CPPM Procedure Chapter L: Loss Reporting

This chapter of the Core Policy and Procedures Manual describes requirements for reporting losses supplementary to Chapter 20 on loss management.

• L.1 General
• L.2 Information and Information Technology Security Incidents
• L.3 Illegal Activities
• L.4 General Incidents
• L.5 Intentional Harm or Threat of Harm to Employees and Others
• L.6 Bodily Injury to Persons Outside Government
• L.7 Annual Loss Reporting Summary
• L.8 Accounting for Losses

L.1 General

• Core Policy 20

Where an employee suspects or determines that a loss incident has occurred, it must be reported to their supervisor immediately and to the police, if warranted. Reporting is not limited to the loss being set up as an account receivable or successful prosecution. Reports must be completed by the employee and/or supervisor for the area in which the loss occurred.

Vehicle loss incidents are reported as defined in CPPM 11.3.5: Vehicle Accidents, Vandalism and Other Losses.

L.2 Information and Information Technology Security Incidents

• Core Policy 20.2.1 and 12
• Security Standards and Guidelines (PDF) (government access only)

Information incidents involve the actual or suspected loss of information and/or information technology security incidents, regardless of value, must be reported:

• immediately using the Information Incident Management Policy; and
• within 24 hours, on a General Incident or Loss Report (GILR) (government access only) to:
  • the ministry security officer;
  • the ministry executive financial officer or delegate;
  • the Risk Management Branch;
  • the Comptroller General; and, if warranted
  • the deputy minister.

Where a Cabinet confidentiality information incident is involved, it must be reported immediately to the Chief Security Officer, Government Security Office (government access only), who will lead the investigation but will otherwise observe the Information Incident Management Policy.

The loss of any information technology (IT) resource (e.g., government-issued laptop, cellphone) must be immediately reported to the 7-7000 Service Desk (250-387-7000) so that the device can be disabled. A lost or stolen IT resource is considered an information incident.

L.3 Illegal Activities

• Core Policy 20.2.2

Losses due to actual, suspected or attempted illegal activities (regardless of the value) must be reported:

• immediately to a supervisor; and
• within 24 hours, on a General Incident or Loss Report (GILR) (government access only) to:
  • the ministry security officer;
  • the ministry executive financial officer or delegate;
  • the Risk Management Branch;
  • the Comptroller General; and, if warranted
  • the deputy minister.

For incidents involving Cabinet confidentiality, a report must be made immediately to the Chief Security Officer, Government Security Office (government access only), who will lead the investigation but will otherwise observe the Information Incident Management Policy.

Where it is suspected that an employee is involved in a loss incident resulting from an illegal activity, the executive financial officer or delegate must immediately advise and seek guidance from the Comptroller General; Legal Services Branch; and the BC Public Services Agency. The Executive Financial Officer will contact police, if warranted.

The Comptroller General may direct or assist in an investigation of the incident.

In consultation with legal counsel, the executive financial officer or delegate must submit a report marked PROTECTED PERSONAL to the Comptroller General on the status of the file every 6 months until the file is completed.

As soon as the investigation of the loss is completed and all pertinent action has been taken, a final report must be submitted to the Comptroller General, marked PROTECTED PERSONAL, including the following information where applicable:

• the measures taken to recover the loss, the amount recovered and the probability of further recovery;
• the action or discipline taken in respect of the loss including the extent to which prosecution has been undertaken and if so, the results of the prosecution;
• the safeguards and controls implemented or planned to be implemented to prevent, reduce and detect further losses of a similar nature.

L.4 General Incidents

• Core Policy 20.2.3

General loss incidents must be reported:

• immediately to a supervisor; and
• within 24 hours, on a General Incident or Loss Report (GILR) (government access only) to:
  • the ministry's security officer
  • the ministry's chief financial officer
  • the Risk Management Branch
  • the Comptroller General

Report general incidents on a GILR where the value, singly or cumulatively, is greater than $1,000. However, if there appears to be a pattern or the losses are suspicious, report as described above regardless of the value.

L.5 Intentional Harm or Threat of Harm to Employees and Others

• Core Policy 20.2.4

Incidents of intentional harm or the threat of harm to an employee must be reported:

• immediately to a supervisor, the ministry security officer, the Risk Management Branch and, if warranted, the police, and
• as soon as is possible, the appropriate ministry executives.

A General Incident or Loss Report (GILR) (government access only) must be prepared and distributed within 24 hours.

Contact the BC Public Service Agency for further advice and guidance in these circumstances. For further information see:

• Incident Reporting and Investigations – Checklist (government access only)
• Incident Reporting and Investigations – What to do if an Injury Occurs (government access only)
• Violence in the Workplace Checklist (government access only)

L.6 Bodily Injury to Persons Outside Government

• Core Policy 20.2.5

Incidents where there is bodily injury to persons outside of government must be reported:

• immediately to a supervisor, and, if warranted, the police; and
• within 24 hours, on a General Incident or Loss Report (GILR) (government access only) to:
  • the ministry's security officer;
  • the ministry's chief financial officer; and
  • the Risk Management Branch.

L.7 Annual Loss Reporting Summary

• Core Policy 20.2.6

Recurring losses from general loss incidents and/or illegal activities are reported annually as the value of reporting these types of losses as they occur on a GILR is limited. They must be reported to the Risk Management Branch by June 30 of each year for the preceding fiscal year on an Annual Loss Summary Report.

The report must detail the number of loss incidents, value of losses and recoveries, net loss and reason for losses. It must also include the safeguards and loss control measures implemented by the ministry. The results are published on the Government Security Office website.

L.8 Accounting for Losses

• The cost of a loss must be determined as soon as possible, and where, in the opinion of the ministry's chief financial officer, the loss is recoverable, it must be recorded as a ministry account receivable in the central accounts of government.
• Where, in the opinion of the ministry's chief financial officer, loss of an asset is not recoverable, the cost of the loss must be charged to a ministry's current year appropriation.
• Where an appropriation has been charged to replace the loss of an asset (other than a tangible capital asset), any payment received in the same fiscal year, which recovers that loss, in whole or in part, must be recorded and credited to the appropriation. If the recovery is made in another fiscal year, the payment must be credited to a revenue account.

Procurement & Disposal < Previous | Next > Sales Taxes