Audit of IT Governance

Audit Report
Internal Audit and Accountability Branch
Citizenship and Immigration Canada
April 2009


Table of Contents


List of abbrs

AC
Architecture Council
ADM
Assistant Deputy Minister
ASC
Architecture Standards Committee
CBSA
Canada Border Services Agency
CIC
Citizenship and Immigration Canada
CIO
Chief Information Officer
COBiT
Control Objectives for Information and Related Technology
CSI
Client Service Initiative
CSM
Client Service Modernization
DDN
Departmental Delivery Network
DFAIT
Department of Foreign Affairs and International Trade
DG
Director General
DM
Deputy Minister
EXCOM
Executive Committee
FTE
Full-Time Equivalent
GCMS
Global Case Management System
IAA
Internal Audit and Accountability (Branch)
IM
Information Management
IMTB
Information Management and Technologies Branch
ISACA
Information Systems Audit and Control Association
ITPRC
Information Technology Project Review Committee
IT
Information Technology
MAC
Management Accountability Committee
MAF
Management Accountability Framework
OCIO
Office of the Chief Information Officer
TBS
Treasury Board Secretariat
SPAC
Senior Project Advisory Committee

Executive Summary

Background

Information technology (IT) governance should focus on the delivery of business change at an affordable cost and with an acceptable level of risk. The most important factor in distinguishing between top-performing and substandard-performing public and private organizations is the level of leadership from business and senior managers in a handful of key IT decisions.[Note 1] This holds true for government departments as they must deliver, support, and maintain successful IT projects and IT infrastructure if they are to provide their services to the public economically, efficiently and effectively. The fast pace of technological change demands that decisions related to IT be made on a timely basis, with a thorough understanding of the risks and opportunities associated with the IT initiative.

Citizenship and Immigration Canada (CIC) is responsible for the selection and processing of applications to come to Canada temporarily or permanently, helping newcomers adapt to Canadian society and become citizens. Consequently, CIC relies heavily on the flow of information to accomplish these goals through the use of IT.

About the Audit

The risk-based audit plan of CIC’s Internal Audit and Accountability (IAA) Branch includes auditing governance. These audits focus on governance and the risk management frameworks in place. IT governance was selected for auditing further to the IAA’s analysis of the Department, from an audit perspective, of risk factors and after consultation with senior management.

The audit was carried out from July to November 2008 with the examination phase of the audit occurring in October and November of that year.

The objectives of the audit were as follows:

  • To assess the adequacy of CIC’s IT governance structure; and
  • To assess the degree of alignment and integration between CIC’s IT strategy and its business strategy.

Overall, the audit team found that there was alignment and integration between CIC’s IT strategy and its business strategy, and while adequate structures and processes were in place, the audit identified opportunities to strengthen CIC’s IT governance. We have therefore made two recommendations to strengthen the process in place, as follows.

  • That the Department roll up ongoing IT project and business performance metrics into a meaningful dashboard for senior management review on a regular basis, and escalate it to the Executive Committee (EXCOM) on an as-needed basis; and
  • That the Department implement its planned transition to a CIC-wide approach to vetting and funding investments in IT, which approach would better define responsibility for review and approval and incorporate an approval hierarchy in the decision process commensurate with the proposed investment’s costs and impact on the Department.

While our audit examined the governance structure in place with regard to IT, many of the concepts expressed in our audit are equally applicable to the management of projects, in general. If these concepts are implemented, they may help lay the foundation for the Department to implement an organizational project management governance framework which would extend beyond projects with an IT component and allow for the higher-level orientation needed to ensure the full realization of organizational objectives.

1.0 Introduction

The risk-based audit plan of the IAA Branch includes auditing governance. These audits focus on governance and the risk management frameworks in place. IT governance was selected for auditing further to the IAA’s analysis of the Department, from an audit perspective, of risk factors and after consultation with senior management. With the transition to a new Director General (DG) for the Information Management and Technologies Branch (IMTB) and Chief Information Officer (CIO) at CIC, the timing of the audit provided an opportunity to assess the IT governance in place and to work to strengthen key structures and processes. We note that since the CIO’s arrival, much work has been undertaken to review the IT governance structure with a view to strengthening practices.

The audit was carried out from July to November 2008 with the examination phase of the audit occurring in October and November of that year.

2.0 Background

2.1 What is IT governance?

Compared with other aspects of governance, the concept of IT governance is relatively new. IT governance should focus on the delivery of business change at an affordable cost and with an acceptable level of risk. In 2001, the IT Governance Institute defined IT governance as:

“[…] the responsibilit[ies]y of the Board of Directors and executive management. [IT governance] is an integral part of enterprise governance and consists of the leadership and organizational structures and processes that ensure that the organization’s IT sustains and extends the organization’s strategies and objectives.”

The Information Systems Audit and Control Association (ISACA) IT governance status report for 2008 stressed that there was substantial room for improvement in the alignment between IT governance and overall governance. Moreover, research published by ISACA has shown that most organizations are not generating optimal value from their IT investments. The most important factor in distinguishing between top-performing and substandard-performing organizations in both the private and public sectors is the level of leadership from business and senior managers in a handful of key IT decisions. This holds true for government departments as they must deliver, support and maintain successful IT projects and IT infrastructure if they are to provide their services to the public economically, efficiently and effectively.

2.2 About the Department

CIC is responsible for the selection and processing of applications to come to Canada temporarily or permanently, helping newcomers adapt to Canadian society and become citizens. Consequently, CIC relies heavily on the flow of information to accomplish these goals through the use of IT.

The Department is organized into the following four sectors that are led by an Assistant Deputy Minister (ADM) and that report to the Deputy Minister (DM).

  1. Operations: responsible for all the Department’s program delivery activities;
  2. Strategic and Program Policy: leads the Department’s strategic agenda on both the domestic and international levels and directs related policy, planning and research strategies;
  3. Client Service Modernization (CSM): leads the redesign of CIC’s service delivery model, setting service improvement priorities and directing program investments to achieve the best results for its clients; and
  4. Corporate Services: responsible for CIC’s management agenda, bringing together responsibility for key corporate functions.

Each sector is comprised of a group of branches, each led by a DG, that support the achievement of the sector’s goals. The Department’s 2008–2009 report on plans and priorities estimated at $1,103.6 million the total resources available to support departmental activities for the year and at 3,604 the number of full-time equivalents (FTE).

2.3 Information Management and Technologies Branch

IMTB is part of the CSM sector and is responsible for planning, building and operating the applications, information and technology infrastructure needed to support the delivery of CIC services and programs to Canadians, immigrants and refugees, and to administer and manage the Department. IMTB provides both information management (IM) and IT services and support to all business lines at CIC and to selected business lines at the Canada Border Services Agency (CBSA).

As illustrated in figure 1 below, IMTB is headed by the CIO/DG who reports to the ADM of Client Service Modernization, who has regular access to CIC’s DM.[Note 2]

Figure 1: IMTB Organizational Structure

Information Management Technology Branch Organizational Structure

Text version: Organizational Structure

In 2004, IMTB engaged the Gartner consulting firm to prepare an information technology overview assessment which benchmarked functional areas to a composite peer group. This study noted that CIC was performing in the top quartile of the workload peer group selected. For 2008–2009, the total budget allocated to IMTB was $75.8 million[Note 3] and 355 FTEs,[note 4] not including regional spending on IT. A further breakdown of IMTB resources by directorate can be found in Appendix A.

As mentioned above, the regions engage in IT expenditures that are not accounted for in the IMTB plan. The domestic regions maintain staff and engage in limited IT expenditures to support their regional activities. A functional authority model is in the process of being developed which will clearly articulate the roles and responsibilities of the CIO over regional IT activities. The Department also relies on the Department of Foreign Affairs and International Trade (DFAIT) to provide support to staff located in offices abroad. CIC transfers funds to DFAIT (through a memorandum of understanding) for this purpose. Similarly, the CBSA transfers funds to CIC for IT support services delivered to CBSA staff by IMTB. CIC estimates for these additional expenditures can be found in Appendix B.

IT expenditures may take many forms. From an IT governance perspective, it simplifies the analysis to divide them into two groups: 1) investments in infrastructure (e.g., servers and networks) and 2) investments in IT development projects designed to satisfy a specific requirement. For the purposes of this audit, we refer to corporate investments in infrastructure as “IT investments” and specific stand-alone projects as “IT projects.”

IMTB Governance Structure

The following figure indicates the various committees and councils that governed IMTB at the time of our audit. As illustrated, the predominant governance link between the CIO/DG of IMTB and senior management committees rests within the reporting relationship between the CIO/DG of IMTB and the ADM for CSM.

Figure 2: IMTB Governance Structure

Information Management and Technology Branch Structure

Text version: Governance Structure

The following table summarizes the accountabilities and responsibilities of each committee depicted in the figure above as well as additional committees that have an impact on IT governance and that were in place at the time of our audit.

IT Governance Committees

Information Technology Governance Committees
Title Chair Description
Departmental
Executive Committee (EXCOM) DM EXCOM is the senior decision-making forum for the Department. It focuses on issues that require decision making and strategic direction, and on corporate and horizontal issues. In general, items presented here have already been presented and approved by the Management Accountability Committee (MAC) or the Client Service Committee.
Management Accountability Committee (MAC) ADM, Corporate Services MAC provides direction and advice on all issues related to the implementation of the government’s overall management agenda, departmental management priorities and the Management Accountability Framework (MAF). Twice a year, the CIO is invited to the MAC to engage CIC at large in the guidance of the IM/IT function and priority setting of IM/IT investments.
Client Service Modernization (CSM) ADM, Operations, and
ADM, CSM
CSM is both a strategic and a tactical committee tasked with developing and recommending to EXCOM a global service delivery strategy for CIC, and identifying, approving and, when necessary, recommending to EXCOM the transformation activities required to ensure the success of CIC’s service delivery strategy.
IM/IT Technical Council and Committees
Architecture Council (AC) Director, Planning and Architecture Directorate AC is a management decision-making body that provides direction, advice and approval on all matters of enterprise architecture, migration strategies and technology platforms.
Architecture Standards Committee (ASC) Director, Planning and Architecture, and Director, Corporate Systems The mandate of this committee includes informing on overall Government of Canada architecture direction, principles and standards; reviewing and recommending key CIC IM/IT architectural frameworks, principles and policies to the AC, including the retirement of standard products; and approving IM/IT standards (business, information/data, technical and application domains).
Information Technology Project Review Committee (ITPRC) Director, Project Delivery Office ITPRC reviews and approves project charters, plans and schedules for the IM/IT component of projects. It monitors the progress of all approved projects (projects’ performance to plans, reasons for variance) and identifies actions required to ensure that projects are delivered on time and within budget, including the conduct of a mid-project review when deemed necessary. ITPRC also reviews and approves all requests for changes to the scope, cost and schedule of projects.
Global Case Management System (GCMS)
GCMS
Deputy Minister Advisory Committee
DM The GCMS DM Committee is an advisory committee that provides advice to CIC and GCMS project management and draws lessons that can inform other federal government projects in the future.
GCMS Steering Committee DM CIC’s EXCOM serves as the GCMS Steering Committee. This group is responsible for providing ongoing executive oversight and direction to the GCMS project.
GCMS Senior Review Board CIO Comprised of representatives of the Treasury Board Secretariat (TBS) and partners (CBSA), this board meets monthly to discuss the status, risks, issues and schedule of the GCMS project.
GCMS Senior Project Advisory Committee (SPAC) SPAC provides an interdepartmental senior management forum to guide the GCMS project, facilitate agreements between departments and resolve interdepartmental issues.

At the time of our audit, CIC did not have an organizational project management governance structure. Recent assessments of CIC against the MAF by the TBS have echoed this observation. Projects considered to be IT-enabled generally have a defined governance structure that ensures projects align with priorities, that regularly reviews projects and that documents decisions. Projects not considered to have an IT component have a less defined governance structure within the Department and may occur in all aspects of the Department’s operations, the normal progression being that suggestions for change originate within a branch and are then put forward for approval. If proven to have merit, they are then escalated through the hierarchy of senior management committees.

While we note the dichotomy in treatment here and the fact that the audit focused on IT, we also note that many of the concepts expressed in our audit do not apply uniquely to the management of IT projects. If these concepts are implemented, they may help lay the foundation for the Department to implement an organizational project management governance framework that would extend beyond projects with an IT component and allow for the higher-level orientation needed to ensure the full realization of organizational objectives.

We also note that after our examination, the Department made adjustments to do just this with a new proposed committee, the Project Review Committee, which replaced the ITPRC mentioned in the table above. The first meeting of this new committee took place in February 2009.

2.4 Environmental context

External

There are a number of external environmental factors that have an impact on IT governance at CIC:

  • The pace of technological change: The fast pace of change demands that decisions related to IT be made on a timely basis, with a thorough understanding of the risks and opportunities associated with the IT initiative;
  • Fiscal realities: The current economic climate has caused increased scrutiny of all discretionary spending, but in particular the cost of large IT projects such as GCMS;
  • The balance between innovation and control over IT: CIC wishes to encourage innovation in the way it delivers its services; however, in cases where the innovation is supported by IT, it may run counter to the objective of exerting control over the IT environment;
  • Infrastructure obsolescence: Technology infrastructure becomes obsolete over time. Keeping it up to date, commonly referred to as evergreening, is a challenge for every federal department, and CIC is no exception; and
  • Environmental concerns: IT creates a large environmental footprint, making up an estimated 2% of the waste stream. There is increasing scrutiny and pressure for large departments such as CIC to follow the practices associated with “Green IT.”

These factors contribute to many of the pressures felt by IMTB and underscore the importance of a strong IT governance framework to provide leadership and support to senior management.

3.0 Objectives

The objectives of this audit are to assess:

  • the adequacy of CIC’s IT governance structure; and
  • the degree of alignment and integration between CIC’s IT strategy and its business strategy.

4.0 Scope

The scope of this audit covers all current-year IT governance activities at national headquarters, including IT governance structures and alignment with business strategy. It is worth noting that although the GCMS project is substantial relative to the overall IMTB budget, it also has its own extensive governance structure and will be included in this report as one of the many IT projects housed under IMTB.

While our audit examined the governance structure in place and specific to IT, many of the concepts expressed in our audit are equally applicable to the management of projects, in general. If these concepts are implemented, they may help lay the foundation for the Department to implement an organizational project management governance framework which would extend beyond projects with an IT component and allow for the higher-level orientation needed to ensure the full realization of organizational objectives.

5.0 Methodology

As part of the audit, we:

  • reviewed and analysed documents;
  • conducted interviews with senior management and selected staff;
  • conducted interviews with individuals from two federal government departments generally regarded as having strong IT governance; and
  • performed a review of best practices and emerging issues in IT governance.

The audit was conducted in accordance with the Government of Canada’s Policy on Internal Audit as well as the professional practice standards of the Institute of Internal Auditors.

The criteria used in the audit are based on applicable Treasury Board and Office of the Auditor General guidelines, as well as industry frameworks (e.g., COBiT and Val IT). The detailed criteria for the audit are presented in Appendix C.

6.0 Conclusion

Overall, the audit team found there was alignment and integration between CIC’s IT strategy and its business strategy, and while adequate structures and processes were in place, the audit identified opportunities to enhance CIC’s IT governance framework. Consequently, we have made two recommendations to strengthen the process in place. This is discussed in greater detail in the following sections and a management action plan to respond to our recommendations can be found in Appendix D.

7.0 Observations and Recommendations

7.1 Alignment of IT strategic planning with business strategy

We expected to find business and IT senior management engaged in aligning IT strategic planning with current and future business needs.

Our review of planning documents found that IMTB business plan priorities were aligned with at least one CIC strategic priority.

IMTB created an IM/IT strategic plan, but the plan did not receive senior departmental management approval. Therefore, the IMTB business plan is the de facto IMTB strategic planning document. The priorities included in the IMTB business plan and CIC’s strategic priorities were documented and current. We also found that the IMTB business plan priorities supported all CIC strategic priorities as they were aligned with at least one of CIC’s strategic priorities. Furthermore, each IMTB business priority related to at least one IT project. IMTB also reviews its activities every year to ensure it meets its business plan priorities.

As part of our review, we also examined committee meeting minutes and found that some senior management discussions on IT issues were occurring. However, our interviews with senior management indicated a lack of senior management engagement in IT strategic planning.

Our review of EXCOM meeting minutes indicated that 20 meetings were held during our review period. Of these, five discussed or made decisions on an IT matter. With respect to CSM meeting minutes, six discussions were held, and two decisions were made regarding IT.

However, senior management interviews indicated a lack of engagement in IT strategic planning issues and a lack of clarity regarding the impact of IT risks on business. Interviews with senior management also highlighted questions and concerns regarding the IMTB vision and initiatives mentioned in the environmental context section of this report, such as innovation, green IT and evergreening. Without addressing these contextual issues through IT governance processes and with the involvement of senior management, CIC is at risk of being unresponsive to the current IT pressures and business risks. More details on other aspects of this observation, such as performance monitoring and decision making, are provided in the following sections of this report.

7.2 IT performance monitoring and evaluation

We expected to find that CIC’s IT performance monitoring and evaluation process included the definition of relevant performance indicators, systematic and timely reporting, and timely action upon discovery of deviations.

We found that regular monitoring, tracking and evaluation of the IT performance metrics did occur within IMTB, although they were not reported to senior management.

IMTB has an extensive list of metrics on which branch performance is assessed at the tactical level. In total, 76 metrics were identified to assist in the collection of performance information for planned activities. In addition, the branch captures IT project metrics every month for projects already under way. However, we found that neither of the sets of metrics were presented to senior management on a periodic basis.

Our interviews brought to light the existence of a reporting gap between the IT business and project performance metric collection and senior management (i.e., EXCOM). A best practice review indicated opportunities for improvement regarding the development of an appropriate reporting strategy. This strategy should describe relevant developments and reach the appropriate governance committees on a regular basis. In doing so, senior management would have improved information available in support of decision making.

Recommendation 1

That the Department roll up ongoing IT and IT project performance metrics into a meaningful dashboard for senior management review on a regular basis, and escalate it to EXCOM on an as-needed basis.

Management Response

Agreed. IMTB will implement an ongoing IT and IT project performance metrics dashboard for senior management.

7.3 IT costs and decision making

We expected to find that the identification and allocation of IT costs were understood by senior management and that they enabled CIC to make informed decisions regarding the use of IT services.

Our interviews with senior management suggested a lack of clarity in both the identification and allocation of IT costs.

Our review of meeting minutes during our review period found that EXCOM had discussed and rendered a decision regarding IMTB’s budget and cost allocation on only one occasion. Although IMTB’s IT costs are allocated according to the departmental cost management model, executive-level interviews indicated a lack of visibility with regard to the identification and allocation of IT costs, including the IMTB evergreening strategy. Senior management interviews indicated a desire to participate in informed IT decisions based on IT costs, benefits, business strategy, policy and service levels.

One meeting on IMTB budgeting would be adequate if senior management left with an understanding and a feeling of having contributed to IMTB’s budgeting process. We did not find this to be the case. As a consequence of failing to engage senior management at the appropriate level, CIC faces a higher risk of disconnect between IMTB spending and corporate priorities.

The prioritization of IT investments and projects has been identified as an area that requires attention. The current approval mechanism relies on sector funding. We did not find evidence of senior management discussion or reallocation of funds based on overall departmental business objectives or risks and pressures.

Although EXCOM and CSM meetings did incorporate discussions and decisions related to IT, there was no discussion on the prioritization of IT investments (e.g., infrastructure) or projects. Interviews suggested that CIC processes and mechanisms for defining priorities among potential IT investments and projects were not clear.

At CIC, IT investment decisions are not made by or presented to senior decision-making bodies. Conversely, the current approval mechanism for a proposed IT project relies heavily on sector funding, not on the impact the project will have on overall departmental business goals and objectives. In this situation, branches come forward with ideas for projects and the projects are considered in isolation from the rest of the Department.

The result of both of these approaches is that the investments and projects that may contribute the most to CIC meeting its corporate objectives may not be pursued in favour of other less significant investments and projects. As IT is a main vehicle for change and innovation, the implementation of new technologies needs to consider a more global view of the Department. This is especially true for CIC as it is heavily reliant on IT in the delivery of its programs. Consequently, both forms of innovation need to be scrutinized from a “best for the Department” point of view and, depending on materiality, need to be escalated up the chain of authority.

By their very nature, IT investments originate centrally from within the organization. However, escalation needs to be better defined when these investments pass certain thresholds in order to ensure that the appropriate level is making the decision. At CIC, these decisions largely remain at the IM/IT Technical Council level of its committees. Conversely, IT projects should be considered from the global point of view of the Department. Because of the size of CIC, this may require several iterations of IT project reviews, at different levels of the organization depending on the size and the impact of the proposed IT project. At the end of this revised process, IT projects that are deemed to be most beneficial to the organization should be implemented as opposed to those for whom the sponsoring authority has the funding. In our view, this approach will also provide senior management with a better understanding of associated business risks and pressures with respect to these funding decisions. Our discussions with IMTB staff confirmed the merits of this approach and we noted that it is something they are already working toward.

Recommendation 2

That the Department implement its planned transition to a CIC-wide approach to vetting and funding investments in IT, which approach would better define responsibility for review and approval and incorporate an approval hierarchy in the decision process commensurate with the proposed investment’s costs and impact on the Department.

Management Response

Agreed. IMTB will define and implement a CIC-wide process for IT investment planning that engages senior management in the review and approval of IT investments.

7.4 IT governance structure

We expected to find an IT governance framework that included structures, processes, leadership, roles and responsibilities and that ensured IT investments and projects were aligned and integrated with corporate governance.

We found that IT governance structures were in place and aligned with corporate governance committees.

As demonstrated in the IMTB governance organizational chart and documentation review, IT governance structures, processes and reporting relationships are adequate. However, for these structures to effectively respond to the needs of the overall departmental senior management, committees need to be appropriately engaged through the recommendations outlined above.

Appendix A: IMTB Resource Overview

Information Management Technology Branch Resource Overview

Text version: Resource Overview

Notes
A – Denotes A Base funding
B – Denotes B Base funding
All directorates devote resources to GCMS. This is not reflected in the numbers above.

Source of information

  • IMTB organizational chart
  • Budget figures from 2008–2011 IMTB Business Plan (figures for 2008–2009)
  • FTEs from IMTB overview presentation of July 10, 2008, include indeterminate staff but exclude all others (e.g., contract staff)

Appendix B: CIC IT Spending outside of IMTB

Citizenship and Immigration Information Technology Spending outside of Information Management and Technology Branch
Organization 2006–2007 2007–2008 2008–2009*
Domestic regions 4,318,928 4,532,343 1,771,051
DFAIT 390,000 719,723 340,702
Recoveries from CBSA 3,117,240 3,017,443 1,286,935
Total 7,826,168 8,269,509 3,398,688

* Figures to September 30, 2008.

Appendix C: Audit Criteria

Criterion 1: The business and IT senior management team is engaged in aligning IT strategic plans with current and future business needs.

Criterion 2: CIC’s IT performance monitoring and evaluation process includes the definition of relevant performance indicators, systematic and timely reporting, and timely action upon discovery of deviations.

Criterion 3: The identification and allocation of IT costs are understood by the senior management and enable CIC to make informed decisions regarding the use of IT services.

Criterion 4: The IT governance framework includes structures, processes, leadership, roles and responsibilities that ensure that IT investments are aligned with and integrated within corporate governance.

Appendix D: Management Action Plan

# Recommendations Action Plan Accountability Implementation Target
1. That the Department roll up ongoing IT project and business performance metrics into a meaningful dashboard for senior management review on a regular basis, and escalate it to EXCOM on an as-needed basis. Implement an ongoing IT and IT project performance metrics dashboard for senior management.
  • Provide project performance dashboard for EXCOM (initial dashboard: March 2009; final dashboard: June 2009)
  • Provide IT performance dashboard for EXCOM (initial dashboard: March 2009; final dashboard: June 2009)
CIO By 2009–2010 Quarter 1
2. That the Department implement its planned transition to a CIC wide approach to vetting and funding investments in IT, which approach would better define responsibility for review and approval and incorporate an approval hierarchy in the decision process commensurate to the proposed investment’s costs and impact to the department. Define and implement a CIC-wide process for IT investment planning that engages senior management in the review and approval of IT investments.
  • Provide proposed process for review by EXCOM (March 2009)
  • Process approved by EXCOM (June 2009)
CIO By 2009–2010 Quarter 1

Appendix E: Audit Time Line

Planning — July to September 2008

Examination — October and November 2008

Clearance draft to management — January 30, 2009

Management action plan finalized — February 17, 2009

Approved by Audit Committee — April 7, 2009


Footnotes

  • [1] ISACA.org. [back to note 1]
  • [2] During the conduct of our audit, reporting lines were changed and the Global Case Management System (GCMS) now reports directly to the ADM of Client Service Modernization through a general manager. [back to note 2]
  • [3] IMTB 2008–2011 Business Plan. [back to note 3]
  • [4] IMTB overview presentation, July 10, 2008. [back to note 4]
Date Modified: