Internal Audit Performance Results

This information is being reported in compliance with Appendix A of the Office of the Comptroller General of Canada (OCG) Technical Bulletin 2023-1: Policy on Internal Audit. It states:

The objective of the Treasury Board Policy on Internal Audit is to ensure that the oversight of public resources throughout the federal public administration is informed by a professional and objective internal audit function that is independent of departmental management.

Heads of organizations are responsible for ensuring that internal audit in the department is carried out in accordance with the Institute of Internal Auditors International Professional Practices Framework unless the framework is in conflict with the Treasury Board Policy or its related directive; if there is a conflict, the policy or directive will prevail.

Departments with internal audit functions are required to publish key attributes of compliance as per section A.2.2.3.1 of the Treasury Board Directive on Internal Audit. It is important that the public is aware that heads of government organizations are receiving assurance and that activities are managed in a way that demonstrates responsible stewardship.

These attributes have been selected because they demonstrate to an external audience that, at a minimum, the fundamental elements necessary for oversight are in place, are operating as intended and are achieving results. The key attributes of compliance with the policy and standards are:

• internal auditors that are trained to effectively perform the work
• audit work that is performed in conformance with the international standards for the profession
• audit work that is performed according to a systematically developed risk-based audit plan, which has been approved by the head of the organization, and that results in management actions being taken in response to report recommendations
• audit work that is perceived by stakeholders as adding value in the pursuit of organizational objectives

Publishing departmental key compliance attributes provides pertinent information to Canadians and parliamentarians regarding the professionalism, performance and impact of the internal audit function in departments. These are not performance measures and no targets are attached. Under the Policy, the Comptroller General has the authority to amend these attributes, should there be changes in the internal audit environment and/or due to the evolving maturity of the internal audit function.

Date of information: As at June 30, 2023.

Compliance attributes

• Internal Audit Division qualifications

  Do internal auditors in departments have the training required to do the job effectively? Are multidisciplinary teams in place to address diverse risks?

  • 1(a) % of staff with an internal audit or accounting designation (CIA, CPA): 59%
  • 1(b) % of staff with an internal audit or accounting designation (CIA, CPA) in progress: 12%
  • 1(c) % of staff holding other professional designations (CGAP, CISA, etc.): 71%

  Acronyms

  CIA

  Certified Internal Auditor

  CPA

  Chartered Professional Accountant

  CGAP

  Certified Government Auditing Professional

  CISA

  Certified Information Systems Auditor

• Conformance to professional standards

  Is internal audit work performed in conformance with the international standards for the profession of internal audit as required by Treasury Board policy?

  • 2(a) Date of last comprehensive briefing to Departmental Audit Committee on the internal processes, tools, and information considered necessary to evaluate conformance with the Institute of Internal Auditors (IIA) Code of Ethics and the Standards and the results of the quality assurance and improvement program (QAIP): June 2022
  • 2(b) Date of last external assessment: March 2022
• Active audits and status of Management Action Plans (MAPs)

  Are the Risk Based Audit Plans (RBAPs) submitted to audit committees and approved by deputy heads implemented as planned with resulting reports published? Is management acting on audit recommendations for improvements to departmental processes?

  Internal audits

  Internal audit title	Audit status	Report approved date	Report published date	Original planned MAP completion date	Implementation status
  1. Targeted Control Audit of Precursor Chemicals	Published – MAP not fully implemented	September 24, 2019	October 5, 2020	August 31, 2021	75%
  2. Audit of Lookouts	Approved – Not published	April 28, 2021	N/A	December 31, 2022	20%
  3. Follow-up Audit of Professional Standards	Published – MAP fully implemented	March 11, 2021	March 22, 2021	March 31, 2022	100%
  4. Audit of compensation processes and controls	Published – MAP fully implemented	August 23, 2021	April 6, 2022	March 31, 2022	100%
  5. Targeted Control Audit of Digital Devices at Ports of Entry (OPC Commitment)	Approved – Not published	August 13, 2021	N/A	October 31, 2022	67%
  6. Targeted control audit of CARM business readiness	Published – MAP fully implemented	May 25, 2022	January 27, 2023	September 30, 2022	100%
  7. Audit of budgeting and forecasting	Published – MAP not fully implemented	March 21, 2023	April 20, 2023	April 30, 2025	0%
  8. Audit of Marine Targeting Process	Approved – Not published	N/A	N/A	June 30, 2024	0%
  9. Audit of Harassment Management	Approved – Not published	N/A	N/A	March 31, 2024	0%
  10. Targeted Control Audit of Temporary Resident Permits	Approved – Not published	N/A	N/A	January 31, 2024	0%
  11. Internal audit of federal government consulting contracts awarded to McKinsey & Company	Published – MAP not fully implemented	March 22, 2023	March 30, 2023	December 31, 2023	25%
  12. Audit of Internal Controls over Financial Reporting (ICFR)	In progress	N/A	N/A	N/A	N/A
  13. Audit of Notetaking by Officers	In progress	N/A	N/A	N/A	N/A
  14. Audit of Contracting and Procurement	In progress	N/A	N/A	N/A	N/A
  15. Audit of Arming	In progress	N/A	N/A	N/A	N/A
  16. Audit of the Data Strategy	Planned	N/A	N/A	N/A	N/A
  17. Audit of Personal Seizures	In progress	N/A	N/A	N/A	N/A
  18. Audit of EX Staffing	Planned	N/A	N/A	N/A	N/A
  19. Audit of Information Management	Planned	N/A	N/A	N/A	N/A
  20. Audit of Internal Fraud Management	Planned	N/A	N/A	N/A	N/A
  21. Audit of Postal Operations	Planned	N/A	N/A	N/A	N/A
  22. Audit of Privacy Practices	Planned	N/A	N/A	N/A	N/A
  23. Audit of Humanitarian Efforts	Planned	N/A	N/A	N/A	N/A
  24. Targeted Control Audit of the Acquisition of Travel Documents in Support of Removals	Planned	N/A	N/A	N/A	N/A
  25. Audit of Cybersecurity	Planned	N/A	N/A	N/A	N/A
  26. Audit of Human Resources Planning	Planned	N/A	N/A	N/A	N/A
  27. Audit of Commercial Compliance Culpability Framework	Planned	N/A	N/A	N/A	N/A

• Credibility and value

  Is internal audit credible and adding value in support of the mandate and strategic objectives of the organization?

  Average overall usefulness rating of areas audited:
  (percentage of responding auditees from post-audit survey results per the "Satisfaction" section of the most recent Capacity Assessment Template (CAT))

  • Excellent: 49.89%
  • Good: 46.95%
  • Fair: 3.16%