penalties for violations that result in injuries or death. The Bill provided new rules for attributing criminal liability to organizations, including corporations, their representatives and those who direct the work of others. Amendments added Section 217.1 to the Criminal Code which reads: “Every one who undertakes, or has the authority, to direct how another person does work or performs a task is under a legal duty to take reasonable steps to prevent bodily harm to that person, or any other person, arising from that work or task."

The other relevant legislation is the Occupiers Liability Act which states that an “occupier of premises owes a duty to take such care as in all the circumstances of the case is reasonable to see that persons entering on the premises, and the property brought on the premises by those persons are reasonably safe while on the premises .”

The Corporation is the occupier of its properties, having “possession of the premises”, and “responsibility for and control over the condition of premises”.

Our Peers

Many municipalities in Ontario have embarked on establishing a centralized security framework and division, including cities such as Toronto, Ottawa, Mississauga, Brampton, Guelph, Kitchener, Sudbury and London. Hamilton and Pickering established security divisions in the last two years.

The reporting structure varies with most reporting under Facilities or Corporate Services. A small survey of municipalities in Ontario shows that a number of municipal security division budgets are typically over $1 million, and some in the Greater Toronto Area are in excess of $7 million.

Results of Studies and Audits

In 2018, City Council approved funding to conduct security assessments of select facilities and develop a Security Master Plan. The Security Master Plan and recommended procedures are still in draft form pending a review with internal stakeholders. The plan deals with governance level issues and includes recommendations for a Security Implementation Plan and proposed security procedures that affect multiple departments. Security procedures can be confidential information and will require administrative review and updates on a regular basis.

Although some physical improvements are recommended, the overarching recommendation of the TRVA reports and the Security Master Plan is to establish a centralized corporate security division.

The PwC “Security Incident Prevention and Mitigation” audit of April 2020 produced the following four findings, and highlighted throughout the report the challenges of a decentralized responsibility for security.

  1. Establish protocols for joint ownership of security policies and monitoring controls

  2. Establish and define responsibilities to monitor contractual requirements

  3. Enhance additional preventative or mitigation security protocols, measures or devices.