2022–23 Departmental Results Report - Annex

(Back to 2022–23 Departmental Results Report)


Annex to the Statement of Management Responsibility Including Internal Control Over Financial for the fiscal year ending March 31, 2023 (unaudited)

1. Introduction

This document provides a summary of the measures taken by the Office of the Public Sector Integrity Commissioner of Canada (the Office) to maintain an effective system of internal control over financial reporting, including information on internal control management, assessment results and related action plans.

The Office is a small organization with low risk associated with its system of internal control. In support of an effective system of internal control, the Office annually assesses the performance of its core financial controls to ensure that:

  • Financial arrangements or contracts are entered into only when sufficient funding is available;
  • Payments for goods and services are made only when the goods or services have been received or the conditions of contracts or other arrangements have been satisfied;
  • Payments have been properly authorized.

Detailed information on the Office’s authority, mandate and core responsibility can be found in the 2022–23 Departmental Plan and the 2021–22 Departmental Results Report.

2. System of internal control over financial reporting

2.1 Internal control management

The Office has a well-established governance and accountability structure to support its assessment and oversight of its system of internal control. An internal control framework, approved by the Commissioner, is in place and includes:

  • Organizational accountability structures related to internal control management to support sound financial management, including roles and responsibilities of senior managers for control management in their areas of responsibility;
  • Values and ethics;
  • Ongoing communication and training on statutory requirements, as well as policies and procedures for sound financial management and control;
  • Regular monitoring of internal control management, as well as the provision of related assessment results and action plans to the Commissioner and senior management and, as applicable, the Audit and Evaluation Committee.

The Audit and Evaluation Committee provides advice to the Commissioner on the adequacy and functioning of the Office's risk management, control and governance frameworks and processes.

The Office leverages the results of the annual audits performed by the Office of the Auditor General of Canada and the Canadian Human Rights Commission. A summary of the service arrangements and results of their assessment conducted during the 2022–23 fiscal year is provided in the following sections.

2.2 Service arrangements relevant to financial statements

The Office relies on other organizations for processing certain transactions that are recorded in its financial statements, as follows:

Common service arrangements

  • Public Services and Procurement Canada, which administers the payment of salaries and provides accommodation services;
  • Shared Services Canada, which provides IT infrastructure services;
  • The Office of the Auditor General of Canada, which provides audit services, including the audit of the financial statements;
  • The Treasury Board of Canada Secretariat, which provides information on public service insurance and centrally administers payment of the employer’s share of contributions toward statutory employee benefit plans.

Specific arrangements

The Canadian Human Rights Commission (CHRC) provides services in the areas of financial management, information technology, human resources system access, procurement advice and a financial system platform to capture and report all financial transactions. CHRC has the responsibility of verifying and processing financial information received from the Office that is entered in the financial system. As a result, the Office relies on CHRC’s internal controls over financial reporting to process the financial data that has been approved, authorized and transmitted by the Office.

Public Services and Procurement Canada (PSPC) provides human resources management services to the Office, including staffing, classification, compensation, labour relations and human resources system data entry. PSPC has the responsibilities to ensure that the compensation and payroll issues are being addressed.

Readers of this annex may refer to the annexes of the above-noted departments for a greater understanding of the systems of internal control over financial reporting related to these specific services.

3. Assessment results during the 2022–23 fiscal year

Progress during the 2022–23 fiscal year

Office of the Public Sector Integrity Commissioner of Canada

With regard to the Office's business processes in the current financial year (2022-23), there have been no changes in existing key process controls that would have required reassessment. No action has been taken in this direction due to limited resources, but the internal control system remains maintained and effective.

However, the organization carried out a comprehensive assessment of its existing IT environment in order to gain a better understanding of it. This assessment revealed that key controls were generally effective, but also identified findings that required correction. A number of recommendations were made in this respect, including:

  • Review and secure server access;
  • Apply stricter delegation and management policies for domain access;
  • Implement a more efficient backup management plan.

The Office financial statements were audited by the Office of the Auditor General of Canada and present fairly, in all material respects, the financial position of the Office as at 31 March 2022.

Canadian Human Rights Commission

As a service provider and as part of the requirements of Treasury Board policies, CHRC is required to assess the following:

  • Key controls within business process;
  • IT general controls.

The assessment considered the controls in place at CHRC in providing services to various clients.

The testing of internal controls over financial reporting has included transactions processed for the Office. The assessment revealed that the key internal controls over the payments to suppliers and financial reporting business processes were strong and operating effectively. As a result of the testing performed, the IT general controls related to systems are generally appropriate and can be relied upon (please refer to the Annex to the CHRC’s Statement of Management Responsibility Including Internal Control Over Financial Reporting for the fiscal year ending March 31, 2023).

4. Action plan for subsequent fiscal years

The Office's rotational ongoing monitoring plan over the next five fiscal years is shown in the following table. The ongoing monitoring plan is based on:

  • An annual validation of high-risk processes and controls;
  • Related adjustments to the ongoing monitoring plan, as required.

Rotational ongoing monitoring plan

 

Key control areas

Risk Rating 2022-23 (proposed)Assessment Frequency
2023-242024-252025-262026-272027-28
Entity-level controls Low   TEST 
IT general controls under departmental managementMediumBased on service provider
Transfer paymentsLow  TEST  
Operating Expenses and Accounts PayableTravelMedium TEST  TEST
Financial signing authoritiesLow  TEST  
Acquisition CardsLow    TEST
Budgeting and ForecastingMedium TEST  TEST
ProcurementMediumTEST  TEST 
Capital AssetsMediumTEST  TEST 
Financial Reporting & Closing CycleLowBased on service provider
Master Data on VendorsLow  TEST  
Payroll and BenefitsMediumBased on service provider
Revenues and Account ReceivableLowBased on service provider