Annex to the statement of management responsibility including internal control over financial reporting Treasury Board of Canada Secretariat Fiscal Year 2018–19
On this page
- Introduction
- Departmental system of internal control over financial reporting
- Departmental assessment results during fiscal year 2018–19
- Departmental action plan for the next fiscal year and subsequent fiscal years
- Common service providers’ annual assessment results for fiscal year 2018–19
- Common service providers’ action plan for the next fiscal year and subsequent fiscal years
1. Introduction
This document provides a summary of the measures taken by the Treasury Board of Canada Secretariat (the Secretariat) to maintain an effective system of internal control over financial reporting (ICFR), including information on internal control management, assessment results and related action plans.
Detailed information on the Secretariat’s authority, mandate and programs can be found in its most recent Departmental Plan and Departmental Results Report.
2. Departmental system of internal control over financial reporting
In this section
2.1 Internal control management
The Secretariat has a well-established governance and accountability structure to support departmental assessment efforts and oversight of its system of internal control. This structure is formalized in the Secretariat’s Framework for Internal Controls Over Financial Management, approved by the Secretary, and includes the following:
- organizational accountability structures as they relate to internal control management to support sound financial management, including the roles and responsibilities of senior managers in their areas of responsibility for internal control management
- a Values and Ethics Office, which provides educational and awareness programs and has developed a departmental code of conduct
- ongoing communication and training on statutory requirements, policies, and procedures for sound financial management and control
- monitoring of, and regular updates on, internal control management, as well as the provision of related assessment results and action plans to departmental senior management and the Secretariat’s Government of Canada Audit Committee (GCAC)
The GCAC is an independent and objective advisory committee to the Secretary. It is responsible for providing advice to the Secretary on the adequacy and functioning of the Secretariat’s risk management, control and governance frameworks and processes.
2.2 Service arrangements relevant to financial statements
The Secretariat relies on other organizations for the processing of certain transactions that are recorded in its financial statements as follows.
Common service arrangements
- Public Services and Procurement Canada (PSPC) centrally administers the payment of salaries and the procurement of goods and services in accordance with the Secretariat’s Delegation of Authority and provides real property services.
- The Department of Justice Canada provides legal services to the Secretariat.
- Shared Services Canada provides information technology (IT) infrastructure services to the Secretariat, such as data centres and network services.
- The Secretariat, a central agency, provides services related to insurance plans for federal public service employees and centrally administers payment of the employer’s share of contributions to statutory employee benefit plans (the Public Service Pension Plan, Employment Insurance (EI) Plan, Canada Pension Plan or Québec Pension Plan (CPP/QPP), and the Supplementary Death Benefit Plan) on behalf of other departments and agencies.
Readers of this Annex may refer to the annexes of the above-noted organizations for a greater understanding of the systems of ICFR related to these services.
The Secretariat relies on other external service providers and departments for the processing of certain transactions or information that are recorded in its financial statements as follows.
Specific arrangements
- The Office of the Chief Actuary within the Office of the Superintendent of Financial Institutions Canada prepares a triennial actuarial valuation of the Public Service Pension Plan.
- PSPC performs the day-to-day administration of the Public Service Pension Plan.
- PSPC performs the day-to-day administration of some centrally funded expenses, such as the employer’s share of CPP/QPP contributions, EI premiums and provincial payroll taxes. These types of expenses are recorded on the Secretariat’s financial statements and reflect the Treasury Board’s role as the employer of the public service.
- The Secretariat relies on the internal controls of a number of insurance companies (at present, Sun Life Assurance Company of Canada, Great-West Life Assurance Company, Industrial Alliance and Manulife), which provide services such as health care plan administration, dental plan administration and insurance services. As external service providers, pursuant to contracts with the Government of Canada, these insurance companies have the authority and responsibility to ensure that these services are managed in accordance with the terms and conditions set out by the Secretariat’s Pensions and Benefits Sector.
The Secretariat provides certain optional corporate services (for example, accounting services and financial systems) to several departments on a cost-recovery basis. These services are governed by memoranda of understanding between the Secretariat and other government departments.
3. Departmental assessment results during fiscal year 2018–19
| Previous year’s rotational ongoing monitoring plan for current year | Status |
|---|---|
| Entity-level controls, revenues | Fiscal year 2018–19 activities completed as planned, no remedial actions required |
| Capital assets, Public Service Pension Plan, Disability Insurance Plan, Supplementary Death Benefit | Fiscal year 2018–19 activities completed as planned, remedial actions started |
Payroll (assessed from 2017–18 through 2019–20):
|
Fiscal year 2018–19 activities completed:
|
The key findings and significant adjustments required from the current year’s assessment activities are summarized below.
3.1 New or significantly amended key controls
In fiscal year 2018–19, there were no significantly amended key controls in existing processes that required a reassessment.
3.2 Ongoing monitoring program
As part of its rotational ongoing monitoring plan, the Secretariat completed its reassessment of entity-level controls and the financial controls within the revenues and capital assets business processes. In addition, the Secretariat completed the design assessment of payroll controls. For the most part, the key controls that were tested performed as intended, with remediation required as follows:
Capital assets
- Improving tracking and monitoring of attractive IT assets and associated expenses
- Improving the segregation of duties for the writeoff of software assets
Payroll
- Expanding the risk-based criteria for assessing payroll transactions before pay is processed
- Enhancing tools to assist sector management in assessing their payroll expenditures against associated forecasts
An action plan addressing the remediation requirements above is being developed.
The Secretariat also completed a risk assessment in fiscal year 2018–19 using an environmental scan and interviews with key stakeholders. The results of the risk assessment were used to update the Secretariat’s risk-based ongoing monitoring plan (see sections 4 and 6).
4. Departmental action plan for the next fiscal year and subsequent fiscal years
The Secretariat’s rotational ongoing monitoring plan for the next three years, presented in Table 2, is based on its annual risk assessment.
| Key control areas | Fiscal year 2019–20 |
Fiscal year 2020–21 |
Fiscal year 2021–22 |
|---|---|---|---|
Table 2 Notes
|
|||
| Entity-level controls | No | No | No |
| IT general controls (ITGCs)table 2 note 1 under departmental management | No | Yes | No |
| Financial reporting and closing cycle | Yes | No | No |
| Budgeting and forecasting | Yes | No | No |
| Payroll | Yes | No | Yes |
| Operating expenses and accounts payable | Yes Travel and Financial Signing Authorities |
Yes Contracting |
No |
| Revenues | No | No | No |
| Capital assets | No | No | Yes |
5. Common service providers’ annual assessment results for fiscal year 2018–19
The Secretariat provides common services related to the administration of public service insurance plans (TBS Vote 20) and the cost-recovery process for statutory employee benefit plans. Because the Secretariat manages government-wide funds and public service employer payments, other government departments and agencies rely on the Secretariat to process transactions that impact their financial statements with respect to the insurance, employee benefits and statutory pay-related transactions outlined in Table 3.
In delivering these common services, the Secretariat uses data produced by federal pay systems, including Phoenix, which is centrally administered by PSPC. Significant interdependencies exist between PSPC’s and the Secretariat’s pay administration processes because many of the key controls related to the processing of insurance premiums, employee benefits and other pay-related transactions are automated in the pay system. Although the Secretariat carries out ongoing monitoring activities for controls that are under its responsibility, it must rely on the PSPC control environment for assurance as to the integrity of the data it uses in delivering common services.
In fiscal year 2018–19, the Secretariat, as a common service provider, completed an assessment of the operational effectiveness of financial controls for the Disability Insurance Plan, Public Service Pension Plan and Supplementary Death Benefit as part of its rotational ongoing monitoring plan. During the period examined, three deficiencies were identified: two related to the timeliness of the approvals for quarterly charges, and one related to formalizing reconciliation activities.
6. Common service providers’ action plan for the next fiscal year and subsequent fiscal years
The Secretariat, as a common service provider of public service insurance and statutory employee benefit plans, has completed its annual risk-based assessment of the internal controls for these services, via an environmental scan and interviews with key stakeholders. The results of this assessment are reflected in the rotational ongoing monitoring plan in Table 3.
| Key control areas | Fiscal year 2019–20 |
Fiscal year 2020–21 |
Fiscal year 2021–22 |
Fiscal year 2022–23 |
Fiscal year 2023–24 |
|---|---|---|---|---|---|
| Public Service Health Care Plan | No | Yes | No | No | No |
| Public Service Dental Care Plan | No | Yes | No | No | No |
| Pensioners’ Dental Care Plan | No | No | Yes | No | No |
| Disability Insurance Plan | No | No | No | Yes | No |
| Public Service Management Insurance Plan | No | No | No | Yes | No |
| Provincial payroll taxes | No | No | Yes | No | No |
| Provincial health insurance plan premiums | Yes | No | No | No | No |
| Québec Parental Insurance Plan | Yes | No | No | No | No |
| Public Service Pension Plan | No | No | No | No | Yes |
| Supplementary Death Benefit | No | No | No | No | Yes |
| Canada Pension Plan or Québec Pension Plan (CPP/QPP) | Yes | No | No | No | No |
| Employment Insurance (EI) premiums | Yes | No | No | No | No |
Page details
- Date modified: