Key Compliance Attributes of the Internal Audit Function - Report: June 30, 2020
Background
The Internal Audit and Evaluation Bureau (IAEB) helps the Treasury Board of Canada Secretariat (TBS) meet its objectives by providing valued advice for decision-making to senior management.
The internal audit function provides this advice by taking a systematic, disciplined approach to improving the effectiveness of processes for risk management, control and governance. In doing so, the function provides independent and objective assurance that TBS’s activities are managed in a way that demonstrates responsible stewardship.
The IAEB conducts its audit work in accordance with:
- the Treasury Board Policy on Internal Audit
- the Institute of Internal Auditors’ International Standards for the Professional Practice of Internal Auditing (the Standards)
The Directive on Internal Audit requires that all departments provide information on key compliance attributes to demonstrate the professionalism, performance and impact of their internal audit function. The attributes are not performance measures, and no targets are attached.
Professionalism of staff
Collectively, internal audit staff at TBS make up a diverse and multidisciplinary team that has the requisite knowledge, skills and other competencies to fulfill their responsibilities, as demonstrated in Table 1. In addition, the IAEB has staff members who have advanced knowledge of data analytics.
Designation or certification | Percentage of staff who hold a designation or certification or are obtaining one |
---|---|
Internal audit or accounting designation (Certified Internal Auditor (CIA), Chartered Professional Accountant (CPA))Footnote *Footnote † | 60% |
Internal audit or accounting designation (CIA, CPA) is in progress | 20% |
Other designationsFootnote † (Certified Government Auditing Professional (CGAP), Certified Fraud Examiner (CFE), Certification in Risk Management Assurance (CRMA) and others) | 20% |
Professional practices and quality assurance
The internal audit function at TBS conducts its work in conformance with the international standards for the profession. Information related to its activities, including status updates of ongoing engagements, human resources initiatives and follow-up on audit recommendations are presented to the TBS Audit Committee at each of its meeting.
A comprehensive briefing on the IAEB’s Quality Assurance and Improvement Program was provided to the Committee in June 2019, outlining the results of the function’s self-assessment. The self-assessment was conducted to evaluate conformance with the Institute of Internal Auditors’ Code of Ethics and the Standards. It is anticipated that the next comprehensive briefing to the Committee will be held in fall 2020.
The most recent external assessment was completed on December 2016.
Risk-Based Audit Plan and related information
The internal audits conducted by the IAEB are planned based on the approved, multi-year Integrated Audit and Evaluation Plan. The plan is reviewed and discussed at meetings of the TBS Audit Committee and the departmental Performance Measurement and Evaluation Committee. Details on the audit engagements are listed in Table 2.
Project | Status | Report’s approval date | Report’s date of publication | Planned Management Action Plan completion | Implementation status |
---|---|---|---|---|---|
Completed | |||||
Joint Audit and Evaluation of Privacy Practices at Treasury Board of Canada Secretariat | Completed | August 22, 2019 | January 9, 2020 | April 30, 2020 | To be validated in fall 2020 |
Audit of TBS Pay Controls | Completed | July 22, 2020 | Pending | March 31, 2021 | To be validated in fall 2020 |
Advisory: Review of the Business Owner Role | Completed | October 15, 2019 | n/a | n/a | n/a |
Advisory: Review of IT Cloud Security | Completed | February 11, 2020 | n/a | n/a | n/a |
Advisory: Inventory of HR and Pay Controls | Completed | March 31, 2020 | n/a | n/a | n/a |
Planned or ongoing | |||||
Audit of Acquisition Cards | Conduct phase | Pending | Pending | Pending | Pending |
Roles and Responsibilities of a Benefit Plan (Assurance Engagement) | Planned for launch in Q4 of 2020–21 fiscal year | n/a | n/a | n/a | n/a |
Advisory: GCfm Readiness Assessment | Ongoing | n/a | n/a | n/a | n/a |
Advisory: IT Security (Privacy) | Planned | n/a | n/a | n/a | n/a |
Advisory: Support to TBS on Pandemic Response–Related Initiatives | Ongoing | n/a | n/a | n/a | n/a |
Value added to senior management
The IAEB collects post-engagement survey results to gauge management sentiments on the value of the internal audit services rendered.
100% of senior management rated the overall usefulness of the Joint Audit and Evaluation of Privacy Practices at the Treasury Board of Canada Secretariat as being “excellent” or “good.” Results from other completed engagements will be reported in next year’s report on key compliance attributes.
© Her Majesty the Queen in Right of Canada, represented by the President of the Treasury Board, 2020,
Catalogue No.BT1-55E-PDF, ISSN: 2562-7449
Page details
- Date modified: