With all eyes on the government to ensure the needs of citizens are met in response to COVID-19, public sector organizations have mobilized quickly to put Canadians first. From preserving life to protecting people's livelihoods, policymakers are mitigating the crisis with economic rescue packages and strict public health measures to limit the spread. As government leaders navigate the urgent trials of today, we examine how they can prepare for tomorrow's turbulence when change is coming at an unprecedented pace.
1. Conduct enterprise-wide risk assessment
Looking ahead, should a second wave of the pandemic hit, public sector services should be fully prepared, understanding the risks inherent to their services and having thought-through mitigating actions to apply if the need arises.
Conducting a thorough enterprise-wide risk assessment of all critical services and functions should be an integral component of running an organization. Chiefly, it involves identifying the organization's top risks, planning how to address them, and assessing the risk potential and impact by creating what-if scenarios. Benefits include informed decision-making, standardized risk reporting and procedures, efficient use of resources, improved risk-aware culture, and, in the case of public service organizations, enhanced political and community support.
Far from being managed on an ad-hoc or standalone basis, enterprise risk management is a continuous process woven into the organizational framework and culture so you can mitigate and monitor potential threats as they arise. It may take several iterations before you have a complete picture of your organization's risks, but once you genuinely understand what they are, and the controls and processes that mitigate them, you are halfway there.
2. Enhance data security and communications
From small federal departments and provincial ministries to large departments and crown corporations, data security and communications are a critical issue. Given the sector's vast collection, use and disclosure of personal information, its data is an attractive target for cyberattacks. And this is further compounded during a crisis.
Increased remote working can expose many vulnerabilities, such as ageing technology and legacy systems that can only be accessed from the physical office. Public sector employees working from home with a weak WIFI security control or using a non-federated Internet service provider can also present a conduit to the government infrastructure.
How well the sector responds to a cyber-event or breach during a crisis will depend on the cybersecurity measures put in place to protect the infrastructure. At BDO, we have helped many public sector clients address security concerns and adapt to a work-from-home culture to allow remote identification and containment and eradication of issues. We can also provide on-going security patching, systems monitoring, and multi-factored authentication to safeguard data and communications.
3. Deliver on-demand for digital
With more people expecting a better and speedier digital service during the lockdown, we foresee the demand for digital in the public sector accelerating. We believe that as bureaucrats navigate the country into a post-pandemic recovery, a push for digital strategy and technological infrastructure to improve service delivery will be top of mind.
Critically, this means a transformation to digital infrastructure at both the national and local levels. This would enable public servants to work confidently from home, supported by a robust broadband strategy, and Canadians to access government services online, anytime, anywhere, without compromise. Realizing that technology and digital transformation is the backbone of an effective and efficient government will be the first step in advancing to the new normal.
How BDO can help
Need an integrated approach to enterprise-wide risk management, communication security, and business transformation and change management services? Talk to your BDO advisor today. We are here to help Canada's public sector pave the way for operational efficiency.
Carmelina Calarco, Senior Manager, Program and Change Management
Joe Filippelli, Senior Manager, Risk Advisory Services
Austin D’souza, Director, Manager Services and Cloud