2022-2023 Report on Key Compliance Attributes of the Internal Audit Function
The Internal Audit and Evaluation Directorate (the Directorate) provides independent objective assurance. It also provides consulting and evaluation services to add value and improve the Public Service Commission of Canada’s operations.
The Directorate conducts its audit work in accordance with:
- the Treasury Board of Canada Secretariat’s Policy on Internal Audit
- the Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing
The Directorate’s mission is to enhance and protect organizational value by providing risk-based objective assurance, advice and insight. The internal audit function allows us to meet our goals, using a systematic, disciplined approach to evaluating and improving the adequacy and effectiveness of the Directorate’s processes for risk management, control and governance.
This report provides information on the professionalism, performance and impact of the internal audit function.
The Treasury Board of Canada Secretariat’s Directive on Internal Audit requires all departments and agencies to provide information on key compliance attributes to show that the internal audit function is in place and working as intended.
1. Do internal auditors have the training needed to do the job effectively, and are multidisciplinary teams in place to deal with diverse risks?
Yes. Collectively, the Directorate’s staff have the knowledge, skills and abilities needed to do their work and fulfill their duties. The compliance attribute for measuring training is the percentage of staff who are:
- Certified Internal Auditors or Chartered Professional Accountants
- as well as those working on getting either of these designations
- Certified with the following internal audit designations:
- Certified Government Auditing Professional
- Certification in Risk Management Assurance
- Internal Audit Practitioner
- Certified Information Systems Auditor
- Certified Fraud Examiner
For this report, 5 Directorate staff members make up the internal audit function. This includes the Chief Audit Executive and 4 members of the internal audit team. Figure 1 illustrates the distribution of the audit team members within the Directorate.
Figure 1: Percentage of internal auditors with a designation as of June 16, 2022
Text version
| Type of Internal Auditors | Percentage |
|---|---|
| Designated (CIA¹, CPA²) | 40% |
| CIA or IAP³ in-progress | 60% |
1 Certified Internal Auditor; 2 Charted Professional Accountant; 3 Internal Audit Practitioner
As of June 16, 2022, 2 staff members have accreditations (1 with a Certified Internal Auditor and 1 with a Chartered Professional Accountant). Two staff members are currently working towards obtaining the Certified Internal Auditor designation and 1 towards the Internal Audit Practitioner designation.
The internal audit staff is made up of people with diverse backgrounds, qualifications and education.
2. Does internal audit work meet international standards for the profession as required by Treasury Board of Canada Secretariat policy?
Yes. The Directorate’s internal audit work meets international standards for the profession. The compliance attribute for measuring compliance is the date of the last briefing on the performance of the internal audit function to the Internal Audit Committee (including the results of internal assessments and any changes to audit methods, guidance and procedures) and the date of the Directorate’s last external assessment.
| Date | Assessment type |
|---|---|
| December 2017 | Internal Audit Self-Assessment |
| March 2018 | External assessment completed |
| June 2018 | Briefing on Internal Audit Performance |
| March 2019 | Internal Audit Self-Assessment |
| June 2019 | Briefing on Internal Audit Performance |
| March 2020 | Internal Audit Self-Assessment |
| June 2020 | Briefing on Internal Audit Performance |
| June 2021 | Planned Internal Audit Self-Assessment |
| June 2021 | Briefing on Internal Audit Performance |
| June 2022 | Planned Internal Audit Self-Assessment |
| June 2022 | Briefing on Internal Audit Performance |
3. Are risk-based audit plans submitted to audit committees and approved by deputy heads? Are they implemented as planned with resulting reports published? Is management acting on audit recommendations?
Yes. The internal audits conducted by the Directorate were planned based on the approved Internal Audit and Evaluation Plan 2021-23. An update on the implementation of year 1 of the plan is provided in Table 1. An overview of internal audits planned for the 2022 to 2023 fiscal year is provided in Table 2 and will be updated to track:
- planned internal audits
- progress in implementing actions as a result of the internal audits
| Audit title | Audit status | Report approved date | Report published date | Target date for management action plan | Implementation of actions | Notes |
|---|---|---|---|---|---|---|
| Audit of GC Jobs Transformation, 2021 | Preliminary results presented to the Internal Audit Committee | In progress | Not published | Not applicable | Not applicable | Preliminary results were submitted at the September 2021 Internal Audit Committee meeting. Final results were presented at the September 2022 meeting. |
| Review of PSC Open Government | Approved | December 2021 | Not applicable | Not applicable | Not applicable | Not applicable |
| PSC Employment Systems Review | Approved | December2022 | Not applicable | Not applicable | Not applicable | Not applicable |
| IT Technical Debt Review | Approved | June 2022 | Not applicable | Not applicable | Not applicable | Presented to the IAC on June 9, 2022 |
| Special Consultative Engagement on the Vaccination Policy | Not applicable | Not applicable | Not applicable | Not applicable | Not applicable | Results of the consultation presented at the June 2022 Internal Audit Committee meeting |
| Audit title | Audit status | Report approved date | Report published date | Target date for management action plan | Implementation status | Notes |
|---|---|---|---|---|---|---|
| Audit of Risk Management Practices | Planning phase | December 2021 | Not applicable | Not applicable | Not applicable | Not applicable |
| Audit of IT Security | Pre-planning phase | March 2023 | Not applicable | Not applicable | Not applicable | Not applicable |
4. Is internal audit credible and does it add value in support of our mandate and strategic objectives?
Yes. Based on the results of the external assessment completed in March 2018, the internal audit function generally meets the expectations of the President, the Internal Audit Committee and senior management, and it adds value to the organization. Some successful internal audit practices were identified in the external assessment. They included the quality of reports recognized as being useful to clients. The most recently completed internal audit self-assessment, which was tabled at the June 2022 Internal Audit Committee meeting, found that the function continues to generally conform to all applicable internal
Page details
- Date modified: