Report on the Key Compliance Attributes of the Internal Audit Function: March 31, 2025

Background

The Internal Audit and Evaluation Bureau (IAEB) helps the Treasury Board of Canada Secretariat (TBS) meet its objectives by providing valued advice to senior management for decision-making. The internal audit and evaluation functions provide this advice by taking a systematic, disciplined approach to improving the effectiveness of processes for risk management, control and governance. In particular, the internal audit function provides independent and objective assurance that TBS’s activities are managed in a way that demonstrates responsible stewardship.

The IAEB conducts its assurance work in accordance with:

the Treasury Board Policy on Internal Audit
the Institute of Internal Auditors’ Global Internal Audit Standards (Standards)

The Directive on Internal Audit requires that all departments provide information on key compliance attributes to demonstrate the professionalism, performance and impact of their internal audit function.

Professionalism of staff

Collectively, the internal audit staff are a diverse and multidisciplinary team that has the requisite knowledge, skills and other competencies to fulfill their responsibilities (refer to Table 1).

Table 1: designations and certifications of internal audit staff members
Designation or certification	Percentage of staff
Table 1 Notes Table 1 Note * There are nine internal audit staff members in the IAEB as of March 31, 2025, including the Chief Audit Executive and Head of Evaluation and the Director of Internal Audit and Evaluation. This number excludes members of the strategic management team who support internal audit and evaluation functions and members on assignment outside of IAEB. Return to table 1 note * referrer Table 1 Note † Staff members may hold multiple designations or certifications. Depending on the designations or certifications that a staff member has or is working toward, they may be counted in all three statistics. As a result, the percentages in Table 1 should not be considered parts of a whole. Return to table 1 note † referrer
Certified Internal Auditor (CIA) or Chartered Professional Accountant (CPA)^{table 1 note *}^{table 1 note †}	56%
CIA or CPA in progress	22%
Other designations^{table 1 note †} (Certified Government Auditing Professional (CGAP), Certified Fraud Examiner (CFE), Certification in Risk Management Assurance (CRMA) and others)	33%

Professional practices and quality assurance

The internal audit function at TBS conducts its work in conformance with the standards for the profession. Information related to the function’s activities, including status updates of ongoing engagements, is presented periodically at the TBS Audit Committee.

An external assessment, completed in January 2022, concluded that the internal audit function at Treasury Board generally conforms. This is the highest rating obtainable with the Institute of Internal Auditors’ Standards and their Code of Ethics. The external assessors noted that the audit activity is well managed, well structured, regarded as very competent, and perceived as providing a high level of value to the organization. The results of the assessment were presented at the TBS Audit Committee in January 2022.

The IAEB completed an internal assessment of its 2024 activities in January 2025 as part of the quality assurance and improvement program. The assessment concluded that the function continued to generally conform to requirements, and the results will be presented to the TBS Audit Committee in October 2025.

Risk-based audit plan and related information

The IAEB’s audit work is set out in the multi-year Integrated Audit and Evaluation Plan. The plan outlines projects designed to address TBS’s high risks, priorities and business needs over a period of five years. At least annually, engagements are assessed and recalibrated to ensure that the plan reflects the department’s current needs. Members of the Executive Committee, TBS Audit Committee and the TBS Performance Measurement and Evaluation Committee review and discuss the plan, which the Secretary approves. Table 2 provides the details of the audit engagements for 2024–25.

Table 2: 2024–25 internal audit engagements^{Footnote 1} planned or completed by the IAEB as of March 31, 2025
Project	Status	Date of report approval	Date of publication	Planned completion of management action plan	Implementation status
Audit of Information Technology Security	Complete	2025-06-21	2025-09-26	2025–26	Ongoing
Privacy Audit of TBS Claims Office	Complete	2024-06-10	2024-09-12	n/a The observations were presented for management’s consideration	Not applicable
IT Security Phase II	Planned	Not applicable	Not applicable	Not applicable	Not applicable
Management of the Public Service Pension Plan	Planned	Not applicable	Not applicable	Not applicable	Not applicable
Administrative Authority Enabling Instruments	Planned	Not applicable	Not applicable	Not applicable	Not applicable

Value to management

The IAEB determines the engagements’ value to management by compiling information from multiple sources. The data are analyzed and used to develop insights about specific projects and to identify trends across audit engagements.

Data collection tools include post-engagement questionnaires circulated to the offices of primary interest; general feedback from the chief audit executive; and TBS Audit Committee members’ comments, questions and suggestions.

Evidence suggests that the audit function at TBS provides senior management with timely and strategic assurance and advice and continues to meet the assurance needs of the Secretary. A further indication of the credible support IAEB provides to senior management is their continued demand for advisory engagements and strategic and objective advice outside of planned audit engagements.

Page details

2025-11-21

Language selection

Search