Archived: Risk-based audit and evaluation plan: detailed internal audit plan for 2013-14 to 2015-16 (table)

Appendix A. Detailed Internal Audit Plan - 2013-14 to 2015-16

Return to report

The following table presents the internal audit projects planned for the next three years including those carried over from 2012-13.

Projects Underway
        Estimated Cost
Initial Project Description and Objectives Rationale for Conduct Start Date(Quarter and Year) End Date(Quarter and Year) 2013-14
PD
2013-14
$’000
2014-15
PD
2014-15
$’000
2015-16
PD
2015-16
$’000

Support to the Implementation of the Deficit Reduction Action Plan (DRAP)

The AEB will provide advisory support to help the department with the implementation of the DRAP. Support mainly related to monitoring and reporting on progress.

Risk or Consideration (Appendix C.): 6.2, 1.7

Corporate Priority: Management Priority

Link to MAF: Stewardship

Q1

2012-13

Q1

2013-14

5 - - - - -

HR Management - WFA Review - Phase 2

The objective of this review is to determine if an effective control framework is in place to support the HR management of Workforce Adjustment (WFA). Focus is on compliance to key element of the WFA directive.

Risk or Consideration (Appendix C.): 6.2, 7.1, 7.2

Corporate Priority: Management Priority

Link to MAF: People

Q1

2012-13

Q3

2013-14

35 - - - - -

Capital Asset Maintenance and Renewal

The objective of the audit is to provide assurance on the adequacy and effectiveness over the management of capital asset maintenance and renewal and how capital assets management support program objectives.

Risk or Consideration (Appendix C.): 6.8, 6.7

Corporate Priority: Clean, Safe, Sustainable Development

Link to MAF: Stewardship

Q4

2011-12

Q3

2013-14

40 53 - - - -

IT Service Delivery

The objective of this review is to assess the service delivered by IT to the various program, in particular in the context of the creation of Shared Services Canada.

Risk or Consideration (Appendix C.): 4.2, 6.5

Corporate Priority: Management Priority

Link to MAF: Stewardship

Q1

2012-13

Q3

2013-14

110 - - - - -

Consultations with Various Stakeholders

The objectives of the audit are to assess the adequacy, efficiencies and effectiveness of the overall management of consultations.

Risk or Consideration (Appendix C.): 6.9

Corporate Priorities: Clean, Safe, Sustainable Environment

Link to MAF: Policy & Program

Q4

2012-13

Q3

2013-14

25 30 - - - -

Management of Laboratories

The objectives of the audit are to assess the adequacy and effectiveness of the management controls for the laboratories. The project will address the core management controls pertaining to the management of research projects and laboratories.

Risk or Consideration (Appendix C.): 1.7, 3.2, 6.11

Corporate Priorities: Clean, Safe, Sustainable Environment

Link to MAF: Stewardship

Q3

2012-13

Q1

2014-15

220 10 - - - -

Fraud Risk Management Review *

The objective of this review is to conduct an overall fraud assessment and to provide assurance on the governance and framework pertaining to fraud risk management.

Risk or Consideration (Appendix C.): 8.1

Corporate Priority: Management Priority

Link to MAF: Public Service Values

Q4

2012-13

Q1

2014-15

125 - 5 - - -
Projects Planned
        Estimated Cost
Initial Project Description and Objectives Rationale for Conduct Start Date(Quarter and Year) End Date(Quarter and Year) 2013-14
PD
2013-14
$’000
2014-15
PD
2014-15
$’000
2015-16
PD
2015-16
$’000

Financial Management Framework *

The objective of this audit is to assess the current state and adequacy of the financial management framework. The audit may include an analysis of the roles and responsibilities, the effectiveness of the budgetary and commitments processes and financial information and reports.

Risk or Consideration (Appendix C.): 6.1

Corporate Priority: Management Priority

Link to MAF: Stewardship

Q4

2013-14

Q1

2014-15

95 - 85 - - -

Privacy and Personal Information **

The objective of the project is to assess EC compliance to the Privacy Act and related policies and directives, and the effectiveness of supporting processes and controls.

Risk or Consideration (Appendix C.): 7.5

Corporate Priority: Management Priority

Link to MAF: Stewardship

Q2

2013-14

Q2

2014-15

155 - 10 - - -

External Reporting on Performance *

The objective of this project is to provide assurance on the accuracy and effectiveness of external reporting, and related quality assurance processes.

Risk or Consideration (Appendix C.): 5.1

Corporate Priorities: All priorities

Link to MAF: Results & Performance

Q2

2013-14

Q1

2014-15

40 70 20 - - -

Management and Delivery of Procurement *

Includes participation in OCG Horizontal Audit of Procurement

The objectives of this audit are to ensure that procurement is well managed, the supporting processes are efficient and related controls are effective.

Risk or Consideration (Appendix C.): 6.6

Corporate Priority: Management Priority

Link to MAF: Stewardship

Q3

2013-14

Q1

2014-15

115 - 65 - - -

Information Technology Security **

The objectives of this project are to ensure IT security is properly managed and that controls are effective. This audit is to be conducted in collaboration with SSCwhich is planning an audit on the same topic, and this will allow reviewing the whole spectrum of IT security.

Risk or Consideration (Appendix C.): 4.2, 4.3

Corporate Priority: Management Priority

Link to MAF: Stewardship

Q3

2013-14

Q2

2014-15

160 - 30 - - -

Integrated Planning/Operational Planning *

The objective of this project is to provide assurance on the processes and systems in place for operational planning, including how planning is integrated between branches and between enablers.

Risk or Consideration (Appendix C.): 3.2, 6.11

Corporate Priority: Management Priority

Link to MAF: Governance & Strategic Directions

Q1

2014-15

Q1

2015-16

- - 175 - 10 -

Staffing and Classification **

The objectives of this audit are to ensure that the staffing and classification functions are well managed; that they are executed in an efficient manner; and that proper internal controls are in place to ensure compliance with acts, regulations and policies.

Risk or Consideration (Appendix C.): 7.1, 7.4, 7.2

Corporate Priority: Management Priority

Link to MAF: People

Q1

2014-15

Q1

2015-16

- - 150 - 5 -

Regulation Development Process **

The objectives of this project are to review the regulatory processes from an effectiveness and efficiency perspective, and against the standards and criteria established for a World Class Regulator.

Risk or Consideration (Appendix C.): 1.2

Corporate Priority: Clean

Link to MAF: Policy & Program

Q2

2014-15

Q2

2015-16

- - 150 25 20 -

Governance Framework *

The objective of the project is to assess the adequacy of EC's corporate governance framework (structure, processes and information) necessary for governing and coordinating activities and programs, and holding management to account for implementing strategic directions.

Risk or Consideration (Appendix C.): 3.1, 6.11

Corporate Priority: Management Priority

Link to MAF: Governance & Strategic Directions

Q2

2014-15

Q1

2015-16

- - 170 - 20 -

Emergency Management and Planning **

This project will assess EC’s framework, management and information pertaining to emergency and business continuity planning.

Risk or Consideration (Appendix C.): 1.8, 6.10

Corporate Priority: Clean, Safe, Sustainable Environment, Management Priority

Link to MAF: Policy & Program, Stewardship

Q2

2014-15

Q2

2015-16

- - 150 25 50 -

Systems, Applications and Products (SAP) Implementation **

This project will be a system under development audit of the implementation of the SAP financial system, configuration management, as well as business process re-engineering. The objective of this project is to ensure appropriate project management is taken to ensure a successful implementation of SAP.

Risk or Consideration (Appendix C.): 6.3, 6.7

Corporate Priority: Management Priority

Link to MAF: Stewardship

Q3

2013-14

Q2

2015-16

15 - 150 - 30 -

Management and/or Compliance of International Environmental Agreements *

The objective of this audit is to provide assurance on the management in compliance of a selected number of agreements (in the areas of greater risks). The project will also focus on the domestic implementation of the agreements and the results achieved.

Risk or Consideration (Appendix C.): 1.6

Corporate Priority: Clean, Safe, Sustainable Environment

Link to MAF: Policy & Program

Q1

2015-16

Q1

2016-17

- - - - 170 -

Real Property and Accommodation **

The objective of this audit is to assess the implementation of EC’s accommodation strategy, the effective rationalization of its properties and potential impact on departmental programs.

Risk or Consideration (Appendix C.): 6.8

Corporate Priority: Management Priority

Link to MAF: Stewardship

Q1

2015-16

Q1

2016-17

- - - - 170 -

Species at Risk *

The objective of this audit is to assess the implementation of the Species at Risk program, in particular the planning for the development of recovery strategies and plans. The scope of the project may be influence by possible work by the CESD.

Risk or Consideration (Appendix C.): 1.1

Corporate Priority: Sustainable Environment

Link to MAF: Policy & Program

Q1

2015-16

Q1

2016-17

- - - - 180 50

Expenditure Management Framework *

The objectives of this audit are to determine the extent to which key processes and controls pertaining to expenditures comply with TB policies and EC requirements, and assess the effectiveness of the expenditure management control framework.

Risk or Consideration (Appendix C.): 6.1, 6.4

Corporate Priority: Management Priority

Link to MAF: Stewardship

Q2

2015-16

Q2

2016-17

- - - - 180 -

HR Planning and Management **

The objective of this audit is to assess the overall effectiveness of the HR planning and management functions, including key controls and processes. The focus of the project is on examining how ECmanagers ensure adequate HR capacity and succession.

Risk or Consideration (Appendix C.): 3.2, 7.1, 7.2, 7.3

Corporate Priority: Management Priority

Link to MAF: People

Q2

2015-16

Q2

2016-17

- - - - 160 -

Implementation of GCDocs (records management system) **

The implementation of GCDocs should allow the department to deal with longstanding records management issues. The objective of this audit is to assess the implementation of GCDocs and its effectiveness at improving records management.

Risk or Consideration (Appendix C.): 6.5

Corporate Priority: Management Priority

Link to MAF: Stewardship

Q2

2015-16

Q2

2016-17

- - - - 140 -
Total Internal Audit Projects Only
        Estimated Cost
Initial Project Description and Objectives Rationale for Conduct Start Date(Quarter and Year) End Date(Quarter and Year) 2013-14
PD
2013-14
$’000
2014-15
PD
2014-15
$’000
2015-16
PD
2015-16
$’000
        1140 163 1160 50 1135 50
Other Audit Activities
        Estimated Cost
Initial Project Description and Objectives Rationale for Conduct Start Date(Quarter and Year) End Date(Quarter and Year) 2013-14
PD
2013-14
$’000
2014-15
PD
2014-15
$’000
2015-16
PD
2015-16
$’000

Internal Audit Follow-up

The objective of this project is to monitor the implementation of past recommendations and management action plans.

Rationale: Per TB Internal Audit Policy and Directive Ongoing - 20 - 20 - 20 -

Quality Assurance

The objective of this project is to provide quality assurance on audit products (plans and reports), and maintain audit tools and processes. This also includes the preparation for the next external practice review inspection (2013-14).

Rationale: To comply with professional standards. Ongoing - 20 - 20 - 20 -
Total Internal Audit Plan
        Estimated Cost
Initial Project Description and Objectives Rationale for Conduct Start Date(Quarter and Year) End Date(Quarter and Year) 2013-14
PD
2013-14
$’000
2014-15
PD
2014-15
$’000
2015-16
PD
2015-16
$’000
- - - - 1180 163 1200 50 1175 50

Legend:

* = Previously Planned Project
** = New Project-
Risk(s) = Reference numbers are linked to the detailed risk identification provided in Appendix C.

Page details

Date modified: