Key Compliance Attributes are published in accordance with the Office of the Comptroller General of Canada (OCG) Technical Bulletin 2018-1: Policy on Internal Audit
- A.2.2.3 Departments must meet public reporting requirements as prescribed by the Comptroller General of Canada and using Treasury Board of Canada Secretariat prescribed platforms, including:
- A.126.96.36.199 Performance results for the internal audit function.
These results, or key attributes, demonstrate that the main fundamental elements necessary for oversight are in place, are performing as required under the Policy on Internal Audit and the Directive on Internal Audit, and are achieving results.
Key compliance attributes
|Performance indicators||Key compliance attribute||2017-18||2018-19
|Internal Audit comments
|Do internal auditors in departments have the training required to do the job effectively? Are multidisciplinary teams in place to address diverse risks?||Number of IA employees (including CAEE)||10||8||The number of current full-time equivalent positions|
|% of staff with an internal audit or accounting designation (Certified Internal Auditor (CIA), Chartered Professional Accountant (CPA))||70%||75%|
|% of staff with an internal audit or accounting designation (CIA, CPA) in progress||20%||25%||2017-18: 1 new employee joined late in Q4 – formally registered in Q1 2018-19||In progress: The staff member (an indeterminate employee) has formally registered with and has been accepted by the certifying body to complete the requirements of the professional designation in a prescribed time frame and has registered for at least one component of the certification process.|
|% of staff holding other designations (CGAP, CISA, etc.)||20%||25%||2017-18: 2 staff with CIAs also held other designations (CRMA, CGAP)|
|Is internal audit work performed in conformance with the international standards for the profession of internal audit as required by Treasury Board policy?||Date of last comprehensive briefing to the Departmental Audit Committee on the internal processes, tools, and information considered necessary to evaluate conformance with the IIA Code of Ethics and the Standards and the results of the quality assurance and improvement program (QAIP)||-||February 4, 2015||Internal Audit has quality assurance steps built into the audit process and discusses these with the DAC members. This will be enhanced as a comprehensive QAIP process is developed in 2018-19.||
Last comprehensive briefing: A comprehensive briefing includes updates on all pertinent elements of the QAIP. In accordance with IIA Standard 1320, this comprehensive briefing would include:
External assessments (practice inspections) must be conducted at least once every five years by a qualified, independent assessor or assessment team from outside the organization.
|Date of last external assessment||-||February 4, 2015||2019-20 is next external assessment|
|Is internal audit credible and adding value in support of the mandate and strategic objectives of the organization?||Average overall usefulness rating from senior management (ADM-level or equivalent) of areas audited.||Good||Average "overall usefulness" rating: Post-audit surveys to senior management of the area audited should include a question on the overall usefulness of the audit.|
2018-19 Internal audit status
|Internal audit title||Audit status||Report approved date||Report published date||Original planned management action plan (MAP) completion date||MAP implementation status (%)|
|Grants & Contributions Systems||Planned|
|Information Technology Client Services (review)||Planned|
|Management of Intellectual Property||In progress|
|AAFC MOUs and Service Agreements (carried over from 2017-18)||Approved – Not published||May 15, 2018||Recommendation 1: December 2018
Recommendation 2: May 2019
|Travel and Hospitality||Planned|
|Workplace Wellbeing (review) – Joint Audit and Evaluation||In Progress|
|IM/IT Risk Assessment||In Progress|
- This requirement applies only to internal audits that will begin in fiscal year 2018-19. Additions and adjustments to the internal audits listed in the departmental Audit Plan may have occurred to address emerging risks and priorities of the organization.
- Going forward, audits from past fiscal years will remain listed in the table until 100% MAP implementation is achieved. Audit engagements will remain listed on the site for a minimum six-month period after 100% implementation has been achieved and published.