June 2020 – Eleventh Annual Report
For the year ending March 31, 2020
The creation, in public sector organizations, of independent audit committees that include a majority of members from outside the federal public service is an essential component of the Treasury Board (TB) Policy on Internal Audit. The fundamental role of these committees is to ensure that the deputy head has independent, objective advice and assurance on the adequacy of the department’s control and accountability processes.
The importance of audit committees was further underlined in legislation when the Federal Accountability Act amended the Financial Administration Act to include the following requirements:
16.1 The deputy head or chief executive officer of a department is responsible for ensuring an internal audit capacity appropriate to the needs of the department.
2006, c. 9, s. 259.
16.2 Subject to and except as otherwise provided in any directives issued by the Treasury Board under paragraph 7(1)(e.2), the deputy head or chief executive officer of a department shall establish an audit committee for the department.
2006, c. 9, s. 259.
16.21(1) A person who does not occupy a position in the federal public administration but who meets the qualifications established by directive of the Treasury Board may be appointed to an audit committee by the Treasury Board on the recommendation of the President of the Treasury Board.
Audit Committees and Parliamentary Agencies
The TB Policy on Internal Audit makes specific reference to offices of agents of Parliament, including the Office of the Public Sector Integrity Commissioner (PSIC). Deputy heads of these organizations may, subject to compliance with sections 16.1 and 16.2 of the Financial Administration Act, authorize such departures from the specific policy requirements contained in the Policy as they may deem appropriate in light of the governance arrangements, statutory mandate and risk profile of the organization of which they are deputy heads.
Audit and Evaluation
Although audit and evaluation are the subjects of separate policies in the federal government, the management of these functions is closely linked, particularly in small agencies. In the interest of efficiency, the PSIC audit committee also has responsibilities related to evaluations carried out under the TB Policy on Results and, consequently, is named the Audit and Evaluation Committee (AEC).
Accountability of the AEC
The AEC’s role is advisory in nature. The sole accountability of the AEC is to the Public Sector Integrity Commissioner of Canada (Commissioner). Members are accountable for the objectivity, quality and timeliness of their advice and for the performance of their contractual responsibilities. In addition, the AEC conducts an annual self-assessment of its work.
Responsibilities of the AEC
The AEC’s responsibilities as set out in its Charter are as follows:
- Provide objective advice and recommendations to the Commissioner regarding the sufficiency, quality and results of internal audit engagements related to the adequacy and functioning of the Office’s frameworks and processes for risk management, control and governance.
- Review, using a risk-based approach, all areas of management designated by the Comptroller General of Canada for audit committee review. These areas are:
- Values and ethics
- Risk management
- Internal audit function
- External assurance providers
- Follow-up on management action plans
- Financial statements and public accounts reporting
- Accountability reporting
- Provide advice and recommendations on any other matters for which the Commissioner, as accounting officer, is responsible, and on other related matters as needed or requested by the Commissioner.
With respect to evaluations, the AEC will do the following:
- Provide advice to the Commissioner, through review of the PSIC risk-based audit and evaluation plan, regarding PSIC programs or operations that should be the subject of an evaluation.
- Review and advise on the terms of reference, scope and timing of any planned evaluation.
- Review the findings of evaluations carried out and monitor subsequent management action plans.
Annual Plan and Annual Report
The AEC carries out its operations according to an annual plan that is prepared by the Chair and approved by the Commissioner. The document sets out the number of meetings planned for the coming year, as well as topics to be covered at the meetings. At the end of each fiscal year, the Chair of the AEC, in consultation with other external members, prepares a report (this document) to the Commissioner that describes the activities carried out by the AEC during that year and provides an assessment of the systems, controls and other management tools that are in place at PSIC.
The Chair and members are selected by the Commissioner. The fiscal year (FY) 2019–20 AEC consisted of the following people:
- Josée De La Durantaye, External
- Joe Friday, Commissioner
- Jacques Paquette, External
Regular Non-Member Attendees
- Denis Bilodeau, Deputy Commissioner and Chief Audit Executive (CAE)
- Eric Trottier, Manager, Financial Services and Chief Financial Officer (CFO)
- Heidi Bartman, Chief Results Delivery Officer
During FY 2019–20, the Committee met on the following dates:
- April 9, 2019
- July 8, 2019
- December 9, 2019
- February 17, 2020 (teleconference)
An in-camera session with the Commissioner, the CAE, the CFO, and the Office of the Auditor General representative (when present) was held at each regular meeting. The external members also met in camera.
The AEC received information and support from management to enable it to carry out its duties and responsibilities effectively. The Commissioner also made his reports to Parliament available to the AEC, including his Annual Report and Case Reports.
With the help of the AEC Chair, the Chief Results Delivery Officer prepared the agendas and minutes for the 2019–20 meetings and supported the AEC’s work.
Summary of FY 2019–20 AEC Meeting Topics
Items that the AEC considered in FY 2019–20 included the following:
Office of the Auditor General (OAG) Audit of Financial Statements
- The OAG audits PSIC’s financial statements each year.
- Nathalie Chartrand, Audit Principal, and Julie Tremblay presented the results of the audit of the FY 2018–19 financial statements to the AEC on July 8, 2019. Ms. Tremblay advised that the results of the audit did not modify the opinion on the financial statements. Ms. Chartrand and Ms. Tremblay identified no legal claims and no business risks that had significant audit implications.
- Ms. Chartrand thanked PSIC staff and CHRC (PSIC’s financial services provider) for their full cooperation. The OAG will not request an action plan as a result of the audit.
- On the AEC’s recommendation, the Commissioner and the CFO signed the audited financial statements.
- The audit cycle continued with a presentation by the OAG on February 17, 2020, on the audit plan for the 2019–20 financial statements.
PSIC Risk-Based Audit and Evaluation Plan (RBAEP)
- The AEC reviewed the PSIC RBAEP and made the necessary adjustments to properly manage available resources.
- Specific discussions were held about PSIC’s risk profile in the RBAEP. As a result, the risk profile was revised to make the list of risks more realistic and coherent, and to ensure that no significant risk was omitted.
- The AEC asked PSIC to identify the residual risks and update the associated risk mitigation strategies.
Update on LEAN Implementation
- Raynald Lampron gave an update on the implementation of the LEAN process within PSIC Operations.
- He explained that PSIC was ensuring quality was maintained by emphasizing consistency, the use of models and the holding of regular discussions.
- AEC members continued to be impressed by the results generated by the LEAN program and its impact on PSIC’s organizational culture.
Audit of Service Level Agreements
- KPMG was engaged to conduct an audit of the three third-party service level agreements. The purpose of the audit was to determine whether the terms of the memoranda of understanding with the third parties in question are being respected, whether services are being delivered in an effective and efficient manner, and whether they represent value for money.
- The AEC provided its comments on the report electronically in September. Management’s response, in which PSIC accepts the results set out in the final report of the internal audit of three third-party service level agreements, was tabled at the AEC’s December meeting.
Public Service Employee Survey (PSES)
- The Commissioner provided the AEC with the results of the most recent PSES. PSIC employee participation in the survey was high and the results were once again very positive.
- AEC members complimented the Commissioner and his executive team on the leadership that resulted in these excellent results.
- At each meeting, the AEC was given the opportunity to review and comment on operational statistics.
- Details were provided on the management of disclosure files, including the number of active files and active investigations.
- Details were provided at each meeting on the most current PSIC performance standards results.
- The Commissioner provided updates on PSIC cases that were before the courts and on cases that had been referred to the Public Servants Disclosure Protection Tribunal.
The AEC reviewed quarterly financial reports prepared by PSIC and provided comments to the CFO. At each meeting, the CFO presented members with a comprehensive report and analysis on expenditures and forecasts.
Each AEC meeting included a discussion of human resources issues, including hiring, staff turnover, training and planning. When appropriate, these discussions were held in camera.
At each meeting, the AEC was briefed on the progress of preparations for the relocation of PSIC’s offices, which was finalized in June 2019. The AEC commended the CFO on his efforts in working with Public Services and Procurement Canada.
The risks associated with CHRC’s delivery of IT services continued to be of particular interest to the AEC during the reporting period. The CFO briefed members on the system’s progress, including the management of files, records and information.
Audit and Evaluation Dashboard
- The Audit and Evaluation Dashboard was discussed at AEC meetings. These discussions included the status of each planned audit and evaluation, and any proposed changes to scope or timings.
- Given the time that elapses between AEC meetings, members requested that they be advised by email of any significant changes to the scope, progress or completion dates of any planned audit or evaluation.
Implementation of Phoenix at PSIC
When necessary, the CFO updated members on the impact of Phoenix at PSIC. The impact on PSIC staff remained minimal, although it was addressed individually with the employees concerned. This was confirmed in discussions with the OAG in the context of the audit of the 2018–19 financial statements.
Reports on PSIC by Others
- Like most other government entities, PSIC is subject to laws, including its own governing legislation, which result in reports on PSIC by other agents of Parliament.
- At each meeting, the AEC was presented with the results of any reports on PSIC activities that had been prepared, including reports by the Office of the Privacy Commissioner, the Office of the Information Commissioner, the Office of the Commissioner of Official Languages and other independent agencies.
- The AEC was satisfied that any issues or recommendations for improvement either had been implemented or were in progress.
Audit and Evaluation Personnel Changes
- Michael Nelson ended his term as AEC Chair effective March 31, 2019.
- Josée De La Durantaye became AEC Chair effective April 1, 2019.
Orientation and Learning Activities
Office of the Comptroller General (OCG) Departmental Audit Committee (DAC) Symposium
On November 14, 2019, Josée De La Durantaye attended the DAC Symposium. The symposium’s theme was information, transition and transformation. The topics discussed included how to transform the Government of Canada, open government in the age of cyber security attacks and disinformation, and how to leverage the power of data.
Committee Forward Agenda
Certain AEC activities take place each year, including the following:
- Providing advice and recommendations to the Commissioner on issues related to the delivery of services, including performance measurement and communication with stakeholders
- Reviewing audit and evaluation reports
- Following up on management action plans, including recommendations made in reports from other agents of Parliament
- Cooperating with the OAG and the OCG, where appropriate, given PSIC’s status as an agent of Parliament
- Developing a better understanding, as a committee, of PSIC’s administration and business through briefings on PSIC operations given by appropriate PSIC staff, so that AEC members are better able to provide advice regarding risks
- Reviewing quarterly financial statements and providing comments, where appropriate, on the Report on Plans and Priorities, the Departmental Performance Report and the Commissioner’s Annual Report to Parliament
- Participating where appropriate in audit community learning events in order to exchange views with audit committee members in other departments and agencies
Assessment of PSIC’s System of Internal Controls, Risk Management and Governance Processes
The AEC meets as a committee with PSIC staff three or four times a year. As a result, it can be difficult for the AEC to fulfill its role of providing conclusive advice to the Commissioner regarding the functioning of internal controls, risk management and governance processes.
In order to increase the reliability of the advice that the AEC provided to the Commissioner during the reporting period and in this report, the following steps were taken:
- At each in-person AEC meeting, the external members held in-camera sessions with the CFO, the CAE and the Commissioner. The CAE and the CFO were asked at each session whether there were any irregularities they wished to discuss with the external members. There was none.
- During the reporting period, the Chair was in regular contact with the CAE and the CFO.
- The external members reviewed PSIC’s quarterly financial statements and, at each AEC meeting, asked the CFO questions on financial matters (and received satisfactory answers).
- Members were given the agendas and minutes of PSIC Executive Committee meetings as well as a presentation on the evolving PSIC Results Dashboard at each AEC meeting.
- External members met in camera on July 8, 2019, with the OAG Principal responsible for the audit of PSIC’s 2018–19 financial statements. This audit did not examine internal controls, risk management or governance processes in detail. However, the audit did not identify any material misstatements or concerns that needed to be brought to the attention of the AEC, the CFO, the CAE or the Commissioner.
After taking these steps, the AEC’s external members deemed PSIC’s system of internal controls, risk management and governance processes to be, in their view and to the best of their knowledge, sound.
Assessment of the Capacity and Performance of the Internal Audit and Evaluation Function
The AEC noted the following:
- The AEC meets regularly, including in camera, and it has an external chair. Its membership is reviewed annually and renewed when required.
- OAG audits take place each year and OAG staff have commended the cooperation of PSIC officials with whom they worked in carrying out these audits, as well as the cooperation of officials from CHRC, PSIC’s financial services providers.
- A risk-based audit and evaluation plan has been prepared and reviewed by the AEC and approved by the Commissioner. The CAE prepares the Audit and Evaluation Dashboard and the AEC reviews it at least once each fiscal year.
- PSIC uses external consultants to provide expert services in the areas of risk assessment, audits and evaluations, and audit and evaluation planning. The AEC will continue to monitor the results of these services.
- Sufficient funds are available to carry out the approved risk-based audit and evaluation plan.
The AEC will continue to review the capacity and performance of the internal audit and evaluation functions at PSIC.
(Original signed by)
Josée De La Durantaye, Chair
On behalf of the PSIC Audit and Evaluation Committee