Audit of Key Financial Controls

Appendix A – Specific lines of enquiry and criteria

Specific lines of enquiry and criteria
Criteria Title Audit Criteria
Line of Enquiry 1: Select key financial controls common to all classes of transactions are operating effectively to ensure completeness, validity and accuracy of transactions.
1.1 Delegation of financial signing authorities Controls over the maintenance of specimen signature cards ensure that delegations of financial signing authorities are valid.
1.2 Quality assurance process over FAA Section 34 certification Quality assurance performed over Financial Administration Act (FAA) Section 34 certification is effective.
1.3 FAA Section 33 certification Certification under FAA Section 33 is performed and appropriate segregation of duties exists with FAA Section 34 certification.
1.4 Management review of expenditures and commitments Cost centre managers review commitments and expenditures recorded in SAP for completeness, validity and accuracy.
1.5 Accrued liabilities at year- end Senior financial officers review and challenge the completeness, validity and accuracy of transactions payable at year end.
1.6 System access and segregation of duties Access to SAP is restricted and the segregation of duties is enforced.
1.7 Journal entry review Journal entries are reviewed by a second person and accompanied by appropriate supporting documentation.
Line of Enquiry 2: Select key financial controls specific to classes of transactions
are operating effectively to ensure completeness, validity and accuracy of transactions.
2.1 Grants and contribution agreements Select key financial controls specific to the processing of grants and contributions agreements are operating effectively.
2.2 Salaries and wages expenses Compensation verifiers review payroll registers to confirm accuracy of payroll transactions.
2.3 Purchase of goods and services Purchase orders over $10,000 are reviewed for accuracy, completeness and validity.
2.4 Acquisition card purchases Monitoring of monthly acquisition cards reconciliations and quality assurance reviews of acquisition cards transactions are performed.
2.5 Capital assets Controls over the conduct of an annual Capital Assets Review are operating effectively to ensure the capital assets are well managed and properly accounted for.

Appendix B – Scorecard

LOE 1: Select Key Common Controls
LOE 1: Select Key Common Controls Responsibility 2013 Recs Rating
1. Delegation of financial signing authorities FOD-SSP 1 NMI
2. Quality assurance over FAA Section 34 certification FOD-SSP / OCFO 2 NI
3. FAA Section 33 Certification FOD-SSP   OE
4. Management review of expenditures and commitments (MVR exercise) RMAD   OE
5. Accrued liabilities at year-end RMAD / CGC   OE
6. System accesses and segregation of duties FOD-SSP   OE
7. Journal entry review FOD-SSP / OCFO   NMI
LOE 2: Select Key Specific Controls
LOE 2: Select Key Specific Controls Responsibility 2013 Recs Statement of Operations B/S
Contribution Agreement Salaries and Wages Purchase of Goods and Services Acquisition Card Purchases Capital Assets
1a. Review of recipient risk assessments CGC   OE NC NC NC NC
1b. Reconcialition of payments transactions between contribution systems and SAP CGC 3 NI NC NC NC NC
1c. Review and close-out of contributions agreements CGC 4 NI NC NC NC NC
2. Quality assurance over payroll (peer verification) HRD-SSP   NC OE NC NC NC
3. Review of contracts over $10,000 FOD-SSP   NC NC OE NC NC
4. Reconciliations of card statements of account FOD-SSP   NC NC NC NMI NC
5. Physical count of capital assets FOD-SSP / OCFO 5 NC NC NC NC NMI

OE Controls operating effectively
NMI Controls need minor improvement
NMO Controls need moderate improvement
NI Controls need improvement
NO Controls not operating
NC Controls not covered within the audit scope

CGC: Office of the Chief Financial Officer's Centre of Grants and Contributions
FOD-SSP: Financial Operations Directorate in the shared services partnership
HRD-SSP: Corporate Services Branch – Human Resources Directorate in the shared services partnership
OCFO: The Public Health Agency's Office of the Chief Financial Officer
RMAD: OCFO's Resource Management and Analysis Division

Appendix C – Risk profile of transactions

High risk transactions include highly sensitive transactions, for example when an error in payment is non-recoverable, or when payments are largely judgmental, subject to interpretation, involve very large dollar amounts, or are considered highly error prone.

High risk transactions
High risk transactions Threshold
General accounts payable invoices Greater than $25,000
Conference Any amount
Foreign travel
Court awards (federal and other) and damage and other claims against the Crown
Ex gratia payments
Honoraria
Relocation

Domestic travel
Minister and staff
Non-public servants

Domestic travel – public servants $1,500 or greater
Hospitality
Membership fees (for example, fees for professional designations) $700 or greater

Low risk transactions include transactions that are not sensitive in nature, have little or no potential financial loss associated with them, or have a low error rate with a low dollar-value impact of error, usually to medium dollar value, and are recoverable.

Low risk transactions
Low risk transactions Threshold
General accounts payable invoices Up to $25,000
Domestic travel – public servants Less than $1,500
Hospitality
Membership fees Less than $700
Non-insured health travel Any amount
Source of information: Health Portfolio shared services partnership's Statistical Sampling Framework.

Appendix D – Corrective actions and follow-up activities

The TB Directive on Account Verification notes that Financial Officers are responsible for requesting corrective action when critical errors are identified during the quality assurance process for payment authority. Based on the results of the sampling period, accounting offices will take immediate corrective actions and may also determine that an action plan for follow-up be developed.

Corrective actions:
All critical errors identified during the pre and post-payment process must be corrected by the accounting office, and the Section 34 manager must be informed of the error. A critical error is an error serious enough to require that the payment should not be/have been made, for example:

  • Section 34 is not signed by an authorized officer for the cost centre;
  • back up documentation does not support the payment; and
  • amount of the payment is not in accordance with, or exceeds the price or payment terms contained the procurement document.

For non-critical errors, corrections will be made by the accounting office when it is considered efficient; however, in all cases the Section 34 manager should be informed of the error. Non-critical error is an error identifying the requirements of Section 34 account verification were not fully complied with at the time of payment however the error was not serious enough to prevent payment or to negatively impact financial information recorded in the financial system.

If the account verification completed by a specific Section 34 signatory is found to be continually inadequate (that is, resulting in a high error rate), there may be a requirement to suspend Section 34 authority.

Follow-up activities:
Accounting offices will implement follow-up activities aimed at reducing error rates, while strengthening the department’s oversight role. Especially when the tolerable error rate is exceeded, follow-up will include, for example:

  • Reviewing sampling results and identifying problematic areas.
  • Working with branches, programs, and cost centre managers to further define issues and assist in identifying potential solutions.

When the tolerable error rate is exceeded for two subsequent quarters for an accounting office, further analysis will be required by the accounting office to identify whether a specific organization, transaction type etc. is the cause of the error rate. If, in a third subsequent quarter these errors continue, a separate quarterly sample for these transactions will be generated. Separate quarterly samples will continue to be generated until the error rate is below the tolerable error rate for two subsequent quarters.

Source of information: Health Portfolio shared services partnership’s Statistical Sampling Framework.

Page details

Date modified: