2018–19 Annex – Assessment of Internal Control over Financial Reporting

2018–19 Departmental Results Report

for the fiscal year ending March 31, 2019

1. Introduction

This document provides a summary of the measures taken by the Office of the Public Sector Integrity Commissioner (the Office) to maintain an effective system of internal control over financial reporting, including information on internal control management, assessment results and related action plans.

Detailed information on the Office’s authority, mandate and program activities can be found in the corporate publications.

2. System of internal control over financial reporting

2.1 Internal control management

The Office has a well-established governance and accountability structure to support its assessment and oversight of its system of internal control. An Internal Control Framework, approved by the Commissioner, is in place and includes:

  • organizational accountability structures related to internal control management to support sound financial management, including roles and responsibilities of senior managers in their areas of responsibility for internal control management;
  • a code of values and ethics;
  • ongoing communication and training on statutory requirements, as well as policies and procedures for sound financial management and control;
  • regular monitoring of internal control management, as well as the provision of related assessment results and action plans to the Commissioner and senior management and, as applicable, the Audit and Evaluation Committee.

The Audit and Evaluation Committee provides advice to the Commissioner on the adequacy and functioning of the Office’s risk management, control and governance frameworks and processes.

2.2 Service arrangements relevant to financial statements

The Office relies on other organizations for the processing of certain transactions that are recorded in its financial statements as follows:

Common Arrangements

Public Services and Procurement Canada centrally administers the payments of salaries and the procurement of goods and services in accordance with the Office’s Delegation of Authority, and provides accommodation services.

The Treasury Board of Canada Secretariat provides the Office with information used to calculate various accruals and allowances.

Specific Arrangements

The Canadian Human Rights Commission (CHRC) provides information technology (IT) infrastructure services and a financial system platform to capture, process and report all financial transactions. The scope and responsibilities are addressed in the interdepartmental arrangement between CHRC and the Office, as well as in the attestation and summary of results prepared by CHRC on its internal control over financial reporting in regard to the impact it has on its clients. The Office relies on CHRC’s internal controls over financial reporting and the financial management system to process the financial data that has been approved, authorized and transmitted by the Office. The Office is responsible to ensure that the financial reports are accurate and fairly present the financial results and position.

3. Office of the Public Sector Integrity Commissioner assessment results during fiscal year 2018–19

The key findings and significant adjustments required from the current year’s assessment activities are summarized below.

New or significantly amended key controls

In the current year, there were no significantly amended key controls in existing processes which required a reassessment.

Ongoing monitoring program

The design and operating effectiveness testing of key controls was assessed by CHRC for the contracting, salaries (payroll), delegation of authority processes and IT management and security. The assessment revealed that the key controls were strong and operating effectively. Significant adjustments were not required for the key controls.

As part of the Office 2016–17 assessment of internal controls and review if the Internal Control Framework, remedial actions were started in 2017–18 that focused on having written documentation. In 2018–19, the Office is still progressing to have well-written documentation in all control sectors.

4. Office action plan

4.1 Progress during fiscal year 2018–19

The Office assessed its controls and continued progress on updating procedures, including having written documentation.

Progress during fiscal year 2018–19

Ongoing Monitoring plan for current year

Status

Entity-level controls

Completed as planned; no remedial actions required

IT general controls

Completed as planned; remedial action in progress for written documentation

Financial close

Completed as planned; remedial action pending for written documentation

Master data on vendors

Completed as planned; remedial action pending for written documentation

4.2 Action plan for the next fiscal year and subsequent years

The Office’s rotational ongoing monitoring plan over the next three years, based on an annual validation of the high-risk processes and controls and related adjustments to the ongoing monitoring plan as required, is shown in the following table.

Rotational Ongoing Monitoring Plan

Key control areas

Fiscal year 2019–20

Fiscal year 2020–21

Fiscal Year 2021–22

Entity-level controls

Yes

Yes

Yes

IT general controls

Yes

Yes

Yes

Operating expenditures

Yes

No

Yes

Capital expenditures

No

Yes

No

Payroll

No

Yes

No

Financial close

No

Yes

No

Master data on vendors

No

Yes

No

Contributions

Yes

No

Yes