Annual Audit Committee Report to the Clerk of the Privy Council 2015-2016

Memorandum to the Clerk 

My colleagues and I are pleased to present you the Annual Report of the Privy Council Office Audit Committee. This report highlights the progress made against the priorities we established in our last report and presents our main activities and assessments in our core areas of responsibility.

We would like to begin by extending our heartfelt congratulations to you on your appointment as Clerk and thanking you for your strong support and wise counsel while, as Deputy Clerk, you were a member of the Committee. We would also like to acknowledge Janice Charette for her strong leadership and support to the Audit Committee during her tenure as Clerk.

As you know, the membership of the Audit Committee has been significantly impacted by the recent senior personnel changes at PCO. In addition to you, the second internal member, Coleen Volk, and the Chief Financial Officer, Michelle Doucet, have left. We would like to take this opportunity to recognize their exceptional efforts in support of the Committee over the past few years.

We are delighted that Serge Dupont has been appointed as your successor as Deputy Clerk and have warmly welcomed him back to the Committee for the second time as an internal member. In addition, at our June, 2016 meeting, we also welcomed Matthew Mendelsohn and Kami Ramcharan, as the second internal member and Chief Financial Officer respectively, and look forward to working with them.

The Committee would also like to recognize the highly professional assistance of all PCO personnel, including the dedicated support provided by the Chief Audit Executive, Jim Hamer, and his staff. We particularly want to recognize Derek Mersereau, [ * ] for the outstanding support he provided to the Committee since its inception seven years ago. We also want to welcome Patricia Morrell who replaced Derek.

During 2015-16, Audit Committee`s seventh year of operation, the Committee held four meetings. The Committee is pleased to note continued progress in all areas of our mandate. Good progress was also achieved in the three priority areas established for 2015-16. A detailed assessment of progress against these priorities is included in the Issues and Observations Section.

Looking ahead to 2016-17, the Committee will remain focused on its core responsibilities and recommends the following specific priorities: 

  1. Ensure the continued effectiveness of the Committee while managing the current succession of internal membership and forthcoming succession of external membership;
     
  2. Maintain the emphasis on the production of highly focused assurance and review products in areas of highest risk and significance, and on the implementation of management action plans;
     
  3. Sustain the Committee`s focus on the management of security risks;
     
  4. Provide support and advice to help PCO meet the requirements of the new Treasury Board Policy on Results; and
     
  5. Continue to support PCO’s efforts to strengthen its approach to risk management.

The Committee looks forward to discussing this report with you.

Yours sincerely,

 

Larry Murray
Chair, PCO Audit Committee

Introduction 

This seventh Annual Report of the Privy Council Office (PCO) Audit Committee (AC) covers the period from 3 April, 2015 to 1 April, 2016 and is forwarded in accordance with the Treasury Board Policy on Internal Audit.

In addition to the update on priorities provided in the opening Issues and Observations section, the Report includes a brief summary of activities, followed by the Committee`s assessment in the key areas of its responsibility. Annexes outlining the membership and operations of the Committee as well as the AC Self-Assessment and Annual Plan for 2016-17 are also included.

Issues and Observations: Progress on Priorities

The PCO AC met with the former Clerk on 28 September, 2015 to discuss the Committee`s Draft 2014-15 Annual Report and to finalize the AC priorities for 2015-16. Progress against these priorities is discussed below:

Priority 1) Maintain the emphasis on the production of highly focused assurance and other products in areas of highest risk.

The Committee is pleased to note that extensive consultations by the Chief Audit Executive (CAE) with senior management, the AC Members and other stakeholders, including CAEs from Shared Services Canada and potential partner departments, has become a standard feature of the approach to producing the PCO Risk Based Audit Plan. The ongoing information exchange sessions with individual Deputy Secretaries during most of the AC meetings have also been helpful to the Committee and to the CAE in ensuring a better understanding of the risks and challenges in various areas of PCO.  

The production and variety of assurance products was also maintained at a good level this year, particularly given several changes of Internal Audit staff. The Audit of Internal Controls Over Financial Reporting (ICFR) and PCO’s Fraud Risk Assessment were each completed and approved by the Clerk during the fiscal year. Both the Audit of Information Technology (IT) Management and the Audit of Recordkeeping Transformation were accepted by the AC towards the end of the fiscal year and each was recommended to and approved by the Clerk shortly after the end of the fiscal year.

The Audit of the Management and Use of Acquisition Cards, the Performance Measurement Strategy for the Central Innovation Hub project and the Risk Assessment of PCO’s Personal Information Holdings were launched and in progress at year end and will be completed in 2016-17.

The implementation of Management Action Plans (MAPs) for three audits was fully completed during the year including the Audit of Occupational Health and Safety, the Audit of Accounting Officer Responsibilities Including Risk Management, and the Audit of Contracting.  Similarly, the Internal Audit function completed the implementation of the one remaining action from the Practice Inspection MAP. The implementation of eight MAP actions were in-progress at the end of the year including one action from the Audit of Physical and Personnel Security, three actions from the Follow-up Audit of Business Continuity Management, and four actions from the Audit of ICFR. Of these, all are expected to be completed within the original or modified target dates as agreed to by the AC.

The Committee remains satisfied with the progress achieved in this priority area. However, maintaining a priority on the timely delivery of a diverse range of quality assurance products will continue to be required. In that regard, the AC has encouraged continued development of two joint assurance projects, the 2016-17 Joint Audit of the New Process for Reviewing Cabinet Confidence Information for Exclusion from Disclosure with Justice Canada, and the 2017-18 Joint Audit of PCO and Public Safety Canada’s Planning for Continuity of Constitutional Government.

Priority 2) Maintain the Committee's focus on the management of security risks.

The Committee continued to assign a high priority to reviewing security issues throughout the year.

During the June and December AC Meetings, the Assistant Secretary to the Cabinet, Security and Intelligence, and the Executive Director, Security Operations, updated the Committee on PCO’s security program including the status of Security Operations action plans in response to security related internal audits, business continuity plans, Security Operations priorities, key business activities and actions in response to recent security events. At the June meeting, the Committee also highlighted the importance of delivering Business Continuity Plans by the Deputy Secretaries by the early Fall, 2015.

The Deputy National Security Adviser to the Prime Minister provided a separate update to the Committee during the December meeting on the business continuity actions taken by PCO and an overview of the key activities, risks and risk mitigation strategies of the Office of the National Security Advisor to the Prime Minister.

During the December meeting, while discussing the MAP for the Audit of IT Management, the AC recommended and management agreed to conduct a high level self-assessment against the Communications Security Establishment Canada’s “Top 10 IT Security Actions to Protect the Government of Canada Internet-Connected Networks and Information”.  The Committee will look at an initial assessment at its June, 2016 meeting and a more in-depth assessment in September, 2016.

During the March, 2016 meeting, the AC was briefed by the Acting Assistant Deputy Minister, Corporate Services Branch and Chief Financial Officer (CFO) on funding increases for PCO from Budget 2016. The Committee was particularly pleased to note the funding allocated for a new and modern IT and Security Platform for PCO.

Although much remains to be done and security risks will remain a high priority for the Committee in the coming year, it is encouraged by the considerable progress to date and the continued Government support in this important area.

Priority 3) Continue to assist PCO in strengthening its approach to risk management.

The Committee has continued to support PCO’s efforts to strengthen its approach to risk management.

Our perspective is based on assurance work by the Internal Audit staff and the implementation of the resulting MAPs by management, combined with the Committee’s review of Financial Statements and Public Accounts Reporting documents, discussions with a variety of PCO staff throughout the year, and the ongoing efforts to continue to improve the Enterprise Risk Profile.

During the June AC meeting, the latest Draft Enterprise Risk Profile was tabled and discussed. Improvements from previous versions included a better integration of risk information with the business planning process, a broader internal consultation process and an enhanced effort to identify specific risks facing branches as well as those risks outside of PCO’s immediate control. The AC commended the effort and the increasing relevance of the document for decision making. The Committee also noted that the risk associated with cyber security did not seem as prominent as it should be.
           
The Acting CFO updated the AC on the Enterprise Risk Profile during the March, 2016 meeting and advised that PCO is working with the Canada School of the Public Service and other departments and agencies to determine best practices to further improve PCO’s approach to risk management. The development of the next version of the Enterprise Risk Profile is intended to incorporate more top down direction than in the past.

In light of these recent developments, the AC will remain engaged to monitor progress as the Committee’s view is that PCO needs to continue its efforts to strengthen its departmental risk management practices.  

Audit Committee’s Key Areas of Responsibility

During 2015-16, the AC scheduled four meetings to fulfill its oversight requirements in the PCO AC Charter and the Annual Plan. This section summarizes the key activities undertaken by the Committee and its assessment in the following eight areas: 

  • Management Control Framework
  • Governance
  • Risk Management
  • Values and Ethics
  • Internal Audit Function
  • Follow-Up on Management Action Plans
  • Liaison with External Assurance Providers
  • Financial Statements, Public Accounts Reporting and Accountability Reporting

Audit Committee’s 2015-16 Activities and Assessments

1) Management Control Framework

The Committee assesses that the PCO Management Control Framework remains effective and that internal controls are continuing to be improved and strengthened.

In June, the Committee was briefed on the latest PCO Management Control Framework which was updated following completion of PCO’s Audit of Accounting Officer Responsibilities Including Risk Management, with modifications based on the control framework model from the Committee of Sponsoring Organizations of the Treadway Commission. The AC noted that it was critical that the revised Management Control Framework document reflect both formal and informal PCO controls.

The PCO Audit of ICFR was reviewed and accepted by the AC in September and approved by the Clerk in October. While the Audit made four recommendations for improvements, it concluded that PCO had established the key components of an effective framework of controls to maintain and assess the system of ICFR.

In addition to the progress related to internal controls noted above, the AC assessment has also been informed by the Committee’s ongoing review of Financial Statements and Public Accountability documents and by numerous briefings and discussions with PCO staff and senior management. One such discussion occurred at the March, 2016 meeting when the Acting CFO tabled a deck highlighting PCO’s commitment to maintaining an effective system of ICFR and discussed several initiatives to strengthen ICFR, including completing the implementation of the MAP from the Audit of ICFR.

The Committee looks forward to reviewing a draft of the evolving PCO ICFR Framework shortly, which will include an updated version of the PCO’s Management Control Framework as an annex. In addition, the AC will receive a comprehensive summary of PCO’s monitoring of key controls at their next meeting in June 2016.

The Committee will also receive regular updates on progress implementing the MAP for the Audit of ICFR and continue its longstanding practice of including an in-camera session with the CFO, and separately with the CAE, during every AC meeting.

2) Governance

Notwithstanding the many recent changes in senior PCO personnel, the Committee continues to have confidence that the overall governance structure of the organization remains robust. Nevertheless, the internal audit function has contributed to strengthening governance in specific areas.

As indicated in the Issues and Observations section above, the Committee has continued to have extensive dialogue with many PCO personnel ranging from Deputy Secretaries to other levels of staff. These discussions on a variety of subjects throughout the year, coupled with the results achieved in assurance and review work and other initiatives such as the very positive approach being taken to address the results of 2014 Public Service Employee Survey, provide the Committee with confidence in its overall view.

During the past year, various aspects of Governance in PCO improved as a result of the completion the Audit of ICFR and the Audit of Recordkeeping Transformation, as well as the full implementation of the MAPs from the Audit of Occupational Health and Safety, the Audit of Accounting Officer Responsibilities Including Risk Management, the Audit of Contracting and the Practice Inspection.

Further improvements in Governance should also result from the completion of the Audit of the Management and Use of Acquisition Cards and completion of the remaining work on the MAPs from the Audit of Physical and Personnel Security, the Follow-up Audit of Business Continuity Management, and the Audit of ICFR.

3) Risk Management

Since risk management was one of the Committee’s priorities for 2015-16, this core area of the AC’s responsibility was covered in the Issues and Observations section above.

4) Values and Ethics

During the September AC meeting, the PCO Champion for Values and Ethics briefed the Committee on the PCO Values and Ethics Program, noting that PCO has an approved Values and Ethics Action Plan for 2015 – 2018, which will include addressing the results of the 2014 Public Service Employee Survey. The Action Plan is to be reviewed and updated annually and it was agreed that this Plan would be shared with the Committee in September, 2016 following the next update.

During the same meeting, the Committee was briefed by the Senior Disclosure Officer on his role. He noted that he has conducted awareness activities over the past ten months and that he is now expanding these sessions to address information gaps evident in the 2014 Public Service Employee Survey results. The Committee has requested an annual session with the Senior Disclosure Officer in the future.

During the December meeting, the AC was provided an overview by one of PCO’s two Blueprint 2020 Champions of initiatives underway to address certain Public Service Employee Survey results by integrating them into Blueprint 2020 initiatives. The briefing also included an Annual Report video prepared by PCO employees for the Clerk, which outlined initiatives being launched to mobilize staff, avoid duplication of effort and improve process streamlining.

In March, 2016, the Committee was briefed on the implementation of PCO’s new Staffing Policy in response to the new staffing framework of the Public Service Commission which comes into effect on 1 April, 2016. It was evident from the ensuing discussion that the PCO Human Resources leadership had devoted considerable effort to trying to ensure that this change fosters the culture change considered necessary to enable the essential shift from a rules-based to a results and values-based system. PCO will complete a self-assessment against the new Public Service Commission Human Resources Staffing framework by September, 2017.

The fully engaged effort by PCO management to ensure a comprehensive response to the 2014 Public Service Employee Survey is one of several positive indicators that the AC has observed in the past year in the area of Values and Ethics. The Committee assesses that the Values and Ethics program at PCO continues to be highly effective and well led.

5) Internal Audit Function

Notwithstanding several changes in the PCO Internal Audit staff, the Committee is, overall, satisfied with the performance of the internal audit function over the past year.

As noted in the Issues and Observations section above, the production and variety of assurance products was maintained at a reasonable level. Extensive consultations with senior management, the AC members and other stakeholders, including the CAE of Shared Services Canada and other potential partner departments are now a standard feature of the annual audit planning process and the development of the Risk Based Audit Plan. Post-audit feedback remained positive.

Internal Audit staff fully supported the PCO effort to contribute to increased transparency and more open government by improving coordination processes to facilitate more efficient preparation and posting of an increasing number of assurance products online. Although still a work in progress, the PCO Internal Audit Performance Measurement Framework continues to be refined and is becoming a more useful monitoring tool for the staff, senior management and the AC.

Overall, the PCO Internal Audit team has continued to provide the Committee with the dedicated and professional support it has needed throughout the year.

6) Follow-up on Management Action Plans

The Committee reviewed the status of implementation of MAPs, based on self-assessments by management, during each of its four meetings.

On 1 April, 2015, eight MAP actions for various PCO audit recommendations were outstanding. An additional nine MAP actions were added during the year which brought the total being tracked to 17. Of these 17 actions, nine were reported to the AC as having reached Full Implementation status during 2015-16. This left eight in-progress MAP actions at year end. Of these eight, all are expected to be completed within the original or adjusted target dates as agreed to by AC.

Based on the progress achieved in implementing MAPs during the year, the Committee assesses that they appear to be implemented in a reasonable manner. However, in order to assess the extent to which audit recommendations and the associated MAPs are achieving the intended results, the Committee will, over the upcoming year, consider whether to recommend another review of the implementation of MAPs similar to the one conducted in 2014-15. 

7) Liaison with External Assurance Providers

During each of its four meetings, the Committee was briefed on plans, progress and/or the results of audit work by various external assurance providers.

Most of this work was related to the role of PCO as a central agency. The Committee also reviewed the relevant assurance products, which examined government-wide issues of interest to the Committee. The OCG’s Horizontal Audit of IT Security in Large and Small Departments and the Communication Security Establishment Canada’s “Top 10 IT Security Actions To Protect Government of Canada Internet-Connected Networks and Information” are enabling a useful IT security self-assessment by PCO staff.

The Committee was also briefed on a report from the Information Commissioner on PCO Information Management policies that found them to be comprehensive and aligned with legislative authorities. The Information Commissioner report identified nine risks. The AC suggested and management agreed to conduct a self-assessment on how PCO is managing the risks identified in the Information Commissioner report. The AC is looking forward to receiving the results of this self-assessment during its September 2016 meeting.

8) Financial Statements, Public Accounts Reporting & other Accountability Reporting

The Committee reviews the Quarterly Financial Statements and the annual Future-Oriented Statement of Operations and remains satisfied with the quality and discipline of financial reporting. The AC is particularly pleased with the positive impact that the Audit of ICFR is having on further improving related processes in this important area.

The AC reviewed and provided input on the 2014-15 Departmental Performance Report and on the 2016-17 Report on Plans and Priorities. While the Committee is satisfied with the progress being made in maturing the narrative of these documents, progress remains slow with respect to performance measurement. The Committee is hopeful that the new Treasury Board Policy on Results, which places a higher priority on performance information, will lead to improvements in this area.

The comprehensive feedback to Committee input on these various documents by involved PCO staff is appreciated and makes the effort seem particularly worthwhile. 

Audit Committee Self-Assessment

The annual self-assessment by the three external members is included at Annex C.

Future Plans and Priorities

In addition to remaining focused on its core responsibilities, the Committee's priorities for 2016-17 will include the following:

  1. Ensure the continued effectiveness of the Committee while managing the current succession of internal membership and forthcoming succession of external membership;
     
  2. Maintain the emphasis on the production of highly focused assurance and review products in areas of highest risk and significance, and on the implementation of management action plans;
     
  3. Sustain the Committee`s focus on the management of security risks;
     
  4. Provide support and advice to help PCO meet the requirements of the new Treasury Board Policy on Results; and
     
  5. Continue to support PCO’s efforts to strengthen its approach to risk management.

Annex A – Audit Committee Membership and Operations

Membership of Audit Committee

The PCO Audit Committee has been in operation for seven years.

The AC complies with all the membership provisions in Section 6.4 of the Directive on Internal Auditing in the Government of Canada.

  1. Three of the five AC members are external members recruited from outside the federal public administration. The two internal members are Deputy Minister level officials in PCO.
     
  2. The three external members were jointly selected by the Clerk of the Privy Council and Secretary to the Cabinet and the Comptroller General, and their appointments were approved by the Treasury Board.
     
  3. The two internal members, appointed by the Clerk, were Michael Wernick, then Deputy Clerk of the Privy Council and Associate Secretary to the Cabinet, and Coleen Volk, Deputy Secretary to the Cabinet, Senior Personnel, Business Transformation and Renewal. Michael Wernick was appointed Clerk on 20 January, 2016 and remained a Member of the Audit Committee until replaced by Serge Dupont, the new Deputy Clerk of the Privy Council and Associate Secretary to the Cabinet, in early May, 2016. Coleen Volk was appointed Associate Deputy Minister of the Environment in April, 2016 and was replaced on the Committee by Matthew Mendelsohn, Deputy Secretary to the Cabinet, Results and Delivery.
     
  4. External members have an appropriate diversity of skills, knowledge and experience. [ * ]  
     
  5. Larry Murray, the external Chair, is serving in his second four-year term which ends in February, 2017. Keith Coulter will complete his second four-year term in June, 2017. Mary Ritchie was just confirmed for a second four-year term on the PCO Audit Committee in November, 2015 so will serve until November, 2019.
     
  6. The AC follows the “preferred model” defined in the Directive with an external member serving as Chair.
     
  7. All external members are familiar with public sector financial reporting, especially since they all have also served on the audit committees of other departments. [ * ]
     
  8. Consistent with the Charter for the PCO Audit Committee, the CFO (Assistant Deputy Minister, Corporate Services Branch) or the Acting CFO and the CAE attend all AC meetings.
     
  9. Also consistent with this Charter, the quorum for meetings is a majority of members, including at least one internal member and two external members. No alternates are permitted.
     
  10. Other senior PCO officials, including Deputy Secretaries and the Clerk of the Privy Council and Secretary to the Cabinet, attend meetings as appropriate. The Charter makes it clear that the AC has direct access to all PCO officials, and may invite external assurance providers or Treasury Board Secretariat officials to discuss matters of interest to the Committee.
     
  11. External members are all free of any real or perceived conflicts of interest, and fully understand that any such conflict, real or perceived, should be discussed immediately with the Chair and the Clerk of the Privy Council and Secretary to the Cabinet.

Operations of Audit Committee

Terms of reference for the AC are contained in the Charter for the Privy Council Office Audit Committee. The Charter outlines in a comprehensive and practical way the roles, responsibilities and operations of the AC. The Charter is reviewed annually and was last updated in April, 2016.

The AC met four times during this reporting period. All meetings took place face-to-face and all members participated.

The incremental cost of running the AC over this reporting period was $83,189. Most of this amount ($74,196 or 89%) was for direct compensation through payroll expenses to external members. With one external member commuting regularly from [ * ]  and with another having commuted from [ * ]  for a portion of the fiscal year, most of the rest of the overall expenditure ($7,661 or 9%) was for travel and accommodation expenses. The remainder ($1,332 or 2%) was for miscellaneous expenses including meals provided to members during day-long meetings. Every effort was made again this year to minimize travel and accommodation costs by scheduling meetings concurrent with other Ottawa commitments of external members whenever possible.

In-camera meetings were held as part of each AC meeting. These included sessions with members only present; sessions with only the CAE and members present, and sessions with only the CFO and members present. The Committee also met in-camera with the Clerk of the Privy Council and Secretary to the Cabinet at the September meeting.

To ensure that the Committee addresses its core responsibilities, a forward agenda and activity plan for each coming year is prepared and agreed by the AC and approved by the Clerk of the Privy Council and Secretary to the Cabinet. In addition, the AC workplan is discussed at the end of each meeting to provide individual members with an opportunity to provide ongoing input and to ensure good collective discipline in terms of implementation.

Taking into account the guidance provided in Practice Guide: Departmental Audit Committee Annual Report which was promulgated by the Treasury Board Secretariat in April, 2013, the initial drafts of this PCO AC Annual Report and annex A were prepared by the Chair. Initial drafts of annexes B and C were prepared with the assistance of the CAE and his staff. The entire draft report was then discussed and finalized at a special meeting in which all external members participated. Consistent with the Directive on Internal Auditing in the Government of Canada, this Annual Report represents the views of the independent external members.

Annex B – PCO Audit Committee 2016-17 Annual Plan

The key areas of responsibility that shall be addressed by the Committee during the 2016-17 fiscal year are listed below. The particular emphasis and priorities for the Committee will be adjusted as necessary in consultation with the Clerk and in consideration of the departmental mandate, objectives and priorities, as well as the corresponding risks affecting PCO and the government. It should be noted that “review” actions may be accomplished in several ways, including: the review of documents (during meetings or secretarially); receiving presentations by subject matter experts; and discussions with PCO officials.

#
Action Item Description 
Timing
June 2016
Sept / Oct 2016
Dec 2016 / Jan 2017
Mar / Apr 2017
Audit Committee Infrastructure   
1 Audit Committee Charter
Review the Audit Committee Charter and as necessary seek reaffirmation by the Clerk.
      X
2 Audit Committee Meeting Annual Plan
The Chair, in consultation with the other Committee members, will prepare a plan for recommendation to the Clerk to ensure that the Committee’s annual and ongoing responsibilities are scheduled and fully addressed.
X      
Audit Committee Responsibilities
3a Values and Ethics
  • Review and provide advice on PCO’s systems and practices established to monitor compliance with laws, regulations, policies and standards of ethical conduct and identify and deal with any legal or ethical violations.
X   X  
3b
  • Review and provide advice on PCO’s systems and practices associated with the Department’s Senior Disclosure Officer role.
  X    
4 Risk Management
Review and provide advice on PCO’s risk management arrangements, including the department’s risk profile.
X X X X
5 Management Control Framework
Review and provide advice on PCO’s internal control arrangements, and be informed of significant issues relevant to the Committee’s mandate and relating to the effectiveness of those arrangements that may arise from work performed by others who provide assurances to senior management and the Clerk.
X      
6a Departmental Internal Audit Charter
Review PCO’s Internal Audit Charter and recommend for reaffirmation by the Clerk, as necessary.
  X    
6b Adequacy of Internal Audit Resources
Provide advice to the Clerk on the sufficiency of resources of the internal audit function.
This action will be linked to discussion of the AC Annual Report (item 11) and the CAE Annual Report (item 6g).
  X    
6c Risk-Based Internal Audit Plan
Review and recommend for approval the multi-year risk-based internal audit plan.
X
2016-19 RBAP
    X
2017-20 RBAP
6d Performance of the Internal Audit Function/CAE
  • Monitor and assess the performance of the internal audit function; and
  • Provide advice to the Clerk on the performance of the Chief Audit Executive.
X      
6e Internal Audit Reports & Management Action Plans
Review and recommend for approval internal audit reports and corresponding management action plans to address recommendations.   
X X X X
6f Progress Against Risk-Based Internal Audit Plan
Review regular reports on progress against the risk-based internal audit plan.
X   X X X
6g Annual Report from the CAE
Review the annual report prepared by the Chief Audit Executive.
X      
6h Audit Engagements that do not Result in a Report
Be made aware of audit engagements or tasks that do not result in a report to the Committee, and be informed of all matters of significance arising from such work.
X X X X
As required
7 External Assurance Providers
Be informed and advise the Clerk, as appropriate, on:
  • All audit work relating to the department to be undertaken by external assurance providers, including management's response; and
  • Audit-related issues and priorities raised by external assurance providers.
X X X X
8 Follow-up on Management Action Plans
Review regular reports on the progress implementing approved management action plans resulting from prior internal audit recommendations as well as management action plans resulting from the work of external assurance providers.
X X X X
9a Financial Statements and Public Accounts Reporting
  • Review and provide advice to the Clerk on the key financial management reports and disclosures of the department, including quarterly financial reports, annual financial statements and Public Accounts.
This activity will normally be performed secretarially.
X X X X
As required
9b
  • Review the annual Statement of Management Responsibility Including Internal Control over Financial Reporting and provide advice to the Clerk on the risk-based assessment plans and associated results related to the effectiveness of the departmental system of Internal Control over Financial Reporting.
  X    
10 PCO Accountability Reporting
Receive and review copies of PCO’s Departmental Performance Report, Report on Plans and Priorities, and any other significant accountability reports. The Committee may also receive information copies of plans and reports prepared by the departmental evaluation function.

This activity will normally be performed secretarially.
X X X X
As required
Accountability Reporting by the Committee
11 Audit Committee Annual Report to the Clerk
The independent external members of the Committee will prepare and submit an annual report to the Clerk.

The Clerk will be fully briefed in advance of the finalization of the Annual Report of the Committee.
X      
Other
12 In-Camera Sessions
The Committee will meet individually in camera at each of its in-person meetings with PCO’s Chief Financial Officer and Chief Audit Executive, and any other officials the Committee may determine.
X X X X
13 External Practice Inspection
As applicable, the Committee will review regular reports on the progress implementing any action plan resulting from recommendations from an External Practice Inspection. 
X X X X

Annex C – Audit Committee Self-Assessment 

The following table sets out the consolidated response to the questions contained in the PCO Audit Committee Assessment Questionnaire as received from the Audit Committee members, the CFO and the CAE.  

Q.1 Does the Committee have the appropriate number of members (i.e. three to five)?

Yes. The current configuration of three external members, including the Chair, and two internal members including the Deputy Clerk, works well.

Q.2 Does the Committee have the necessary skills and expertise represented on the Committee, consistent with the Departmental Audit Committee competency profile? If not, what skills and/or expertise are required?

Yes. Collectively members have all of the skills and expertise necessary.

Q.3 Do all members continue to be independent, as defined by policies applicable to the department? In addition to meeting the technical definitions of independence, Committee members demonstrate their objectivity during meetings, through behaviors such as driving agendas, rigorous probing of issues, consulting with other parties, and hiring experts, as necessary.

Yes. All members are independent, and they each feel free to make the interventions they wish and provide the advice they wish.

Q.4 Are differences of opinion on issues resolved to the satisfaction of the Committee?

Yes. The Chair is skilled at ensuring that consensus among members is achieved and the advice of the committee represents this consensus.

Q.5 Do the members challenge the Chair as appropriate?

Yes. The Chair encourages everyone to provide their frank assessment on issues, and members are comfortable doing so.

Q.6 Is the Committee Charter or terms of reference used as a document to guide the Committee in its efforts and help guide the Committee'’s agenda?

Yes. The Charter guides the Committee and the Committee’s Agenda. It is reviewed, updated as required and re-affirmed by the Clerk and the Committee annually.

Q.7 Does the Committee commit sufficient time to review, discuss and consider matters brought before it?

Yes. Items that require the most focus and time are identified at each meeting, and meetings are managed by the Chair to ensure sufficient time is afforded to all matters. As necessary and appropriate, items are brought back to the Committee for further discussion either secretarially or at subsequent meetings.

Q.8 Does the Committee meet with management to discuss the financial statements and key accountability documents (e.g., the Report on Plans and Priorities, Departmental Performance Report) before they are finalized?

Not normally. These documents are circulated secretarially by e-mail and members provide substantive comments in writing – this is done to ensure timelines for these documents are met. Management takes member comments very seriously and provides excellent feedback to members, usually in writing. This approach works well.

Q.9 Does the Committee engage outside experts as appropriate?

Yes. While the Committee has not engaged outside experts to this point, it would have no hesitation doing so if this were deemed necessary or appropriate.

Q.10 Are the organization'’s management controls, including controls over financial reporting, stronger as a result of management’'s interactions with the Committee?

Yes. Through its interactions with management and internal audit, the Committee has had a positive impact on the Risk Based Audit Plan, on individual audits and on MAPS. This positive influence has helped strengthen management controls in specific areas.

Q.11 Is the Committee cognizant of the line between its role and that of management, and does it endeavor to respect that line?

Yes. The Committee understands that its role is an advisory one and respects the prerogatives and responsibilities of management.

Q.12 Does the Committee conduct in-camera sessions in a manner that offers a “safe haven” to the individuals, while at the same time asking tough and necessary questions, evaluating the answers, and pursuing issues that might arise to a satisfactory resolution?

Yes. A regular feature at every meeting is in-camera sessions: with members only; with the CAE; and with the CFO.

Q.13 Do Committee members participate in continuing education to stay abreast of changes in those areas it is responsible for overseeing?

Yes. Members attend the Office of the Comptroller General’s Annual Audit Committee Symposium each year.  The Chair also attends the meeting of the AC Chairs which usually precedes each Symposium.  As applicable, members also bring their experiences from being (or from having been) members of ACs at other departments.

Q.14 Does the Committee do its part to ensure the objectivity of the internal audit team?

Yes. The Committee understands the fundamental importance of objectivity, and very actively engages with management and internal audit to ensure this objectivity is maintained.

Q.15 Does the Committee provide constructive feedback to the Chief Audit Executive at least annually?

Yes. The Committee provides constructive feedback to the CAE on a regular basis. In addition, the Chair and the Deputy Clerk provide additional one-on-one feedback.

Q.16 Other Comments:

The PCO Audit Committee is very grateful for the fine support it consistently receives from the CAE and the entire Audit and Evaluation Division staff. The Committee runs well under strong leadership from the Chair.

Note - This Self-Assessment questionnaire will be modified in future AC Annual Reports to take account of the sample questionnaire in the recently amended Treasury Board Secretariat Guidebook for a Departmental Audit Committee. 

Report a problem or mistake on this page
Please select all that apply:

Privacy statement

Thank you for your help!

You will not receive a reply. For enquiries, contact us.

Date modified: