Supplementary Guidelines on Disclosure of Audit Information
12 February 2002
The following guidelines provide elaboration on some of the points discussed in the Performance Audit Manual concerning disclosure of audit information (paragraphs 8.17 to 8.19).
Key definitions—The Access to Information Act provides that Canadian citizens or permanent residents have “a right of access to information in records under the control of a government institution” in accordance with the principle that government information should be available to the public. (emphasis added).
“Government institution” is defined for the purposes of the Act as any organization listed in a schedule to the Act. The Office of the Auditor General is not listed in the schedule, which is why the Act does not apply to the OAG.
“Record” is defined very broadly in the National Archives Act to include any correspondence, memorandum, book, plan, map, drawing, diagram, pictorial or graphic work, photograph, film, microform, sound recording, videotape, machine readable record, and any other documentary material, regardless of physical form or characteristics, and any copy thereof.
Therefore, it can be expected that any audit information left in the possession of an entity, including electronic documents and e-mail, may eventually become public through an access to information request to the entity.
Opportunities to exempt documents from an access to information request—Treasury Board guidelines on the administration of the Access to Information Act indicate that there should be consultations among government institutions when an access request received by one involves others. Such consultations offer the Office an opportunity to advance arguments as to why documents or parts of them should not be released.
In the first instance, there are exemptions listed in sections 13 to 26 of the Access to Information Act. These are:
- information obtained in confidence from foreign states (s.13);
- information that could be injurious to the conduct of federal-provincial affairs (s.14);
- information which could be injurious to the conduct of international affairs or defence (s.15);
- information prepared for the purposes of law enforcement and investigations of a criminal nature (s.16);
- information which could reasonably be expected to threaten the safety of individuals (s.17);
- information which could affect the economic interests of Canada (s.18);
- personal information (s.19);
- third party information (s.20);
- information related to the operations of government (s.21);
- information regarding testing or auditing procedures (s.22); and
- information that will be published by a government institution or agent of the government within 90 days after the request was made (s.26).
Some of these exemptions are mandatory, but others are discretionary. Draft chapters undergoing clearance would likely be protected from release under the exemption related to documents to be published within 90 days of the access request. Otherwise, since draft chapters are ultimately intended for publication, it is unlikely that much of the information they contain will fall into the exemptions, and they are not protected after publication. However, depending on the contents of the draft chapter, exemptions under the Act may be capable of being applied to some portions of the document.
Also worth noting is the fact that the Office can only recommend that information not be released under an exemption; the final decision rests with the entity responding to the access request.
Another argument that can be made to prevent the release of documents under access to information is that they are under our control, not the control of the entity intending to release them. The Office bases this argument on the evidence that we intended to maintain control, for example that the document is printed on the Office’s red-bordered paper, limited copies have been provided and we have requested their return. While this argument sometimes encourages the entity to return the document to the Office rather than release it, it is not a strong legal position. Though the Office has never pursued the issue in court, for the most part the courts have held that mere possession will amount to control.
Moreover, entities are only required to consult before releasing information where the exemptions that may be invoked relate to international affairs, defence, national security, law enforcement and penal institutions. It is therefore possible that the Office may not be informed before audit information is disclosed.
The fact that the Office created a document, and that we are not subject to the Access to Information Act, does not give us any additional rights to prevent its release.
Under these circumstances, the only way we can ensure that documents and records cannot be made public is to retain possession of them. It is for this reason that the Performance Audit Manual requires a robust effort to recover documents which we would not like to see made public. However, while we can ask for the return of documents, we cannot require entities to return them. Nor can we ask them to destroy documents in their possession.
It should be noted that at times, an entity may choose to destroy the copies of the ‘controlled document’ that are within its possession instead of returning them to the Office. In such cases, the Principal will request that the entity provide the Office with a certificate that it has destroyed the copies of the document.
In the case of an entity not returning all of the documents as requested or not providing a certificate of destruction, Principals should inform their Assistant Auditor General and Deputy Auditor General to keep them aware of the situation.
OAG Response to a draft or document becoming public—The Manual states that Office staff who become aware that a document is about to become public should inform their Principal, the Director, Communications and the Internal Specialist, Access to Entity Information. Further, this would include Principals informing their Assistant Auditor General, who communicates the situation to the Deputy Auditors General. In the case of a document that was provided to an entity which is about to be made public, Principals should communicate with their contact in the entity in order to effectively manage the situation from both the Office and entity perspective.
The Director, Communications, will prepare a strategy to respond to any inquiries concerning the document. The strategy and Office response will be tailored to each circumstance, but they will likely include the following elements:
- inform Parliament;
- obtain as much information concerning the document as possible (for example if it is a draft, determine which draft it is);
- determine whether it is appropriate to prepare an assessment of differences between the document and any associated document released or to be released publicly by the Office, or whether we will confine ourselves to noting that any changes were made because the facts could not be validated to the degree required by our Quality Management System;
- maintain the independence of the Office’s response strategy (i.e. we will not coordinate our response with the audit entity;
- demand that any public copying and/or distribution of the document stop as it is an infringement of Crown copyright.
The possibility that audit chapter drafts and other documents may become public adds emphasis to the importance of ensuring that any material provided to audit entities or other government institutions is of sufficient quality that it will withstand public scrutiny.
Further guidance on disclosure of audit information, or any other issues related to access to information, can be obtained from the Internal Specialist, Access to Entity Information.