Annex - Assessment of Internal Control Over Financial Reporting for the Fiscal Year Ending March 31, 2015 - unaudited
This document provides summary information on the measures taken by the Office of the Public Sector Integrity Commissioner (the Office) to maintain an effective system of internal control over financial reporting (ICFR), including information on internal control management, assessment results and related action plans.
Detailed information on the Office's authority, mandate and program activities can be found in the 2013-14 Departmental Performance Report, the 2014-15 Report on Plans and Priorities and the 2014-15 Annual Report.
2. Departmental system of internal control over financial reporting
2.1 Internal control management
The Office has a well-established governance and accountability structure to support its assessment efforts and oversight of its system of internal control. An internal control management framework, approved by the Commissioner, is in place and includes:
- Organizational accountability structures as they relate to internal control management to support sound financial management, including roles and responsibilities of senior managers in their areas of responsibility for control management;
- A code of values and ethics;
- Ongoing communication and training on statutory requirements, and policies and procedures for sound financial management and control; and
- At least annual monitoring of and regular updates on internal control management, as well as the provision of related assessment results and action plans to the Commissioner and senior management and, as applicable, the Audit Committee.
The Audit Committee provides advice to the Commissioner on the adequacy and functioning of the department's risk management, control and governance frameworks and processes.
2.2 Service arrangements relevant to financial statements
The Office relies on other organizations for the processing of certain transactions that are recorded in its financial statements as follows:
- Public Works and Government Services Canada centrally administers the payments of salaries and the procurement of goods and services in accordance with the Office`s Delegation of Authority, and provides accommodation services;
- The Treasury Board of Canada Secretariat provides the Office with information used to calculate various accruals and allowances.
- The Canadian Human Rights Commission (CHRC) administers the information technology (IT) infrastructure services, provides a financial system platform to capture and report all financial transactions and performs financial transaction processing and reporting on behalf of the Office. The scope and responsibilities are addressed in the interdepartmental arrangement between CHRC and the Office, as well as in the attestation and summary of results prepared by CHRC on its ICFR in regards to the impact it has on its clients. PSIC relies on CHRC's internal controls over financial reporting and the financial management system to process the financial data that has been approved, authorized and transmitted by the Office. The Office is responsible to ensure that the financial reports are accurate and fairly present the financial results and position.
3. Departmental assessment results during fiscal year 2014-15
The key findings and significant adjustments required from the current year`s assessment activities are summarized below.
New or significantly amended key controls: In the current year, a revised approach to monitoring and documenting certification that goods are received or services performed was introduced to clarify responsibility of the role, as detailed in the Treasury Board Directive on Account Verification.
Ongoing monitoring program: As part of its ongoing monitoring plan, the Office reviews and updates annually its process flows and narratives, which includes documenting controls. No significant control issues were found. In an environment of centralized operations, limited types of transactions recorded and micro size, finance utilizes substantive procedures and detailed variance reporting to efficiently obtain additional internal assurance over the financial reporting.
4. Departmental action plan
4.1 Progress during fiscal year 2014-15
|Previous year's rotational ongoing monitoring plan for current year||Status|
|Entity-level controls (2014-15)||Completed as planned; no remedial actions required.|
|IT general controls (2014-15)||Delayed to 2015-16.|
|Master data on vendors (2014-15)||Completed as planned; no remedial actions required.|
|Payroll (2014-15)||Delayed to 2015-16.|
4.2 Action plan for the next fiscal year and subsequent years
The Office's rotational ongoing monitoring plan over the next three years, based on an annual validation of the high-risk processes and controls and related adjustments to the ongoing monitoring plan as required, is shown in the following table.
Rotational Ongoing Monitoring Plan
|Key control areas||Fiscal year|
|IT general controls*||Yes||No||No|
|Master data on vendors||No||No||Yes|
* Under Office management