval letter application date. Alternate screening documents such as a Permis Général, FAST card, NEXUS card, or a Firearms Possession and Acquisition Licence (PAL) are considered an equivalent document, thus an individual holding one of these documents would be exempt from providing a background check.
The audit found that ESSB has implemented processes to conduct due diligence on applicants seeking access to high-hazard explosives; however, the established processes are not always followed. The audit identified one instance where a high-hazard explosives approval letter was provided to an individual who submitted an application with only a vulnerable sector check as opposed to a criminal record check. ESSB was informed of this instance and concluded it was isolated and the result of human error; however, the audit team did not issue a recommendation given the controls and processes in place for granting high-hazard approval were noted to be appropriate.
Though deviations were identified from high-hazard security screening processes, the audit team acknowledges that prior to August 2014, no security screening processes were in place and all measures taken by ERD to increase security controls were without additional resources being allocated by the Department.
Applications for Explosives Other Than High-Hazard
The Explosives Regulations outline the various types of licenses, permits and certificates required for all activities that do not involve the use of high-hazard explosives. The regulations prescribe all application requirements for each type of license, permit or certificate in order to ensure the consistency of information received. Due to the prescriptive nature of the information required, the audit noted all applications sampled had all information required and the applications were appropriately approved.
Inspection Compliance Program
Annual Inspection Planning
Site inspections are a critical component of monitoring the Explosives Act and its Regulations. The Act requires licences and permits be obtained by organizations in order to legally manufacture, store, sell, possess, transport, or to import explosives into Canada. The Explosives Regulatory Division (ERD) enforces compliance with the Explosives Act and its Regulations through a national compliance inspection program. ESSB defines an inspection as:
“The process by which an (explosive) inspector or deputy inspectors, as defined in the Explosives Act and its Regulations, officially examines all licenses, orders, certificates, permits, authorizations of explosives, mobile process units, sites such as sea ports, or, any other location where:
- Contravention of the Explosive Act & Regulations has been reported or indicated;
- Public safety and worker safety can be affected by explosives; and
- The inspector believes on reasonable grounds that any explosive is being made, stored, or transported, or any fireworks are being or are intended to be used.”
The Treasury Board of Canada Secretariat (TB) Framework for the Management of Compliance sets forth principles, which seek to maximize compliance with legal and policy requirements. The framework requires compliance with legal requirements to be monitored, with the focus of monitoring determined on the basis of risk. Per the TB framework, the audit expected the annual inspection plan to be designed with risk-based approach in order to guide the prioritization and selection of sites.
The audit found that the ERD has implemented a functional and realistic risk-based inspection plan; however, a limited number of field inspectors creates the need to develop a plan that maximises inspector-resources as opposed to a pure risk-based approach. Although a defined strategy exists regarding the development of an annual inspection plan, the current process for creating the plan is predominantly resource-based and practical in its scope. It was noted that when developing an annual inspection plan, consideration is often given to inspection sites that would increase the efficiency and cost effectiveness of travel. In Fiscal Year 2017-18, 12 field inspectors in ERD were responsible for explosives site inspections in addition to their licensing responsibilities while an additional 11 inspector specialists were responsible for managing security screening, fireworks/pyrotechnics, import, export and in-transit authorization programs. Approximately 18% of all possible inspection sites (4,200 in total) including restricted component sites were inspected.
The audit team acknowledges that limited resources (i.e. ESSB Inspectors) can result in the establishment of a resource-based plan; however, given the inherent legal and security risk associated with site inspections, a resource-based approach to inspection planning alone is not sufficient.
Inspection Conduct & Procedures
The Explosives Regulatory Division's inspection program conducts on-site inspections on licensed manufacturers, vendors and magazines in order to demonstrate compliance with legislative and regulatory requirements. While onsite, inspectors examine various criteria regarding site operations, safety and security. With the exception of factory sites, license holders are provided a carbon copy of the inspector’s findings at the end of the inspection. Factory site representatives, being the highest risk, are provided with a formal report on the inspection at a later date. Inspectors assign the licence holder with a rating based on the number of deficiencies identified (i.e. the number of discrepancies observed between the site and the requirements stipulated by legislative and regulatory requirements).
Depending on the severity of deficiencies, the inspector will assign a deadline by which the licence holder must correct the deficiency. Based on the corrective actions identified, a licence holder may be subject to increased frequency of on-site inspections and suspension or revocation of the licence. If necessary, inspectors have the authority to issue a stop-work order effective immediately.
The audit found that ESSB has developed “Guidelines for Inspections”, which provides information on the inspection process and inspector duties including: inspector powers; inspection preparation; inspection itineraries; post-inspection activities; and instances of non-compliance requiring corrective action. Through discussion with ESSB it was noted that this document, dated October 2011, did not reflect the current inspection environment. In addition to the Inspection Guidelines, an “Operations Manual” as a reference document for inspectors. The audit noted that the Operations Manual was updated to align with the 2013 Explosives Regulations; however, recent amendments did not appear to be reflected in the Operations Manual. In many instances, the “last modified date” for sections of the Operations Manual dated back to 2015 and it is not clear the extent to which this document is maintained.
In reviewing inspection reports from the past two fiscal years, the audit identified inconsistent practices and variability in the assignment of rating scores. For "factories” specifically, the audit observed the inspection forms were completed in a manner that varied inspector to inspector. Overall, the most notable issues observed included: inconsistency in ratings assigned to issues compared to ratings for the same issue per the Inspection Guideline; insufficient documentation on file to demonstrate corrective measures have been implemented within time frame specified, or at all; and site rating justification does not include all issues identified in the inspection report as minor issues are sometimes excluded from score or issues are unassigned a score.
Overall, the audit found there are no processes in place to close-out an inspection. In addition, no formal reviews are conducted of an inspector’s work or reports.
RISK AND IMPACT
The absence of a fully risk-based approach to annual inspection planning can result in the ineffective allocation of resources and insufficient monitoring of high-risk activities. Moreover, the lack of formalized guidelines and closeout processes, including file review, can negatively impact the quality and effectiveness of site inspections.
The absence of current guidance for inspectors to enable a consistent approach in the conduct of compliance verification activities may contribute to the inconsistencies in the identification of observed issues and documentation of inspection reports.
Without a systematic process or information management tool to track the implementation of corrective actions of major and critical issues, there is a risk that identified instances of non-compliance will not be addressed, resulting in the violation of legal and regulatory requirements. Monitoring, tracking and follow-up is essential for ensuring that license permit and certificate holders comply with the Act and its Regulations in the interest of public safety.
Recommendations
Recommendation 4: It is recommended that the Assistant Deputy Minister LMS:
- Formalize the development and implementation of an annual risk-based inspection plan;
- Formalize the inspection guidelines and close-out process for inspections, including formally tracking critical and major issues identified during the inspection; and
- Formalize processes for documenting and retaining evidence of periodic inspection reviews to ensure quality and consistency among inspection regions.
MANAGEMENT RESPONSE AND ACTION PLAN
Management agrees with Recommendation 4:
- ERD will formalize its annual inspection plan and ensure that its risk-based plan meets frequencies targets for high-risk activities;
- ERD will improve the planning process and refocus on the current inspection guidelines and close-out process for inspections. This will include the disclosure of the tracking of critical and major issues identified during inspection, in addition to what is currently done in the Annual Report; and
- ERD will undertake efforts to increase the number of training and development opportunities for inspection staff aimed at improving the quality and consistency of inspection ratings. This will be delivered by the Inspector Specialists group and subject to a planned audit regime by the same group of Inspector Specialists.
Positions Responsible: Director ERD, National Manager L&I
Timing: completion by June 30th, 2019
APPENDIX A – Audit Criteria
The audit objectives and criteria were developed based on the key controls set out in the Treasury Board of Canada’s Core Management Controls. The criteria guided the fieldwork and formed the basis for the overall audit conclusion.
The objective of the audit was to assess the adequacy and effectiveness of the management processes and controls supporting the administration of NRCan’s Explosives Program.
| Audit Sub-Objectives | Audit Criteria |
|---|---|
Audit Sub-Objective 1: |
1.1 NRCan’s authority, responsibility and accountability for administrating Canada’s Explosives Act and Regulations, including the responsibilities of ERD and CERL, is clearly defined, documented and communicated. |
| 1.2 Mechanisms are in place to provide senior management with reports on the results of ESSB’s compliance activities (i.e. security screening, permits, licensing and inspections) to inform decision-making and ensure effective allocation of resources within ESSB. | |
Audit Sub-Objective 2: |
2.1 ESSB engages in outreach activities to promote the Explosives Act and Regulations and to respond to stakeholder needs. |
| 2.2 ESSB has established processes to engage with stakeholders to identify leading practices and incorporate relevant feedback to support the activities of the program. | |
| 2.3 Effective business processes are in place to manage the confidentiality of stakeholders’ (i.e. permit/license holders) information securely. | |
Audit Sub-Objective 3: |
3.1 Appropriate due diligence (i.e. security screening) is conducted on individuals and groups applying for and/or renewing licenses and permits for explosives. |
| 3.2 A risk-based framework is developed and implemented to guide compliance activities (i.e. inspections of high-hazard explosives storage and manufacturing facilities). | |
| 3.3 A threat assessment of the risks posed by the access to commercial explosives and precursor chemicals is in place and updated at regular intervals. | |
| 3.4 An effective reporting and monitoring framework is employed to identify, track and take corrective action for instances of non-compliance (i.e. security screening, permits and licenses, and inspections). |
Page details
- Date modified: