Annex to the statement of management responsibility including internal control over financial reporting Treasury Board of Canada Secretariat Fiscal Year 2020–21
On this page
- Introduction
- Departmental system of internal control over financial reporting
- Departmental assessment results during fiscal year 2020–21
- Departmental action plan for the next fiscal year and subsequent fiscal years
- Common service providers’ annual assessment results for fiscal year 2020–21
- Common service providers’ action plan for the next fiscal year and subsequent fiscal years
1. Introduction
This document provides a summary of the measures taken by the Treasury Board of Canada Secretariat (the Secretariat) to maintain an effective system of internal control over financial reporting (ICFR), including information on internal control management, assessment results and related action plans.
Detailed information on the Secretariat’s authority, mandate and programs can be found in its most recent Departmental Plan and Departmental Results Report.
2. Departmental system of internal control over financial reporting
2.1 Internal control management
The Secretariat has a well‑established governance and accountability structure to support departmental assessment efforts and oversight of its system of internal control. This structure is formalized in the Secretariat’s Framework for Internal Controls Over Financial Management, approved by the Secretary, and includes the following:
- organizational accountability structures as they relate to internal control management to support sound financial management, including the roles and responsibilities of senior managers in their areas of responsibility for internal control management
- a Values and Ethics Office, which provides educational and awareness programs and has developed a departmental code of conduct
- ongoing communication and training on statutory requirements, policies, and procedures for sound financial management and control
- monitoring of, and regular updates on, internal control management, as well as the provision of related assessment results and action plans to departmental senior management and the Secretariat’s Audit Committee
The Audit Committee is an independent and objective advisory committee to the Secretary. It is responsible for providing advice to the Secretary on the adequacy and functioning of the Secretariat’s risk management, control and governance frameworks and processes.
2.2 Service arrangements relevant to financial statements
The Secretariat relies on other organizations for the processing of certain transactions that are recorded in its financial statements as follows.
Common service arrangements
- Public Services and Procurement Canada (PSPC) centrally administers the payment of salaries and the procurement of goods and services in accordance with the Secretariat’s Delegation of Authority and provides real property services.
- The Department of Justice Canada provides legal services to the Secretariat.
- Shared Services Canada provides information technology (IT) infrastructure services to the Secretariat, such as data centres and network services.
- The Secretariat, a central agency, provides services related to insurance plans for federal public service employees and centrally administers payment of the employer’s share of contributions to statutory employee benefit plans (the Public Service Pension Plan, Employment Insurance (EI) Plan, Canada Pension Plan or Québec Pension Plan (CPP/QPP), and the Supplementary Death Benefit Plan) on behalf of other departments and agencies.
Readers of this Annex may refer to the annexes of the above-noted organizations for a greater understanding of the systems of ICFR related to these services.
The Secretariat relies on other external service providers and departments for the processing of certain transactions or information that are recorded in its financial statements as follows.
Specific arrangements
- The Office of the Chief Actuary within the Office of the Superintendent of Financial Institutions Canada prepares a triennial actuarial valuation of the Public Service Pension Plan.
- PSPC performs the day‑to‑day administration of the Public Service Pension Plan.
- PSPC performs the day‑to‑day administration of some centrally funded expenses, such as the employer’s share of CPP/QPP contributions, EI premiums and provincial payroll taxes. These types of expenses are recorded on the Secretariat’s financial statements and reflect the Treasury Board’s role as the employer of the public service.
- The Secretariat relies on the internal controls of a number of insurance companies (at present, Sun Life Assurance Company of Canada, Canada Life Assurance Company, Industrial Alliance and Manulife), which provide services such as health care plan administration, dental plan administration and insurance services. As external service providers, pursuant to contracts with the Government of Canada, these insurance companies have the authority and responsibility to ensure that these services are managed in accordance with the terms and conditions set out by the Secretariat’s Pensions and Benefits Sector.
The Secretariat provides certain optional corporate services (for example, accounting services and financial systems) to several departments on a cost-recovery basis. These services are governed by memoranda of understanding between the Secretariat and other government departments.
3. Departmental assessment results during fiscal year 2020–21
| Previous year’s rotational ongoing monitoring plan for current year | Status |
|---|---|
| Travel Expenses | Fiscal year 2020–21 activities completed as planned, remedial actions started. |
| Vote 20 (Public Service Health Care Plan (PSHCP), Public Service Dental Care Plan (PSDCP) | Fiscal year 2020–21 activities Design Effectiveness Testing is in progress. Both design effectiveness and operating effectiveness testing are expected to be completed by Fall 2021. |
| Procure-to-payment | Fiscal year 2020–21 activities completed as planned, remedial actions started. |
| Financial Reporting & Closing Cycle | Planned for 2020-21 activities completed as planned, remedial actions underway. |
The key findings and significant adjustments required from the current year’s assessment activities are summarized below.
3.1 New or significantly amended key controls
Following the risk assessment and taking into account the impact of the pandemic on TBS’ business processes, a new sub-process has been created under Capital Assets, to assess the stewardship of IT assets in employees' homes. This sub-process will be assessed in 2021-22. We have also advanced the assessment of Entity Level Control and IT General Controls to ensure that controls are effective, after a year of working remotely.
3.2 Ongoing monitoring program
As part of its rotational ongoing monitoring plan, the Secretariat completed its reassessment of the financial controls within the Travel, Vote 20 (PSHCP & PSDCP), Procure-to-payment and Financial Reporting & Closing Cycle. For the most part, the key controls that were tested performed as intended, with remediation required as follows:
Travel Expenses
- Ensure that travel is pre-approved by the appropriate authorities and expenses are entered in the correct GL accounts.
Procure-to-Payment
- Both Fund Centre Managers and Contracting Officers should have the appropriate delegated authority and training before signing contracts.
- Contracts should be managed to avoid the appearance of employee-employer relationships.
Financial Reporting & Closing Cycle
- Information management improvements were recommended.
An action plan addressing the remediation described above is underway.
The Secretariat also completed a risk assessment in fiscal year 2020–21 using an environmental scan. The results of the risk assessment were used to update the Secretariat’s risk-based ongoing monitoring plan (see sections 4 and 6).
4. Departmental action plan for the next fiscal year and subsequent fiscal years
The Secretariat’s rotational ongoing monitoring plan for the next three years, presented in Table 2, is based on its annual risk assessment.
| Key control areas | Fiscal year 2021–22 |
Fiscal year 2022–23 |
Fiscal year 2023–24 |
|---|---|---|---|
| Entity-level controls | Yes | No | No |
| IT general controls (ITGCs)Footnote 1 under departmental management | Yes | No | No |
| Financial reporting and closing cycle | No | No | No |
| Budgeting and forecasting | No | Yes | No |
| CFO Attestations and Costing | No | Yes | No |
| Investment Planning | No | Yes | No |
| Payroll | No | Yes | No |
| Operating expenses and accounts payable | No | No | No |
| Revenues | No | No | Yes |
| Capital assets | Yes | No | No |
5. Common service providers’ annual assessment results for fiscal year 2020–21
The Secretariat provides common services related to the administration of public service insurance plans (TBS Vote 20) and the cost-recovery process for statutory employee benefit plans. Because the Secretariat manages government‑wide funds and public service employer payments, other government departments and agencies rely on the Secretariat to process transactions that impact their financial statements with respect to the insurance, employee benefits and statutory pay‑related transactions outlined in Table 3.
In delivering these common services, the Secretariat uses data produced by federal pay systems, including Phoenix, which is centrally administered by PSPC. Significant interdependencies exist between PSPC’s and the Secretariat’s pay administration processes because many of the key controls related to the processing of insurance premiums, employee benefits and other pay‑related transactions are automated in the pay system. Although the Secretariat carries out ongoing monitoring activities for controls that are under its responsibility, it must rely on the PSPC control environment for assurance as to the integrity of the data it uses in delivering common services.
In fiscal year 2020–21, the Secretariat, as a common service provider, started an assessment of the operational effectiveness of financial controls for the Public Service Health Care Plan (PSHCP) and the Public Service Dental Care Plan (PSDCP) as part of its rotational ongoing monitoring plan. An assessment of Provincial Health Insurance Plan premiums has been postponed for 2 years as the reconciliation is still not completed.
6. Common service providers’ action plan for the next fiscal year and subsequent fiscal years
The Secretariat, as a common service provider of public service insurance and statutory employee benefit plans, has completed its annual risk-based assessment of the internal controls for these services, via an environmental scan. The results of this assessment are reflected in the rotational ongoing monitoring plan in Table 3.
| Key control areas | Fiscal year 2021–22 |
Fiscal year 2022–23 |
Fiscal year 2023–24 |
Fiscal year 2024–25 |
Fiscal year 2025–26 |
|---|---|---|---|---|---|
| Public Service Health Care Plan | No | No | No | No | Yes |
| Public Service Dental Care Plan | No | No | No | No | Yes |
| Pensioners’ Dental Care Plan | Yes | No | No | No | No |
| Disability Insurance Plan | No | Yes | No | No | No |
| Public Service Management Insurance Plan | No | Yes | No | No | No |
| Provincial payroll taxes | No | Yes | No | No | No |
| Provincial health insurance plan premiumsFootnote a | No | No | Yes | N/A | N/A |
| Québec Parental Insurance Plan | No | No | No | Yes | No |
| Public Service Pension Plan | No | No | Yes | No | No |
| Supplementary Death Benefit | No | No | Yes | No | No |
| Canada Pension Plan or Québec Pension Plan (CPP/QPP) | No | No | No | Yes | No |
| Employment Insurance (EI) premiums | No | No | No | Yes | No |
| Program Administration costs (as it relates to TBS Vote 20 program) | Yes | No | No | No | No |
Page details
- Date modified: