Appendix A - Audit Criteria
Objective | Criteria |
---|---|
To assess the adequacy and effectiveness of policies, practices, and management controls to support departmental compliance with legislation as it pertains to the processing of Access to Information Act and Privacy Act requests. | The request(s) are approved by authorized individuals. |
Employees’ roles and responsibilities related to the processing of access to information and privacy requests are clear and communicated. | |
Employees have adequate training in processing requests. | |
To confirm turnaround times and identify opportunities to improve efficiency of the processing of access to information and privacy requests. | Requests are responded to within 30 days of receipt. |
Extensions are properly managed |
* The audit team confirmed that all of the above criteria were met unless otherwise stated in this audit report.