Common menu bar links
ARCHIVED - Evaluation of IT Desktop Services for CBSA End Users
This page has been archived.
Archived Content
Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.
Final Report
August 2010
Table of Contents
- Executive Summary
- 1.0 Introduction and Context
- 2.0 Key Findings
- 3.0 Cost-Effectiveness and Efficiency
- 4.0 Conclusions, Recommendations, and Management Response
- Appendix A – List of Acronyms
Executive summary
The mandate of the Canada Border Services Agency (CBSA) is to facilitate the movement of legitimate travellers and goods, and to intercept those travellers and goods that pose a threat to Canada. The CBSA fulfills this mandate by providing integrated border services that support national security, public safety and economic prosperity priorities. The CBSA carries out its responsibilities with a workforce of approximately 15,400 employees who provide services at approximately 1,200 points across Canada, including 119 land border crossings, 13 international airports, numerous ports and marinas, and 27 rail sites.
IT desktop support is available to all CBSA employees in Canada to ensure minimum disruption in delivering border services. Support includes resolving incidents and problems associated with personal computers (PCs), laptops, printers, Blackberries, computer installations and configurations, software installations, asset tracking, and help desk functions. The CBSA utilizes some 14,200 PCs, 3,100 laptops, and 4,400 printers.
The CBSA, created on December 12, 2003, resulted from the amalgamation of border services activities and resources from the then Canada Customs and Revenue Agency (CCRA), Citizenship and Immigration Canada (CIC) and the Canadian Food Inspection Agency (CFIA). At that time, the CBSA and the CCRA agreed to implement a shared information technology (IT) services model. This meant that IT services and end user support to all regional CBSA offices and employees would be provided by the CRA, while the CBSA would support all end users at Headquarters (HQ). The arrangement for the provision of regional IT services by the Canada Revenue Agency (CRA), which formally replaced the CCRA in 2005, was formalized in a Memorandum of Understanding (MOU). It is the single largest arrangement of this kind in Canadian government.[1] The MOU is accompanied by service level agreements (SLAs) between the agencies,[2] and details the services and corresponding service levels that are to be provided by the CRA.
Evaluation Purpose and Scope
This report presents the findings of an evaluation of the CBSA's IT desktop services for end users. The evaluation was identified as a priority for fiscal year 2009-2010 in the 2009-2011 Canada Border Services Agency (CBSA) Risk-Based Multi-Year Evaluation Plan, approved by the Agency's Executive Evaluation Committee in July 2009. In accordance with the Treasury Board of Canada Secretariat (TBS) Directive on the Evaluation Function, the evaluation focuses on issues related to the relevance (need for the program and alignment with federal government priorities, roles and responsibilities) and performance (achievement of outcomes and efficiency) of the CBSA's IT desktop services for end users.
The evaluation research was conducted from October 2009 to May 2010.
Evaluation Methodology
The CBSA Program Evaluation Division of the Internal Audit and Evaluation Directorate conducted this evaluation. Main lines of evidence included: a review of documents; observations made during site visits; and in-depth interviews with key CBSA and CRA regional employees and key CBSA employees at HQ. In total, 91 stakeholders were interviewed over the course of the evaluation.
The evaluation process involved employee surveys to assess the level of satisfaction with IT services provided to end users. CBSA regional employees' input was obtained from the results of a CRA online survey conducted in December 2009. End users surveyed were selected from employees who had used IT desktop support within the previous 12 months. From a sample of 950 CBSA regional users, 235 responded to the survey for a response rate of 25%. CBSA HQ employees received an online survey using the same sampling criteria and survey questions in April 2010. Of the 1,466 employees who received the survey, 47% responded (694 responses).
Key Conclusions
This evaluation study found that the CBSA/CRA shared IT desktop services model, whereby the CRA provides IT desktop services to regional CBSA end users, and the CBSA to HQ end users, is aligned with federal government priorities as articulated in the TBS Policy on Management of Information Technology. One of the key objectives of the policy is to increase "the use of common or shared IT assets and services by departments and agencies to ensure efficiency gains".[3] The shared services model is also consistent with the TBS Directive on Management of Information Technology. The directive's intent is to strengthen the management of IT within the federal government and to reduce duplication through the adoption of alternate service delivery models, including common and shared services.
There are numerous benefits to having a shared services IT model for the CBSA. One of the strengths of the current model for IT desktop services is that the CBSA benefits from the fact that the CRA has IT support located across the country. Therefore, the Agency does not have to employ its own separate IT desktop support personnel. There is also a large pool of trained and knowledgeable IT staff readily available to roll out large IT projects in the field. In addition, the CBSA benefits from the CRA's strong IT security measures. Both CBSA and CRA IT management indicated that there are many cost savings through pooled procurement activities because the CRA is able to purchase products at reduced bulk prices.
In the business context, the provision of IT desktop services to support the end users of both the programs and equipment is both relevant and essential. The CBSA requires IT desktop services to ensure minimum disruption in services to staff and clients. Without them, the Agency would be unable to achieve its objectives or meet its operational requirements.
The evaluation found that roles and responsibilities are clear for both CBSA and CRA stakeholders. Several joint CBSA and CRA committees are in place to manage IT services and to facilitate the following functions: communication, decision-making, strategic and operational alignments, and financial management. The governance structure established between the CRA and the CBSA to provide this support is well-defined in the CRA–CBSA Information Technology Services Governance Framework.
The CRA-CBSA MOU for the Provision of Information Technology Services includes the SLA for Regional IT Services. This SLA provides a framework for planning and accountability between the two agencies and includes the IT Support Service Catalogue that defines which services will be provided by the CRA, the process for requesting service, and service standards. This SLA, last updated in 2009, would benefit from a review in specific areas such as the collection of detailed performance information, and an improved description of the differences in the two Agencies' operating environments.
Overall, CBSA survey respondents indicated that they were satisfied with the IT support services they receive. Approximately 88% of regional survey respondents and 84% of HQ respondents rated IT desktop services staff's knowledge and competence as either very good or good. IT support staff were considered polite, friendly, professional, knowledgeable, helpful, and effective. In the regions, the CRA's establishment of CBSA-dedicated teams was judged by interviewees to have resulted in improved services to CBSA end users.
The overall cost of end user services compares favourably to costs for similar-sized organizations in the public and private sectors, as reported by the Gartner consulting firm in a 2007-2008 study. In 2009-2010, the CBSA spent approximately $25.9 million for IT desktop services. Of this total, $21.8 million was spent on regional support provided by the CRA, and $4.1 million on support to the CBSA's HQ users. This corresponds to an overall cost of $1,679 per user or $1,495 per desktop/laptop. For HQ, the corresponding costs were $1,003 per end user and $731 per desktop/laptop. Costs for regional end user support were $1,923 per end user and $1,861 per desktop/laptop. The difference in costs between the regions and HQ is considerable, with regional costs per end user 91% higher than at HQ, and regional costs per desktop/laptop 154% higher than HQ.
Interviewees attributed the higher regional costs to several factors. One is that in the regions, there are numerous CBSA and OGD lines of business applications accessed via shared workstations. A second factor is that they are located in high-traffic operational environments and frequently used, often on a 24-hour-a-day, seven day a week basis. A third factor is that the 321 regional sites are geographically dispersed, which results in longer travel times and higher costs than those in the HQ environment. However, because detailed costs are not reported, it is not possible to determine the extent to which these and other factors contribute to the higher regional desktop services costs, nor to track or analyze cost trends over time. In addition, the evaluation found that the CBSA does not know the cost of all of the sub-activities within IT desktop services, such as desktop PC support, laptop and teleworker support, help desk support, end-user requests for service, user access management, travel costs, etc. In light of these findings:
Recommendation 1 – It is recommended that the CBSA Information, Science and Technology Branch (ISTB) improve the collection and tracking of regional IT desktop service costs to ensure that sufficient detail is available to facilitate monitoring and financial analysis.
The tracking of software licenses is not centralized and, as a result, the CBSA cannot be certain whether all software currently being used is properly licensed or conversely, whether it is paying for unused software. The tracking of software expiration dates is necessary to ensure that all software residing on desktops and laptops is accounted for and properly licensed. In the absence of centralized software tracking, the CBSA may not be managing software in the most efficient way. In light of this finding:
Recommendation 2 – It is recommended that the CBSA Information, Science and Technology Branch centralize the tracking and management of the CBSA's software licences.
Adding and removing employees to and from networks can be confusing and delay access to business applications. CBSA interviewees in the regions indicated that adding new employees and establishing access to required applications can often take weeks or months. Interviewees stated that the process is confusing and that the E522 form used for this purpose is difficult to complete and lacks adequate instructions. As a result, information is often submitted incorrectly which causes delays in adding employees to the system. One region addressed this issue by developing a systems access management binder as a useful tool to assist managers to have employees added to and removed from the network. In light of these findings:
Recommendation 3 - It is recommended that the CBSA Information, Science and Technology Branch develop and post a systems access management reference guide on the CBSA intranet (Atlas) that includes all necessary forms and clear instructions for their completion.
Overall, the evaluation found that end users have access to the hardware, software, applications and information they need to respond to operational demands and priorities. Almost all IT software and hardware used by the CBSA is purchased through the CRA procurement mechanism. This process generally works well for standard products and there are policies and processes in place to help guide the acquisition and management of CBSA end user IT assets. However, procurement of non-standard hardware and software can be complex and delivery dates are difficult to predict. Interviewees from operational centres with unique needs (e.g., enforcement centres, investigations, intelligence) stated that the CBSA could improve its timeliness in fulfilling requests for new technology. As a result of the lengthy certification process, many CBSA offices purchase stand-alone systems to host unapproved software.
The evaluation noted inefficiencies related to the certification of software. Items approved by the CRA for use and installation on the network, but not certified by the CBSA, must go through a separate CBSA certification process before the CBSA will allow them to be installed. These certification processes are typically not done concurrently. This leads to delays in the procurement and installation of new products, and a perception that there is duplication of certification activities. In addition, end users do not know which products have been approved by both the CBSA and the CRA. In light of these findings:
Recommendation 4 – It is recommended that the CBSA Information, Science and Technology Branch review the need for a separate CBSA software certification process. If there is a need, the ISTB should engage the CRA to jointly identify areas where the processes can be harmonized in order to reduce the amount of time and resources needed for certification.
Recommendation 5 – It is recommended that the CBSA Information, Science and Technology Branch make a list available on the CBSA intranet (Atlas) of all CBSA- and CRA-approved hardware and software.
1.0 Introduction and Context
The mandate of the Canada Border Services Agency (CBSA) is to facilitate the movement of legitimate travellers and goods and to intercept those travellers and goods that pose a threat to Canada. The CBSA fulfills this mandate by providing integrated border services that support national security, public safety and economic prosperity priorities. The CBSA carries out its responsibilities with a workforce of approximately 15,400 employees[4] who provide services at approximately 1,200 points across Canada, including 119 land border crossings, 13 international airports, numerous ports and marinas, and 27 rail sites.
IT desktop support is available to all CBSA employees to ensure minimum disruption in delivering border services. Support includes resolving incidents and problems associated with personal computers (PCs), laptops, printers, Blackberries, computer installations and configurations, software installations, asset tracking, and the operation of help desks. The CBSA utilizes some 14,200 PCs, 3,100 laptops, and 4,400 printers.
The CBSA, created on December 12, 2003, resulted from the amalgamation of border services activities and resources from the then Canada Customs and Revenue Agency (CCRA), Citizenship and Immigration Canada (CIC) and the Canadian Food Inspection Agency (CFIA). At that time, the CBSA and the CCRA[5] agreed to implement a shared information technology (IT) services model[6] whereby IT services and end user support to all regional CBSA offices and employees would be provided by the Canada Revenue Agency (CRA), while the CBSA would support all end users at Headquarters (HQ). The arrangement for the provision of IT services in the regions by the CRA was formalized in a Memorandum of Understanding (MOU), which is the single largest arrangement of this kind in Canadian government.[7] The MOU is accompanied by Service Level Agreements (SLAs) between the agencies,[8] and details the services and corresponding service levels that are to be provided by the CRA.[9]
The CBSA also has an IT service agreement with CIC whereby CIC provides specific CBSA end users with access to and support for some of its business delivery systems (e.g., the Field Operating Support System (FOSS) and the National Case Management System (NCMS)). Furthermore, the CBSA has service agreements with the RCMP, CFIA, Department of Foreign Affairs and International Trade (DFAIT), Privy Council Office (PCO) and the Department of National Defence (DND) to facilitate CBSA user access to specific applications maintained by these organizations. However, CBSA end users report IT incidents or problems through the CBSA or CRA IT help desks (by phone, e-mail or walk-in), whether the issue is related to a CBSA application or one from another government department (OGD).
1.1 Purpose of the Evaluation
This report presents the findings of the Evaluation of IT Desktop Services for CBSA End Users. The subject of IT Infrastructure - Shared Services (Including Applications and End User Environment) was identified as a priority for fiscal year 2009-2010 in the Agency's 2009-2011 Risk-Based Multi-Year Evaluation Plan, approved by the Executive Evaluation Committee in July 2009. Due to the inherent complexity of IT infrastructure and services, it was important to establish an evaluation scope that would be manageable, while at the same time provide useful findings for senior management. In recognition of these factors, and based on consultations with key stakeholders, the scope of the evaluation was limited to activities related to the provision of desktop services for CBSA end users.
In accordance with TBS's Policy on Evaluation, the purpose of the evaluation was to assess the relevance (i.e., ongoing need and alignment with the priorities of the Government of Canada and the CBSA), and performance (effectiveness and efficiency) of IT desktop services. The evaluation was conducted by the CBSA Program Evaluation Division in the Internal Audit and Program Evaluation Directorate, and the research phase was carried out between October 2009 and May 2010.
In preparation for this exercise, the evaluation team, in consultation with key stakeholders, developed a logic model and an evaluation strategy. The following outcomes were identified:
- Only authorized end users have access to hardware, software, and applications.
- End users' hardware, software, and application needs are met.
- End users are satisfied with the IT desktop services provided.
- Hardware, software, and applications are available to end users 24/7.
- IT desktop services/support are integrated into innovative IT infrastructure services that respond to the operational demands and priorities of the Agency.
It should be noted that the evaluation did not focus on the management practices of the OGDs that either host applications used by CBSA employees or that deliver desktop services to the CBSA. Exhibit 1 illustrates the activities included in, and excluded from, the scope of the evaluation.
| Included in the Evaluation | Excluded from the Evaluation |
|---|---|
| CBSA's management of the HQ IT desktop services and oversight of the regional IT desktop services provided by the CRA | Technology behind IT desktop services |
| Management and maintenance of IT desktop assets and software | Telecommunications services |
| Help desk services[10] | Installation and maintenance support of servers and mainframes |
| E-mail and directory service | Hardware and software certification specifications |
| Shared drive access and support | Development, maintenance, and hosting of applications and databases |
| Printer access and support | IT security services |
| Remote access service | Facilities management services |
| Impact of the procurement process on the delivery of IT desktop services |
Exhibit 2 provides a summary of the key evaluation issues and research questions for this evaluation.
| Evaluation Issue | Evaluation Question |
|---|---|
| Relevance | Is there a continued need for IT shared services and IT desktop services? |
| Design and performance | How effective is the management and delivery of IT desktop services to the end users? |
| How effective is the Infrastructure Services Directorate's (ISD) ongoing performance measurement to manage and enhance IT desktop services? | |
| Do authorized end users have access to the hardware, software, applications, and information they need to respond to operational demands and priorities? | |
| What is the overall level of satisfaction of end users with IT support services received? | |
| Cost-effectiveness and efficiency | How do IT desktop services delivery costs compare between the regions and HQ? |
| Are IT desktop services costs reasonable relative to similar IT services in other government organizations and are they being delivered efficiently and in a cost-effective manner? | |
| Are there alternative methods/processes for achieving the intended results? |
1.2 Organizational Structure of IT Desktop Services
Canada Border Services Agency
Information, Science and Technology Branch (ISTB)
The Infrastructure Services Directorate (ISD) is responsible for the overall strategic direction, business planning and functional direction for CBSA's IT desktop services, and for ensuring high availability, high reliability and integrity of CBSA systems and applications. The IT Operations and Client Support Division (ITOCSD) within ISD is responsible for providing the management and delivery of IT desktop support services in HQ (7:00 a.m. to 5:00 p.m., Monday to Friday). Also within ISD, the Shared Services Management Division (SSMD) provides oversight of IT desktop services provided by the CRA, including the MOU and the SLA.
The Planning and Portfolio Management Directorate (PPMD) provides oversight, expertise and guidance on IT project planning, project management, architecture, testing coordination, release coordination, and procurement, as well as manages contracts for IT services. The procurement of new hardware devices or software in HQ is initiated by end user groups who contact the HQ IT Help Desk which forwards the request to PPMD for processing. Regional end users communicate their hardware and software needs either to their regional procurement officer or to the PPMD directly.
Comptrollership Branch
The Management and Acquisition Directorate provides a variety of corporate administrative functions, including asset management and contracting (e.g., negotiating standing offers with vendors for the procurement of IT desktop assets).
Other Governmental Departments
Canada Revenue Agency
The National IT Support Division within the Distributed Services Directorate of the Data and Technology Infrastructure Management Branch of the CRA delivers IT support services, including IT desktop services, to CBSA regional offices. The CRA has local IT offices across Canada with regional help desks to assist CBSA regional end users to resolve IT problems that occur during normal business hours. It also operates the National Help Desk which provides CBSA employees, both the regions and at HQ, with after-hours IT support.
Others
CBSA has access, with some restrictions, to specific business delivery systems at CIC, RCMP, CFIA, DFAIT, PCO and DND. It is the responsibility of the CBSA to ensure that only authorized CBSA end users are provided with access to OGD systems, and to correct any access problems once notified of an incident. When CBSA end users experience IT problems with the systems or applications on their desktops or laptops (including problems with OGD systems or applications, such as FOSS, NCMS, and the Canadian Police Information Centre), their first point of contact is their regional or HQ IT help desk if the problem occurs during normal business hours, or through the CRA National Help Desk if the problem occurs after normal business hours.
1.3 Evaluation Methodology
The evaluation used the following qualitative and quantitative lines of evidence to evaluate CBSA IT desktop service activities.
Document and Data Review
Key CBSA documentation reviewed included agreements, correspondence, files, reports and data relating to IT desktop service activities and outputs (e.g., SLAs, MOUs, service catalogues, strategies, policies, procedures, plans, monitoring tools, tracking systems, inventory management, training facilities and material, performance reports). In addition, correspondence, CBSA performance data, budget and expenditure information related to IT services were reviewed and analyzed.
Literature Review
For comparison purposes, the evaluation team reviewed benchmarking studies prepared by the Gartner consulting firm on the design, delivery, management and performance of IT desktop services in public and private organizations. The evaluation team also reviewed other documentation, such as the TBS Policy on Management of Information Technology, the CRA-CBSA Information Technology Services Governance Framework, the Government of Canada Profile of Information Technology (IT) Services, CBSA internal audit reports, etc.
Key Interviews and Group Interviews
Exhibit 3 provides a breakdown of the 46 one-on-one and group interviews conducted with approximately 91 key stakeholders. The interviews provided an opportunity to learn about the management and operation of different aspects of IT desktop services, and to solicit views and explanations of data and results obtained during the research.
| Interview Category | Number of Interviews |
|---|---|
| CBSA HQ staff | 6 |
| CBSA regional staff | 3 |
| CBSA HQ end users | 13 |
| CBSA regional end users | 20 |
| CRA regional staff | 4 |
| Total | 46 |
Site Visits
The evaluation team conducted site visits at CBSA ports of entry and offices in the Greater Toronto Area, Atlantic (Halifax, Saint John, and St. Stephen), and Prairie (Calgary) regions, as well as to the corresponding CRA IT support centres. These sites were selected because they were representative of the volumes, incidents and types of IT desktop service calls made to the local help desks. The site visits enhanced the team's understanding of how IT desktop service support is provided, the strengths and limitations of the current approach, and how IT desktop services contribute to the achievement of CBSA strategic outcomes.
Surveys
The CBSA evaluation team conducted an online survey of 1,500 CBSA HQ staff on their satisfaction with IT desktop support. Responses were collected from April 20 to 30, 2010. Survey participants were end users who had made the highest number of calls for IT desktop services within the last 12 months, and who worked in buildings with more than 100 CBSA employees. The sample was originally 1,500, but was reduced to 1,466 because some e-mail addresses were invalid (i.e., employees no longer employed at the CBSA). Of a sample of 1,466 CBSA HQ clients, 694 staff responded, resulting in a 47% response rate.[11] About one-third of respondents also provided additional, qualitative feedback.
The CRA IT Branch conducted an online survey on IT support satisfaction for CRA employees and regional CBSA staff from December 4 to 18, 2009. From a sample of 950 CBSA regional end users, 235 responded to the survey, producing a 25% response rate. Slightly less than a third of respondents also provided additional written comments. These end users were selected from those who had sought IT desktop support within the 12 months prior to the survey. The CBSA evaluation team reviewed the survey results and incorporated the findings pertinent to this evaluation. The geographic distribution of the respondents can be found in Exhibit 4.
| Region | Number of Respondents | Percentage of Sample | Percentage by Region |
|---|---|---|---|
| Quebec | 52 | 22% | 20% |
| GTA | 46 | 20% | 21% |
| Pacific | 34 | 14% | 19% |
| Prairie | 30 | 13% | 11% |
| NOR | 26 | 11% | 6% |
| Atlantic | 17 | 7% | 7% |
| WSC | 16 | 7% | 8% |
| NFE | 11 | 5% | 8% |
| No answer | 3 | 1% | 0% |
| All regions | 235 | 100% | 100% |
Source: IT Support Client Satisfaction Survey CBSA Results V1.1, CRA. Regional percentage provided by CBSA IT Client Services
Study Limitations
The cost-efficiency section of this study relied mainly on data found in the Gartner study to make efficiency comparisons of CRA's regional IT performance and CBSA's HQ IT performance to external organizations. This data is from 2007-2008, and is therefore slightly older than the CBSA data used in this evaluation (2008-2009 and 2009-2010).
2.0 Key Findings
2.1 Key Findings – Relevance
Is there a continued need for IT shared services and IT desktop services?
The CBSA/CRA shared IT desktop services model aligns with the TBS Policy on Management of Information Technology.
A review conducted by the TBS in 2003 stated that the costs of IT in the Government of Canada had become so great that such activities needed to be more transparent and managed in a more cost-efficient manner. This study recommended a government-wide common service delivery.[12] Following this review, another assessment was conducted in 2005 with the purpose of recommending implementation strategies for a more common approach to the delivery of IT services across departments and agencies. [13]
Results of these assessments are reflected in the 2007 TBS Policy on Management of Information Technology. One expected result of this policy is to increase "the use of common or shared IT assets and services by departments and agencies to ensure efficiency gains."[14] In addition, the Directive on Management of Information Technology supports this policy by emphasizing the need to strengthen "the management of IT on a government-wide basis by providing more robust and mature management practices to reduce duplication, enable the adoption of alternate service delivery models, including common and shared services, promote alignment and interoperability and optimize service delivery."[15]
There are numerous benefits to having a shared services IT model for the CBSA.
One of the strengths of the current model for IT desktop services is that the CBSA benefits from the fact that the CRA has IT support located across the country. As a result, the Agency does not have to employ its own separate IT desktop support personnel. There is also a large pool of trained and knowledgeable IT staff readily available to roll out large IT projects in the field.
In addition, the CBSA benefits from the strong security measures the CRA utilizes to protect Canadians' tax information. These strong security features are an asset to the CBSA, given that the nature of the CBSA's activities produces a large amount of sensitive information that needs protection.
Both CBSA and CRA IT management indicated that there are many cost savings through pooled procurement activities because the CRA is able to purchase many products at reduced bulk prices.[16]
The CBSA cannot meet operational requirements without IT desktop services.
The need for IT at the CBSA is diverse and complex. CBSA relies on information technologies to effectively and efficiently deliver the majority of its services and operate its programs and activities. The CBSA requires IT desktop services to support the users of these programs and equipment to ensure minimum disruption in services to staff and clients. For example, employees use IT lines of business applications, such as TITAN[17] , ACROSS, FOSS, IPIL, etc., which assist in the timely and accurate processing of legitimate goods and people across our borders.
2.2 Key Findings – Performance
How effective is the management and delivery of IT desktop services to end users?
Decision-making roles and responsibilities are clear for CBSA and CRA stakeholders.
There are several joint CBSA and CRA committees[18] to manage CBSA IT services.[19] These committees are in place to facilitate the following functions necessary for the effective and efficient provision of IT services to meet CBSA operational needs: communication, decision-making (technical and managerial), strategic and operational alignments, and financial management. Some examples are: monthly Distributed Computing Environment Steering Committee meetings to give guidance on IT desktop services issues; monthly HOST[20] Steering Committee meetings to focus on information sharing, discussion of issues and decision-making related to providing IT Services to the CBSA from a HOST perspective[21]; and bi-weekly CRA-CBSA Relationship Status meetings to share information and discuss day-to-day issues, with respect to the CRA–CBSA relationship as a whole.
At HQ, the ITOCSD is divided into two teams (IT Client Services and IT LAN Services[22]) that work closely together to ensure IT support is available to CBSA HQ end users. The IT Client Services team is comprised of a central IT help desk team, a downtown core Ottawa desktop services team, a second desktop team providing IT service to CBSA sites outside the downtown core, and a Senior Management IT Support Services (SMITSS) team.[23] Interviews with IT staff working in the HQ IT Client Services area demonstrated a clear understanding of who was responsible for decision-making pertaining to IT desktop support and of their roles and responsibilities in providing IT support.[24]
In the regions, the CRA provides and manages IT support, but with oversight by the CBSA Information, Science and Technology Branch. The governance structure established between the CRA and the CBSA to provide this support is well-defined in the CRA–CBSA Information Technology Services Governance Framework,[25] according to the interviewees. When IT issues arise in the operational environment, CBSA employees bring them to the attention of the CRA IT staff for resolution. Interviews with CRA IT staff showed that they were clear on who was responsible for making decisions pertaining to IT desktop support and understood their roles and responsibilities in providing IT support.
Overall, communication protocols established between the CBSA and the CRA regarding the planning and delivery of IT desktop services to the field are established and respected.
CBSA HQ and CRA HQ hold monthly conference calls, manager meetings, director meetings, and team leader meetings. Regional CRA project/liaison officers communicate directly with CBSA regional directors general, as required. Similarly, no communications issues were raised within IT Client Services at CBSA HQ or with their communications to end users at HQ.
While protocols with the CRA have been established and implemented, interviewees in CBSA regions indicated that there have been instances where they were unaware of IT decisions made by HQ. For example, interviewees said they were not informed when CBSA HQ decided to stop after-hours support for the IPIL camera in September 2009. However, the evaluation team found that information pertaining to this decision had been forwarded to both CRA IT and CBSA regional management and was available in an information bulletin on the CBSA intranet (Atlas). The CBSA and the CRA have been posting information bulletins on Atlas since 2009 in order to minimize bandwidth usage required for mass e-mails. However, at the time of the IPIL decision, not all end users had adjusted to the need to consult Atlas for systems information and updates.
The IT Support Service Catalogue, which forms part of the SLA for Regional IT Services, needs to be updated to reflect the CBSA's operational environment.
The MOU for the Provision of Information Technology Services, which came into effect on April 1, 2004, mandated that an SLA for regional IT Services[26] be established and that it provide a general framework for planning and accountability between the CBSA and the CRA. The MOU is currently being revised and is expected to be published in 2010-2011. The SLA for Regional IT Services was originally drafted in May 2005 and revised in 2009.[27]
Interviewees from CRA IT support indicated that the SLA would benefit from being revisited in areas such as the collection of detailed performance information. Due to the fact that the current section dealing with metrics is very general, CRA performance information is not collected consistently across the regions. In addition, the SLA does not address the costs of high-speed Internet lines for CRA local IT service staff located at CBSA sites. As a result, the CRA currently pays these costs but cannot pass them on to the CBSA.
The SLA for Regional IT Services contains the IT Support Service Catalogue which defines the IT support services to be provided to the CBSA, how to request the service or acquire additional information, and the standard time frames for addressing incidents and problems. Interviewees from the CBSA regions and CRA IT support indicated that the catalogue does not reflect the differences in the operational environments of the CBSA and the CRA; the description is the same for services provided to end users in both organizations. For example, under the user access management group of services, a password reset for LAN or mainframe access has a standard of one hour. Although CRA IT support indicated that this might be sufficient for a CRA end user working in a tax office, interviewees from both the CBSA and CRA IT stated that the CRA is generally much faster than one hour at resetting passwords for CBSA employees and that the service standards in the catalogue should reflect these types of differences. Both CRA IT support and CBSA management at CBSA ports of entry indicated that CBSA front line border services officers (BSOs) processing travellers cannot wait one hour to access key line of business applications.
The tracking of software licenses is not centralized and, as a result, the CBSA cannot be certain whether all software currently being used is properly licensed, or conversely, whether it is paying for unused software.[28]
The CBSA's IT Client Services has the responsibility of tracking CBSA software at HQ, while the CRA has this responsibility in the regions. The tracking of software expiration dates is necessary to ensure that all software residing on desktops and laptops is accounted for and properly licensed. Enterprise licenses[29] are sometimes purchased when demand is sufficient and when available from vendors. In the absence of centralized software tracking, the CBSA may be overspending on software. For example, interviewees provided instances where a given office (in either HQ or the regions) had 10 licenses for a specific type of software, such as Microsoft Project or Adobe Acrobat, but that only five people were using the software. At the same time, another office was in the process of purchasing five new licences and was unaware of the five unused licenses. In this example, this equates to about $2,150 of unnecessary spending for Microsoft Project (priced at $430 per license) or $1,200 for Adobe Acrobat (priced at approximately $240 per license).[30] In the absence of a national system, some CBSA regions and areas within HQ are tracking their own software licenses.
Adding employees to and removing them from networks is sometimes confusing and can delay access to business applications.
When a new employee starts with the CBSA or moves offices or leaves the Agency, it is the employee's manager's responsibility to complete the "Logon Request" form (i.e., form E522). The manager then sends it to IT staff to add or remove the employee's e-mail account and their access to the lines of business and software applications. Most interviewees at HQ have used this form and stated that the process works very well, with timely service.
In contrast, regional managers interviewed indicated that the process for adding new employees to the network is confusing and unclear. Giving employees access to e-mail, required lines of business applications, and acquiring required software can often take weeks or months,[31] resulting in employees missing important notifications and not being able to properly perform their work. Regional managers interviewed found the E522 form difficult to complete and not user-friendly, as there are no field descriptions available to help guide its completion. As a result, the form is often submitted with incorrect information which causes delays in granting employees access to CBSA systems. In addition, there is uncertainty with respect to the process for submitting the form as different IT staff request different submission methods (i.e., e-mail, fax or mail). Some regional managers also stated they had to complete several forms in addition to the E522, in order to get access to applications (such as Internet access) which are not covered by the form. To assist managers, one region has developed a systems access management binder that contains the instructions and information they need to have employees added to, and removed from, the CBSA network.
The CBSA could benefit from amending user profiles so that they are defined by the usage patterns and requirements of various CBSA user groups.[32] User groups could be developed based on the services provided in a certain location instead of classifying them by employees' job descriptions. Once established, these profiles could simplify the work of both CBSA managers and CRA IT support because the profiles would already predetermine the required applications along with the necessary access restrictions for each user group.
The procurement process generally works well for standard products. However, procurement of non-standard hardware and software is a complex process whereby delivery dates are difficult to predict for end users.
Almost all IT software and hardware used by the CBSA, including end user replacements, are purchased through CRA procurement mechanisms, whether they are for HQ or regional end users. The majority (about 85%) of these orders are for standard products[33], while the rest are non-standard[34] and are more complicated to order. The Planning and Portfolio Management Directorate (PPMD) within the CBSA created a policy on the acquisition and management of CBSA end user IT assets in April 2009 to accelerate, improve and clarify the purchasing of generic IT goods for CBSA end users.
Interviewees were generally satisfied with the procurement process for standard products. However, they were less clear about and satisfied with the process for non-standard products. The non-standard procurement process requires the involvement of many different groups throughout the various stages of the procurement process. For example, PPMD and the Comptrollership Branch and sometimes CRA local IT, CRA HQ, and PWGSC may have to be involved. Interviewees from CBSA IT and CRA IT support agreed that the numerous groups participating in the procurement process can contribute to long delays in filling orders.
Adding to the uncertainty is the fact that there is no central tracking system in place to determine the status of orders as they move from one organization to the next (e.g., from the CBSA to the CRA then to PWGSC). The impact is that CBSA IT does not always know if there is a problem with the order, or where the problem lies when delays occur.
How effective is the ISD's ongoing performance measurement to manage and enhance IT desktop services?
Key performance data is collected to manage and enhance IT desktop services.
The CBSA HQ IT Client Services team has been collecting performance data on its own services over the last two years and produces a monthly report with data on the volume of incoming calls, walk-ins, and e-mails to the support centre, as well as the number of calls answered by staff and the number of dropped calls. Additional information includes monthly data on types of issues and volume of calls, categorized by the buildings in which CBSA HQ employees work. Information is also collected on the number of office moves, network incidents,[35] projects,[36] and new devices[37] installed. The team is currently working on an incident trend analysis to determine peak periods for incidents and problems to ensure adequate resources are on hand at those times. In 2010, CBSA's ISTB completed a Performance Measurement Framework and has begun collecting performance indicators on activities and outcomes not previously covered (e.g., resolution times and client satisfaction).
The SSMD receives quarterly service delivery reports from the CRA that contain the volume of calls by region (but not by location), the method used to contact IT, the case type[38], the volume of calls by service category[39], and the activities conducted under each of the most used service categories. There is additional information that could be useful to the CBSA. Presently, the time taken to resolve problems and incidents is not being collected consistently. In some regions, CRA IT support staff collects and monitors resolution times[40], whereas others do not. For those regions that collect this information, procedures for closing tickets are not standardized. For example, a problem can be resolved hours before the technician returns to his or her desk to close the ticket, skewing the measure of resolution time. Because of the differences, it is difficult to compare IT service performance across the Agency. Resolution times collected consistently would indicate if the service standards noted in the catalogue are being met and whether they are realistic.
Do authorized end users have access to the hardware, software, applications, and information they need to respond to operational demands and priorities?
Overall, CBSA end users have access to the hardware, software, applications and information they need to respond to operational demands and priorities. However, the CBSA/CRA has difficulty responding in a timely manner to requests for new technology.
During interviews, regional employees working within the marine and air modes, inland enforcement centres, investigations and intelligence said that the CBSA needs to be able to adopt technology at a faster pace. Although the CRA's strong IT security requirements are an asset to protect CBSA information, there are many restrictions on the types of hardware and software that can be added to the network. To enhance its operations, the CBSA is constantly considering new technologies, such as wireless devices, biometrics, camera phones, webcams, video-conferencing equipment, and voice recognition software. However, the CBSA/CRA cannot deploy new technology until the specific certification requirements of both Agencies are met. This is a time-consuming process which can take years to complete.
As a result of the lengthy certification process, user groups purchase stand-alone systems that are not connected to the shared network to host uncertified software solutions. For example, one enforcement centre obtained stand-alone systems to install a voice recognition software to help track immigrants[41] and a file tracking system for controlling documents pertaining to immigration files. The installation and support were provided by the enforcement centre. Another CBSA enforcement centre purchased and installed uncertified software on a stand-alone workstation in order to view photographs taken during investigations. Currently, neither this software nor the workstation is supported by CBSA or CRA IT desktop services.
Since CBSA or CRA IT desktop services cannot support many of the stand-alone systems being implemented, support costs must be borne by the user. While they increase the overall IT support costs incurred by the CBSA, resources allocated for this purpose are not captured or reported as such. Therefore, the overall impact is not known.
Regional interviewees from across all modes, as well as inland enforcement centres, investigations, and intelligence, stated that unfiltered access to the Internet is often necessary to help them accomplish work-related objectives. Since part of the CBSA's mandate is to prevent security risks from entering the country, fully understanding these risks may require access to Web sites such as adult sites, weapon-related sites, social networking sites (i.e., Facebook, MSN, and Twitter), and subscription Web sites for shipping information. However, Internet access through the shared network is limited.[42] Prohibition from accessing certain Internet Web sites is a challenge for some CBSA teams at HQ and in the regions. Once again, stand-alone workstations are deployed as a solution to this problem. However, this can be inefficient when more than one employee needs Internet access. Another option is to request enhanced Internet access through the CBSA. However, even with enhanced access, some filters may remain in place. Those who received enhanced access highlighted that a separate request needed to be made for every employee, every year.
Wireless technology is not consistently available to support regional operations.
Interviewees in the marine mode in one region pointed out that they had just one functioning wireless TITAN laptop available for use by eight BSOs. This device is used to determine whether targets exist on specific containers so that BSOs can perform an on-site initial inspection. When this laptop is not working or is inaccessible, officers must attempt to contact targeters by phone to determine which containers need to be inspected. This process is less efficient and may increase the risk that targeted containers will not be inspected.
Similarly, interviewees in the air mode noted that wireless laptops were not available for clearing passengers on the tarmac, in hangers, or at remote airports, where there is no direct access to CBSA systems. Currently, BSOs must communicate by phone with other CBSA officers in order to determine whether there are lookouts on passengers. Access to wireless laptops would help improve the efficiency of the clearing process by making this information readily available to BSOs when it is needed.
The numerous requirements to log-on applications are time-consuming.
Because of the increased security on the shared network and OGD applications, almost every application has at least one unique password/log-in step. Hence, it takes numerous log-ins to access all the applications that end users may need. These various log-ins have become very cumbersome for end users, especially in the regions. It can take up to 20 minutes for a BSO to log-on to all necessary applications, each requiring its own password. In addition, officers can be logged out automatically from certain applications if they are not used within a certain time frame. When this occurs, officers must restart the log-in process.
Another issue related to multiple log-ins is the need to remember numerous passwords. This can be difficult, especially with CIC applications which require several layers of log-ins to gain access. Consequently, password resets become common practice in the regions and CRA IT support is not always readily available to respond to these requests, particularly after business hours.[43] These situations waste the BSOs' time and can be problematic if they occur while processing travellers or goods, potentially creating border delays.
After-hours IT support services are not widely available across the regions.
Limited after-hours IT support exists for CBSA employees at HQ and in the regions. At HQ, the LAN Services and Network Support teams offer IT support from 7 a.m. to 11 p.m., Monday to Friday, and the SMITSS team offers those same hours, seven days a week. In the regions, the CRA National Help Desk provides 24/7 IT support for national incidents and problems with the major lines of business applications.[44] In the past, CRA IT support teams had informal agreements to provide 24/7 support to CBSA border sites in the regions. But for most regions, this is no longer the case as the CBSA/CRA MOU and SLA do not include after-hours IT end user support services.
Most end users interviewed at HQ and in the regional inland offices stated that they did not need 24/7 IT support and that most of their problems could wait until regular business hours for resolution. Interviewees working at airports, land border crossings, and enforcement centres were the most likely to express concerns with the lack of availability of after-hours support. They expressed their belief that provision of such support would reduce downtime for BSOs and decrease border wait times for travellers. While a number of end users stated that they require 24/7 IT support, the evaluation found no strong evidence that the absence of continuous IT support has had a negative impact on the Agency's operations.[45] Exhibit 5 shows that user access management, desktop PC support, and laptop and teleworker PC support account for 69% of the service calls in the regions, which includes calls made when after-hours support is not available.
Exhibit 5: Main IT Support Service Used by CBSA End Users at HQ and in the Regions
| Regions | HQ | |
|---|---|---|
| User access management | 34% | 34% |
| Desktop PC support |
26% | 27% |
| Laptop and teleworker PC support |
9% | 11% |
| End user request for service |
4% | 7% |
| Network printer support |
6% | 4% |
| Data management |
5% | 3% |
| IT security |
3% | 1% |
| Network infrastructure support |
3% | 1% |
| Server support |
6% | 1% |
| Adaptive technology support |
1% | 2% |
| Other |
0% | 2% |
| Don't know / N/A | 4% | 7% |
Note: Percentages may not add to 100% due to rounding.
Source: IT Support Client Satisfaction Survey Results, CBSA and CRA
Interviewees mentioned that extended hours for IT support would be a good alternative if 24/7 support was not available, especially at peak periods. Some examples of extended service include increasing weekday hours, adding service hours on regular and/or long weekends, providing service during special events, etc.
What is the overall level of satisfaction of end users with IT support services received?
End users are satisfied with the IT desktop support they receive both at HQ and in the regions.
According to the survey results shown in Exhibit 6, CBSA end users are highly satisfied with their interaction with IT support staff. About one-third of survey respondents also provided additional positive feedback in the open-ended fields of the survey. For example, one survey participant, exemplifying many of the comments, said that "Response and service are provided in a timely manner. When difficult problems arise, staff will ensure they obtain the solution (further research, consulting with their peers, etc.)".
| Very good or good | Neither good or poor | Poor or very poor | No answer / Not applicable | |||||
|---|---|---|---|---|---|---|---|---|
| Regions | HQ | Regions | HQ | Regions | HQ | Regions | HQ | |
| Knowledgeable and competent | 88% | 84% | 4% | 7% | 4% | 3% | 3% | 6% |
| Friendly and courteous | 92% | 87% | 3% | 5% | 1% | 1% | 0% | 6% |
| Communicate in terms I understand | 87% | 86% | 6% | 6% | 3% | 2% | 4% | 6% |
| Offer service in language of client | 87% | 82% | 3% | 6% | 0% | 4% | 9% | 8% |
| Note: Percentages may not add to 100% due to rounding. | ||||||||
Source: IT Support Client Satisfaction Survey Results, CBSA and CRA
The majority of CBSA HQ and regional interviewees stated that IT support employees are polite, friendly, professional, knowledgeable, helpful, and effective. They also indicated that having a good working relationship with IT personnel leads to effective service. Furthermore, regional end users said that CRA's approach of establishing dedicated CBSA teams has resulted in improved service.
All HQ and regional interviewees knew how to obtain IT desktop service support. Most were aware that there is a telephone number to call and an electronic address to e-mail the help desks. Nevertheless, interviewees indicated that the CBSA intranet needed to be updated with more information on the types of available IT desktop services.
When asked about how they contact IT support to access services, most survey respondents indicated that they used the telephone as their first option (72% at HQ and 71% in regions) and e-mail as their second option (about 17% at HQ and in regions). In-person contact was the next most common tool used by three percent of HQ and four percent of regional respondents.[46] Communication through the CRA's intranet[47], which is only available to regional end users, was also selected by four percent as a communication method.[48]
The survey also asked about the time it took for a response to an initial request for service. Most survey respondents at HQ and the regions (83%) indicated they were very or somewhat satisfied; only four percent of HQ and five percent of regional participants were somewhat or very dissatisfied. Furthermore, most HQ respondents (80%) indicated that they were very or somewhat satisfied with the time it took to resolve their problem, while only six percent were somewhat or very dissatisfied.[49] In addition, almost two-thirds of regional respondents, compared to a little over half of HQ respondents, indicated that they strongly or somewhat agreed that IT staff provided them with updates concerning the status of their requests.
About half of the HQ and regional interviewees indicated that IT staff was able to provide estimates of when assistance would be provided, while the remainder stated that IT teams would not commit to their availability. Regional interviewees commented positively on available self-serve tools, such as being able to track progress on their outstanding tickets through the CRA intranet.[50]
3.0 Cost-Effectiveness and Efficiency
How do IT desktop services delivery costs compare between the regions and HQ?
It costs more to provide IT desktop support in the regions than at HQ. However, both HQ and regional IT desktop support services are doing more with less.
As shown in Exhibit 7, in 2009-2010 the CBSA spent approximately $21.8 million for regional IT desktop services support, while the figure was $4.1 million for HQ. For the 11,325 regional end users who used 11,704 desktops/laptops, this corresponds to a cost of $1,923 per user or $1,861 per desktop/laptop. For the 4,084 HQ employees who used 5,606 desktops/laptops, this corresponds to a cost of $1,003 per end user or $731 per desktop/laptop.
Interviewees attributed the higher regional costs to several factors. One is that in the regions, there are numerous CBSA and OGD lines of business applications accessed via shared workstations. A second factor is that these workstations can be located in high-traffic operational environments and frequently used, often on a 24-hour-a-day, seven-day-a-week basis. A third factor is that the 321 regional sites are geographically dispersed, which results in longer travel times and higher costs than those in the HQ environment. Finally, the regions have numerous devices such as NEXUS kiosks, license plate readers, passport readers etc. which add considerably to IT support costs (e.g., diagnosing problems is more complex and repairs are more time-consuming).
| Headquarters | % Change | Regions | % Change | |||
|---|---|---|---|---|---|---|
| 2008-2009 | 2009-2010 | 2008-2009 | 2009-2010 | |||
| IT Desktop Services Support Salaries & O&M A | $3,776,910 | $4,096,500 | 8% | $21,187,000 | $21,777,000 | 3% |
| Number of users B | 3,615 | 4,084 | 13% | 12,006 | 11,325 | -6% |
| Cost per end user | $1,045 | $1,003 | -4% | $1,765 | $1,923 | 9% |
| Number of desktops and laptops C | 6,414 | 5,606 | -13% | 12,068 | 11,704 | -3% |
| Cost per desktop and laptop | $589 | $731 | 24% | $1,756 | $1,861 | 6% |
| Number of desktops and laptops per user | 1.77 | 1.37 | -23% | 1.01 | 1.03 | 2% |
| Number of sites serviced D | 19 | 21 | 11% | 321 | 321 | 0% |
| Average number of monthly service calls handled E | 3,468 | 3,834 | 11% | 7,744 | 10,871 | 40% |
| Average cost per call handled | $91 | $89 | -2% | $228 | $167 | -27% |
| Average number of service calls per year per user | 11.51 | 11.27 | -2% | 7.74 | 11.52 | 49% |
Source: HQ IT Client Services Operational Plans for 2009-2010 and 2010-2011, CRA statement of Information Technology Services for 2009-2010, CRA's TIQR Q1 and Q3 reports for 2009-2010, CRA's Q3 & Q4 Service Delivery Reports for 2008-2009 and 2009-2010, and CRA's Q1 & Q2 Service Delivery Reports for 2009-2010. [51]
In 2009-2010, the challenge faced by HQ IT desktop service support was that growth within HQ was not matched by growth within IT support. As a result, this area has had to do more with less. For example, in 2008-2009 and 2009-2010 respectively, there were 57 full-time equivalents at HQ to perform the necessary IT desktop-related functions.[52] However, during this period the number of end users increased 13% from 3,615 to 4,084, which resulted in an 11% increase in the number of monthly service calls. The number of service calls per end user remained relatively flat at about 11 calls per end user per year. With end users being generally satisfied with their IT support, ITOCSD at HQ has been effective in maintaining a high service standard.
Increased efficiencies were generated within incident management processes by training help desk staff on CBSA IT best practices such as putting standards in place for completing tickets. This resulted in more consistent communication to end users, faster resolution on the help desk, and fewer calls routed to desktop technicians. There was also improved help desk accessibility by reducing the time from 180 to 120 seconds that a caller waited before being transferred to a senior technician. Staff scheduling was also adjusted to ensure high call volume times were covered adequately.
To facilitate the work of IT staff, remote access tools[53] were sometimes used to respond to end user requests. Approximately 70% of HQ and 71% of regional survey respondents indicated that remote access tools had been utilized to assist in resolving their technical support issues. This approach reduces time required to address issues since technicians are not required to travel to end user workstations to resolve problems and tickets can be closed right away.
While HQ has experienced an expansion in the number of employees between 2008-2009 and 2009-2010, the regions experienced a decline. Regional staff decreased by six percent from 12,006 to 11,325 during this period, and the number of workstations decreased by three percent from 12,068 to 11,704. Meanwhile during this period, the CBSA paid CRA a three percent increase to provide IT desktop services, resulting in the regional cost per end user rising by three percent from $1,765 to 1,923. Although the cost per end user increased slightly, the number of calls per month handled by CRA IT desktop support increased significantly by 40% from 7,744 to 10,871, while the average cost per call handled decreased by 27% from $228 to $167. This increase was due to network disruptions caused by work on the CBSA Site Optimization Project[54] which increased the overall capacity of the CBSA network, optimized end user performance for all lines of business applications, and maintained optimal configuration at all sites. The network disruptions resulted in an approximate 40% overall increase in user access management cases, including such tasks as unlocking, modifying and adding accounts and password resets.
Are IT desktop services costs reasonable relative to similar IT services in other government organizations and are they being delivered efficiently and in a cost-effective manner?
CBSA IT desktop support costs fall between those of similar-sized public sector organizations.
Using data drawn from a 2008 Gartner study,[55] Exhibit 8 compares total CBSA IT desktop support delivery costs to the average for the public and private sectors. From the total range of organizations identified in the Gartner study, this evaluation focused on the 25th percentile in order to make the comparisons more meaningful. These sized organizations had similar elements such as numbers of end users, workloads, and complexity of work.
The CBSA IT desktop support costs of $1,598 and $1,679 per end user for 2008-2009 and 2009-2010 respectively were significantly less than the public sector costs of $2,684 per end user, but were slightly more than the private sector average of $1,221 per end user. Average costs per site for the CBSA of $73,423 and $75,654 for 2008-2009 and 2009-2010 respectively were significantly less than the public sector average cost per site of $246,188 and the private sector figure of $275,718. However, while average costs per call handled of $186 and $147 for 2008-2009 and 2009-2010 respectively were less than the figure stated for the public organizations of $263, they were greater than the private organizations' average of approximately $100.
IT technicians serving CBSA HQ and regional end users handled an average of nearly nine and eleven calls per user per year for 2008-2009 and 2009-2010 respectively. These were within the ranges experienced by the average public and private sector organizations of about ten and twelve calls per year respectively.
| CBSA Regions and HQ A | Public 25 Percentile B | Private 25 Percentile B | ||
|---|---|---|---|---|
| 2008-2009 | 2009-2010 | 2007-2008 | 2007-2008 | |
| IT Desktop Service Support Salaries & O&M | $24,963,910 | $25,873,500 | $37,913,000 | $39,152,000 |
| Number of users | 15,621 | 15,409 | 14,123 | 32,065 |
| Cost per end user | $1,598 | $1,679 | $2,684 | $1,221 |
| Number of desktops and laptops | 18,482 | 17,310 | 17,075 | 30,245 |
| Cost per desktop and laptop | $1,351 | $1,495 | $2,220 | $1,294 |
| Number of desktops and laptops per user | 1.18 | 1.12 | 1.21 | 0.94 |
| Number of sites serviced | 340 | 342 | 154 | 142 |
| Average cost per site | $73,423 | $75,654 | $246,188 | $275,718 |
| Average number of users per site | 46 | 45 | 92 | 226 |
| Average number of monthly service calls handled | 11,212 | 14,705 | 11,998 | 32,769 |
| Average cost per call handled | $186 | $147 | $263 | $100 |
| Average number of service calls per year per user | 8.61 | 11.45 | 10.19 | 12.26 |
Source: CBSA regional data was obtained from various sources.[56]
CBSA does not know, year to year, the cost of the various sub-activities within IT desktop services, such as desktop PC support, laptop and teleworker support, help desk support, end user requests for service, user access management, travel costs, etc.
Itemized cost breakdowns of specific groups of sub-activities were not available to make year to year comparisons of key IT desktop service sub-activities.[57] In the aggregate, the CBSA can identify how much it pays the CRA for higher level groups of activities. For example, the CBSA receives a quarterly statement from the CRA that shows amounts owing for Salaries and Operation and Maintenance (O&M) expenses for Shared Services and Incremental Services. Both of these are broken down into Data Technology Information Management, Central Shared Services, IT Architecture and Consulting, CAS Maintenance, Regional Expenses, etc. The costs for IT desktop services that the CBSA pays to the CRA are contained with the regional expenses noted above; however there is no detailed breakdown of what services these totals include.
Determining the true cost of IT desktop support is complicated by the fact that many costs previously covered by the Information, Science and Technology Branch are now borne by the regions. For example, the regions are now responsible for the ongoing support costs for other new devices. Other new charges include fees for remote access accounts, initial set-ups, Blackberrys, and Internet accounts. Consequently, it is challenging to determine where and how efficiency gains could be made.
The CBSA cannot say for certain whether it is paying the CRA the correct IT desktop support costs because the CBSA does not validate the total number of devices counted by CRA IT.
In the regions, the CRA is responsible for tracking CBSA IT equipment.[58] CBSA IT Client Services is responsible for this at HQ. Tracking hardware assets is necessary to prevent loss due to theft, to ensure they are properly maintained, and to identify the time for replacement at the end of their useful life. The CRA also uses the number of assets counted at the end of one year as a means for billing the CBSA for end user support costs the next year. The CRA tracks the number of assets by conducting inventory counts on an annual basis. Although the evaluation found no evidence to suggest that the CRA's inventory counts were incorrect, the CBSA cannot say for certain whether the correct support costs are being paid because these counts are not validated by CBSA regional management.
New software must to be approved by both the CBSA and the CRA before it can be installed on or connected to the shared network. The dual certification process causes delays in obtaining new software.
The CRA and the CBSA each have their own software certification processes that do not necessarily result in the same outcome for specific products.[59] The CRA has a Certified Product List (CPL) that includes the products they have certified. However, these items may or may not be certified by the CBSA. If a CBSA end user requests software that is on the CPL but not already certified by the CBSA, the product must go through the CBSA certification process before CBSA IT will order it. For example, one interviewee requested a multifunction device[60] but was unable to obtain it because the associated software did not pass the CBSA certification process, even though it was already certified by the CRA and listed on the CPL.
Are there alternative models for achieving the intended results?
Some alternative models exist to deliver IT desktop support services. However, there is no evidence to suggest that the CBSA would receive comparable services at a lower price.
Alternatives exist to the current model whereby the CRA provides regional IT desktop support services. For example, the CBSA could assume responsibility for all IT desktop service requirements or it could outsource IT desktop support services to another third party in the private sector or to a department such as PWGSC in the public sector.
As the findings from this evaluation suggest, the current shared services model provides many benefits. Overall, the CRA provides secure, timely and reliable services and end users are generally satisfied. The costs of services provided by the CRA are within the range of costs incurred by other similar organizations. Although issues have come to light where improvements could be made, there is no evidence to suggest that increased overall benefits would be achieved by changing the current model to one of the alternatives.
4.0 Conclusions, Recommendations, and Management Response
This evaluation found that the CBSA/CRA shared IT desktop services model, whereby the CRA provides regional services and the CBSA provides HQ services, is aligned with federal priorities as articulated in the TBS Policy on Management of Information Technology. One of the key objectives of the policy is to increase "the use of common or shared IT assets and services by departments and agencies to ensure efficiency gains."[61] The shared services model is also consistent with the TBS Directive on Management of Information Technology. The directive is intended to strengthen the management of IT within the federal government and is aimed at reducing duplication through the adoption of alternate service delivery models, including common and shared services.
There are numerous benefits to the CBSA in having a shared services IT model. One of the strengths of the current model is that the CRA has IT support across the country and the CBSA does not have to employ its own separate IT desktop support personnel. There is also a large pool of trained and knowledgeable IT staff readily available to roll out large IT projects in the field. In addition, the CBSA benefits from the CRA's strong IT security measures. Both the CBSA and CRA IT management indicated that there are many cost savings through pooled procurement activities because the CRA is able to purchase products at reduced bulk prices.
In the business context, top-functioning IT desktop services for end users are essential tools. The CBSA requires IT desktop services to support the users of these programs and equipment to ensure minimum disruption in services to staff and clients. Without them, the Agency would be unable to achieve its objectives or meet operational requirements.
The evaluation found that roles and responsibilities are clear for both CBSA and CRA stakeholders. Several joint CBSA and CRA committees meet regularly to manage IT services and to facilitate the communication, decision-making, strategic and operational alignments, and financial management functions. The governance structure established between the two Agencies to provide this support is well-defined in the CRA–CBSA Information Technology Services Governance Framework.
The CRA-CBSA MOU for the Provision of Information Technology Services includes an SLA for Regional IT Services. This SLA provides a framework for planning and accountability between the two Agencies and includes the IT Support Service Catalogue that defines which services will be provided by the CRA, the process for requesting service and service standards. This SLA was last updated in 2009 and would benefit from being revisited in areas such as the collection of detailed performance information and to better reflect the differences in operational environments between the CBSA and the CRA.
Overall, CBSA survey respondents indicated that they are satisfied with the IT support services they receive. Approximately 88% of regional survey respondents and 84% of HQ respondents rated IT desktop staff's knowledge and competence as either very good or good. IT support staff were considered polite, friendly, professional, knowledgeable, helpful, and effective. In the regions, CRA's establishment of CBSA dedicated teams was judged by interviewees to have resulted in improved service to CBSA end users.
The overall cost of end user services compares favourably to costs for similar sized organisations in the public and private sector as reported by a Gartner study in a 2007-2008 study. In 2009-2010, the CBSA spent approximately $25.9 million for IT desktop services. Of this total, $21.8 million was spent on regional support provided by the CRA, and $4.1 million on support to CBSA's HQ users. This corresponds to an overall cost of $1,679 per user or $1,495 per desktop/laptop. For HQ, the corresponding costs were $1,003 per end user and $731 per desktop/laptop. Costs for regional end user support were $1,923 per end user and $1,861 per desktop/laptop. The difference in costs between the regions and HQ is considerable, with regional costs per end user 91% higher than at HQ, and regional costs per desktop/laptop 154% higher than HQ.
Interviewees attributed the higher regional costs to several factors. First, in the regions, there are numerous CBSA and OGD lines of business applications. A second factor is that these applications are frequently accessed via shared workstations in high traffic operational environments, often on a high usage 24-hour-a-day, seven-day-a-week (24/7) basis. Finally, the 321 regional sites are geographically dispersed, which results in travel time and costs that are higher than those in the HQ environment. However, because detailed costs are not reported, it is not possible to determine the extent to which these and other factors are contributing to the higher regional desktop service costs, nor to track or analyse cost trends over time. In addition, the evaluation found that the CBSA does not know the cost of all of the various sub-activities within IT desktop services, such as desktop PC support, laptop and teleworker support, help desk support, end-user requests for service, user access management, travel costs, etc. In light of these findings:
Recommendation 1 – It is recommended that the CBSA Information, Science and Technology Branch improve the collection and tracking of regional IT desktop service costs to ensure that sufficient detail is available to facilitate monitoring and financial analysis.
Management Response
Information, Science and Technology Branch concurs with this recommendation. A review of requirements for the collection and tracking of regional IT desktop service costs will be conducted. These requirements will be incorporated into a modified Regional IT Services SLA. This work will be completed by January 31, 2011.
***
The tracking of software licenses is not centralized and, as a result, the CBSA cannot be certain whether all software currently being used is properly licensed or conversely, whether it is paying for unused software. The tracking of software expiration dates is necessary to ensure that all software residing on desktops and laptops is accounted for and properly licensed. In the absence of centralized software tracking, the CBSA may not be managing software in the most efficient way. In light of this finding:
Recommendation 2 – It is recommended that the CBSA Information, Science and Technology Branch centralize the tracking and management of the CBSA's software licences.
Management Response
Information, Science and Technology Branch agrees that there are improvements to be made in software license management. A review will be conducted to determine the most effective and efficient way to accomplish this and an action plan developed by December 31, 2010. The plan will be implemented by March 31, 2011.
***
Adding employees to and removing them from networks is sometimes confusing and can delay access to business applications. CBSA interviewees in the regions indicated that adding new employees and establishing access to required applications can often take weeks or months. Interviewees stated that the process is confusing and that the E522 form used for this purpose is difficult to complete and lacks adequate instructions. As a result, information is often submitted incorrectly which causes delays in adding employees to the system. One region had addressed this issue by compiling a systems access management binder to assist managers to have employees added to and removed from the network. In light of these findings:
Recommendation 3 - It is recommended that the CBSA Information, Science and Technology Branch develop and post a systems access management reference guide on the CBSA intranet (Atlas) that includes all necessary forms and clear instructions for their completion.
Management Response
Information, Science and Technology Branch concurs with this recommendation. A systems access management reference guide for critical applications will be developed and made available on the CBSA intranet (Atlas) by December 24, 2010. A reference guide for non-critical applications will be published on Atlas by March 29, 2011.
***
Overall, the evaluation found that end users have access to the hardware, software, applications and information they need to respond to operational demands and priorities. Almost all IT software and hardware used by the CBSA is purchased through the CRA procurement mechanism. This process generally works well for standard products and there are policies and processes in place to help guide the acquisition and management of CBSA end user IT assets. However, procurement of non-standard hardware and software can be complex and delivery dates are difficult to predict. Interviewees from operational centres with unique needs (e.g., enforcement centres, investigations, intelligence) stated that the CBSA could improve its timeliness in fulfilling requests for new technology. As a result of the lengthy certification process, many CBSA offices purchase stand-alone systems to host unapproved software.
The evaluation noted inefficiencies related to the certification of software. Items which have been approved by the CRA for use and installation on the network, but which have not been certified by the CBSA, must go through a separate CBSA certification process before the CBSA will allow them to be installed. These certification processes are typically not done concurrently. This leads to delays in the procurement and installation of new products, and a perception that there is duplication of certification activities. In addition, end users do not know which products have been approved by both the CBSA and the CRA. In light of these findings:
Recommendation 4 – It is recommended that the CBSA Information, Science and Technology Branch review the need for a separate CBSA software certification process. If there is a need, the ISTB should engage CRA to jointly identify areas where the processes can be harmonized in order to reduce the amount of time and resources needed for certification.
Management Response
Information, Science and Technology Branch concurs with the recommendation and will identify any overlaps that can be removed, and harmonization that can occur, with the aim to provide a transparent value-added process with service level expectations. Based on results of the review, the certification process will be modified by January 24, 2011.
***
Recommendation 5 – It is recommended that the CBSA Information, Science and Technology Branch make a list available on the CBSA intranet (Atlas) of all CBSA- and CRA-approved hardware and software.
Management Response
Information, Science and Technology Branch concurs with the recommendation to make available to employees the list of hardware and software approved for installation on the shared infrastructure and available to be purchased. This information will be released on Atlas starting January 4, 2011.
***
Appendix A – List of Acronyms
| Abbreviation / Acronym | Description |
|---|---|
| ACROSS | Accelerated Commercial Release Operations Support System |
| BSO | Border Services Officer |
| CBSA | Canada Border Services Agency |
| CCRA | Canada Customs and Revenue Agency |
| CFIA | Canadian Food Inspection Agency |
| CIC | Citizenship and Immigration Canada |
| CPL | Certified Product List |
| CRA | Canada Revenue Agency |
| DFAIT | Department of Foreign Affairs and International Trade |
| DND | Department of National Defence |
| EEC | Executive Evaluation Committee |
| EMC | Executive Management Committee |
| FOSS | Field Operating Support System |
| GC | Government of Canada |
| HQ | Headquarters |
| IPIL | Integrated Primary Inspection Line |
| ISD | Infrastructure Services Directorate |
| ISTB | Information, Science and Technology Branch |
| IT | Information Technology |
| ITOCSD | IT Operations and Client Support Division |
| LAN | Local Area Network |
| MOU | Memorandum of Understanding |
| NCMS | National Case Management System |
| NPG | National Planning Group |
| OGDs | Other Government Departments |
| PCO | Privy Council Office |
| PCs | Personal Computers |
| PPMD | Planning and Portfolio Management Directorate |
| PWGSC | Public Works and Government Services Canada |
| RCMP | Royal Canadian Mounted Police |
| SD | Service Desk |
| SLA | Service Level Agreement |
| SMITSS | Senior Management Information Technology Support Services |
| SSMD | Shared Services Management Division |
| TBS | Treasury Board of Canada Secretariat |
