Department of Finance Canada’s Internal Audit Directorate - Key Compliance Attributes of Internal Audit

Report – June 30th, 2019

Directive on Internal Audit  

Appendix A: Mandatory Procedures for Internal Auditing in the Government of Canada

A.2.2.3  Departments must meet public reporting requirements as prescribed by the Comptroller General of Canada and using Treasury Board of Canada Secretariat prescribed platforms, including: 

A.2.2.3.1  Performance results for the internal audit function

The objective of publishing departmental internal audit performance results, in the form of key compliance attributes, is to provide pertinent information to stakeholders (Canadians, parliamentarians) regarding the professionalism, performance and impact of the function in departments.

The key compliance attributes detailed below have been selected to show an external audience that an internal audit function is in place within the Department and is operating as intended.

Departments with internal audit functions are required to publish key attributes of compliance as per section A.2.2.3.1 of the Treasury Board Directive on Internal Audit. It is important that the public is aware that the heads of government organizations are receiving assurance and that activities are managed in a way that demonstrates responsible stewardship.

More information regarding the rationale behind publishing these attributes can be found under the OCG web page.  

2018-2019 Q1 Performance Results
Compliance attributes will answer questions that stakeholders may have about the oversight of public resources Key compliance attributes Results – April 1st to June 30th 2019
Do internal auditors in departments have the training to do the job effectively? Are multidisciplinary teams in place to address diverse risks? 1(a)   % of staff with an internal audit or accounting designation (Certified Internal Auditor (CIA), Chartered Professional Accountant (CPA))

1(b)   % of staff with an internal audit or accounting designation (CIA, CPA) in progress

1(c)   % of staff holding other designations (CGAP, CISA, etc.)

1(a)   67% of staff have an internal audit or accounting designation (CIA, CPA)

1(b)   33% of staff with an internal audit or accounting designation (CIA, CPA) in progress

1(c)   1 staff member is also holding other designations (CGAP, CRMA, etc.)

Is internal audit work performed in conformance with the international standards for the profession of internal audit as required by Treasury Board policy? 2(a)   Date of last comprehensive briefing to the Departmental Audit Committee (DAC) on the internal processes, tools, and information considered necessary to evaluate conformance with the IIA Code of Ethics and the Standards and the results of the quality assurance and improvement program (QAIP)

2(b)   Date of last external assessment

2(a)   The last comprehensive briefing to DAC on the internal processes, tools, and information considered necessary to evaluate conformance with the IIA Code of Ethics and the Standards and the results of the QAIP was on May 2nd, 2019.

2(b)   The last external assessment was completed on July 15, 2017.

Are the RBAPs submitted to audit committees and approved by deputy heads implemented as planned with resulting reports published? Is management acting on audit recommendations for improvements to departmental processes? 3   RBAPs and related information

(a) name / status of audit for the current fiscal year of the RBAP

(b) date the audit report was approved

(c) date the audit report was published

(d) original planned date for completion of all management action plan (MAP) items

(e) status of MAP items

The 2019–20 to 2021–22 RBAP* was submitted secretarially to the DAC members on June 27, 2019 and approved by the Deputy Minister on July 12, 2019.

See Table 1 – Audit plan and related information for details on the execution of the plan.

*Adjustments to the internal audits listed in the 2019–2020 List of Planned Internal Audit Engagements may have occurred in order to address emerging risks and priorities of the organization.
Is internal audit credible and adding value in support of the mandate and strategic objectives of the organization? 4   Average overall usefulness rating from senior management (ADM-level or equivalent) of areas audited. Senior management of areas audited rated the overall usefulness of our work as "Good" out of potential rankings of Poor, Fair, Good, and Excellent.
Table 1 – Audit plan and related information
  Internal audit Audit status Report approved date Report published date Original planned MAP completion date Implementation status
1 Audit of Business Continuity Planning Program Published: MAP not fully implemented 2016/08/29 2016/11/22 March 2018 67%
2 Coordinated Audit of Physical Security Access at The James Michael Flaherty Building Published: MAP not fully implemented 2017/11/22 2018/01/10 March 2018 60%
3 Audit of Information Management of the Federal Budget Process Published: MAP not fully implemented 2018/10/24 2019/01/25 March 2019 50%
4 Audit of Safeguarding of Sensitive Information Published: MAP not fully implemented 2018/12/14 2019/02/25 March 2019 75%
5 Review of the Reserves Management Systems Approved: No MAPs 2019/05/15 N/A N/A N/A
6 Review of Information Technology (IT) Governance and IT Project Management Approved: No MAPs 2019/05/15 N/A N/A N/A
7 Audit of the Indigenous Tax Administration Agreements' Governance Framework[1] Approved: No MAPs 2019/05/15 Planned to be published by the end of July 2019 N/A N/A
8 Audit of the Department’s Information and Records Management System (SharePoint) In progress        
9 Audit of Financial Commitments to International Financial Institutions[2] Planned        
10 Review of Audit Readiness: Management of Special Projects Planned        
11 Staffing Review Planned        
1 This assurance engagement was requested by the Deputy Minister after the approval of the 2018–19 to 2020–21 RBAP.
2 Formerly known as the Audit of the International Financial Institution’s Governance Framework.