The mandate of EC’s AEB is to support the Deputy Minister and senior management in attaining the strategic objectives of the Department by providing them with objective, independent, evidence-based information, assurance and advice on the effectiveness and efficiency of departmental programs, policies and operations. In addition, the Branch supports the EAAC, DEC and other related committees, provides services to liaise external auditors with the respective departmental representatives, and provides oversight in responding to environmental petitions.
The internal audit and strategic planning and coordination functions are carried out under the authority of the Federal Accountability Act (December 2006) and the TB Policy on Internal Audit (April 2006). Further, the Government of Canada has adopted the Institute of Internal Auditors (IIA) International Professional Practices Framework (January 2009) and the Department is required to meet those standards in undertaking internal audit responsibilities. The evaluation function is carried out under the authority of the Federal Accountability Act and the TB Evaluation Policy (April 2001).
The new Policy on Evaluation received Treasury Board approval on March 3, 2009 and will take effect as of April 1, 2009. While the current plan was not designed to address the requirements of the new policy, it will be considered in the context of future work planning for the Evaluation Division.
The Internal Audit division provides assurance to the Deputy Minister and senior management through objective and independent evidence-based information, assessment and advice on the adequacy of management practices, controls and accountability mechanisms. Other activities include conducting special investigations of possible fraud or wrongdoing in relation to such policies as Internal Disclosure of Information Concerning Wrongdoing in the Workplace and the Values and Ethics Code for the Public Service. The division manages the relationship with all external auditors including the OAG and the CESD; provides assessments and advice to the Minister, Deputy Minister, senior departmental managers, EAAC and DEC regarding audits and reports issued by the external auditors.
The Evaluation division ensures that departmental management receives timely, strategically focused, objective and evidence-based information on the effectiveness and efficiency of departmental policies, programs and initiatives. Other activities include: providing expert advice and advisory services in the area of evaluation; updating internal policies and procedures to ensure ongoing compliance with TB policies and best practices; and reviewing TB submissions and Memoranda to Cabinet to ensure evaluation commitments are sound and factored into annual planning and risk assessment.
The Strategic Planning and Coordination (SPC) division is responsible for the risk-based audit and evaluation planning, budgeting, reporting and quality assurance to ensure that the Departmental Audit and Evaluation plans, reports and activities contribute to the Department’s and the government’s priorities for the use of audit and evaluation as keys to strengthening public service governance, accountability and transparency. The division also provides strategic and secretariat support to the EAAC and the DEC and assists departmental managers in responding to environmental petitions received from the CESD. The coordination of other AEB corporate functions such as input to the Report on Plans and Priorities (RPP), Departmental Performance Report (DPR), Corporate Risk Profile (CRP), and Management and Accountability Framework (MAF) and human resource planning is also centralized in SPC.
The EAAC, which was created in 2007 as a result of the 2006 Policy on Internal Audit, ensures that the Deputy Minister obtains independent, objective advice and assurance on the adequacy and effectiveness of the department’s risk management, controls, and governance processes and provides oversight to the internal audit and strategic planning and coordination function.
The DEC, chaired by the Deputy Minister, provides oversight to the evaluation function. The Committee ensure the independence and effectiveness of the evaluation function and ensure the accountabilities of managers.
In the last three years, the Government of Canada has made significant investments in preserving Canada’s environment by cleaning the air and water, reducing greenhouse gas emissions, combating climate change, and protecting the natural environment. It has invested, for example, in Canada’s Clean Air Regulatory Agenda, Canada’s Chemicals Management Plan, the Eco Energy Initiative, Canada’s EcoTrust, the Eco Transport Strategy, and Canada’s EcoAction Plan.
The 2009 Canada’s Economic Action Plan includes new measures to support a cleaner and more sustainable environment. It also includes several spending measures to be implemented by departments. The economic stimulus package presented in the plan identifies several projects to ensure additional funding provided to departments reflects the principles of sound stewardship as highlighted in the Financial Administration Act. From among those projects, EC is poised to receive funding for the Canadian Environmental Sustainability Indicators, the Federal Contaminated Sites Action Plan, Modernizing Federal Laboratories, the Arctic Research Investments, and the Mackenzie Gas Pipeline Project. The Audit and Evaluation Plan takes into consideration the implementation of stimulus measures.
The TB Policy on Internal Audit requires that the department maintains an effective and independent internal audit function. The Policy sets out specific requirements with respect to governance and the role of internal audit, including the requirement for the CAE to provide a holistic opinion to the Deputy Minister on departmental controls, governance and risk management, support the OCG in the conduct of horizontal audits, as well as adherence to the standards of the IIA.
In March 2009, the Secretary of the TB announced the TB’s approval of the Policy on Evaluation, which takes effect on April 1, 2009. TB will also provide directives and standards with clear and specific direction to heads of evaluation, evaluators and program managers regarding policy implementation, evaluation quality and standards. The objectives of the new Policy include improving the availability of credible, quality evaluation evidence for informing expenditure management decisions. This includes strengthening the base of information available for Strategic Reviews, by expanding evaluation coverage and by focusing evaluations on the performance of programs. The policy will also support departments in achieving policy and program improvements and enhancing their public reporting. The implementation of the new policy requirements will impact the evaluation activities over the next four years.
EC will continue to deliver on some important commitments to preserve Canada’s environment, such as pursuing clean and abundant water and healthy lakes and rivers, as well as protecting species at risk, our native biodiversity, and other Canadian wildlife habitats. The Government continues to tackle the pre-eminent environmental issue of our time – climate change – with plans and investments that will translate into a real step forward in reducing domestic, continental, and global greenhouse gas emissions.
Taking into consideration these priorities, and in accordance with the requirements of the Internal Audit and Evaluation Policies, this plan has been developed to permit coverage of the following key aspects of the department’s operation:
Coverage of the Management and Accountability Framework (MAF) Criteria
The TBS assessment of EC’s performance against the MAF for 2007 identified the Risk-Based Audit Plan as one area in which EC internal audit was rated with “Opportunity for Improvement”. More particularly, the Audit Plan should be improved by including an Audit Universe, a link to the Corporate Risk Profile, a risk ranking of the audit projects, a rationale for resource estimates and carry-over audits, and a statement of constraints. Audit reports should be improved by providing more context of the risks and significance of the project, and a more structured management action plan. Timeliness of the audit reports should also be improved.
The draft TBS assessment against MAF for 2008 also provides an “Opportunity for Improvement” rating for the Risk-Based Audit Plan. More particularly, the Risk-Based Audit Plan should be improved by risk ranking the audit universe entities by priorities, risk ranking audit engagements and indicating whether audit topics were selected based on highest risk. In addition, the follow-up strategy should be documented with periodic reporting on the follow-up of management action plans.
This plan has been improved to ensure coverage to address recommendations of TBS to meet the MAF assessment criteria.
Coverage of Risk Management, Controls and Governance Processes
One of the cornerstones of the TB Policy on Internal Audit is the requirement for the CAE to render a holistic opinion on the overall state of the department’s risk management, control and governance processes. Section 5 identifies audit projects intended to provide the coverage necessary to build the foundation for this holistic opinion.
Specifically, the new policy states that “Chief Audit Executives (CAEs) will provide annual holistic opinions to deputy heads and audit committees on the effectiveness and adequacy of risk management, control and governance processes in their departments, as well as reporting on their individual risk-based audits.”
In providing a holistic opinion, CAEs will rely on a number of audit results. These will include, but may not be limited to:
Risk Management
To ensure sufficient coverage of risk management, the AEB plan is designed to monitor risk management activities taking place in the department. This will include an examination of corporate risk management activities, such as the CRP and the Integrated Risk Management Framework (IRMF). Operational risk management practices will also be assessed, as part of risk assessment and scoping activities for individual engagements in this year’s plan.
Governance
To ensure sufficient coverage in this area, AEB will complete one audit on the subject of corporate governance over the period covered by this plan. Similar to the approach to risk management, AEB will, in the course of other audits, examine governance practices that support specific program or other objectives.
Controls
Internal controls support the organization in the achievement of its objectives and encompass the organization’s governance, operations and information systems:
The OCG’s Core Management Control (CMC) Model, provides a comprehensive framework of controls and criteria, used for assessing those “fundamental” controls that are common across all government departments and agencies. Government departments and agencies are expected to assess at a minimum these controls, as well as other risk-based controls that are unique to individual organizations.
Results of CAE’s assessment of the core management controls, in combination with the results of department-specific risk-based audits and horizontal and external audits conducted by various assurance providers, will be used for the overall assessment of controls to support the CAE annual holistic opinion. Section 5 provides additional information on the specific controls that will be covered through individual engagements in this year’s plan. Appendix D provides the list of internal and external audit projects aligned with the OCG core management controls.
Coverage of Departmental Priorities and Corporate Risks
The backbone of the plan is the audit and evaluation universe, which defines the potential scope of audit and evaluation activity and is comprised of individual “entities” that may be subjected to internal audit or evaluation activity. The current universe (See Appendix A) is comprised of some 160 entities that correspond with EC’s 2008-2009 PAA. The PAA is moving to a new, simpler and clearer PAA. 2009-2010 will be considered a transition year and the new PAA will be fully implemented by 2010-2011.
Within the universe, projects have been selected such that they are adequately covered and aligned with departmental priorities (see Appendix B) and corporate risks (see Appendix C), and to support the reporting requirements of the CAE.
To this end, this plan provides coverage of those universe elements considered to be of the highest priority (see Appendix A) and, over the course of the three year plan, will gain coverage of those risk management, controls and governance processes that collectively enable the objectives of EC. Not only is this necessary to support an audit opinion for the individual engagements, but collectively, it is necessary to support the CAE’s annual holistic opinion on the adequacy and effectiveness of risk management, controls and governance processes, as required by the TB Policy on Internal Audit.
Coverage of TBS Evaluation Requirements
To ensure ongoing compliance with the TB 2001 Evaluation Policy and the Federal Accountability Act, the plan includes evaluation projects in response to TBS requirements from TB submissions linked to TBS requirements for renewal of funding and for evaluation of Grants and Contributions Programs on an ongoing cycle.
In addition to audit assurance engagements and evaluation projects, the AEB will undertake a range of other internal assurance and performance activities each year. These are summarized below and have been factored into the planning and resource allocation decisions that underpin this plan.
Follow-Up on Recommendations
Follow-up on recommendations are conducted on an ongoing basis to ascertain the degree to which the action plans in response to recommendations made in previous audits and evaluations have been implemented, and to determine outstanding gaps/risks. The internal audit and evaluation follow-ups are outlined in the plan (see Sections 5 and 6).
Audit and Evaluation Committee Liaison and Support
The SPC division provides strategic and secretariat support to the EAAC and the DEC. For the EAAC, the SPC is the liaison between central agencies, other federal departments, senior management and committee members.
Enhanced Internal Audit and Evaluation Function
The AEB ensures that staff have appropriate professional qualifications and skills, and opportunities for sufficient training and development to maintain and develop their competencies. The Branch continues to encourage internal auditors to obtain Certified Internal Auditor designation.
Comptroller General Directed Audits
Under the Policy on Internal Audit, the Comptroller General can direct departments to conduct sectorial and horizontal audits. The internal audit group has reserved one person-month to provide support to these audits. As of this date, the OCG has identified potential subjects of horizontal audits for 2009-2010 in which internal audit may be involved. Section 7 of the plan addresses those horizontal audits.
Liaison with external auditors
A number of external audits and studies are underway or planned for EC programs/functions by external organizations such as the OAG, the CESD, the PSC, the Access to Information Commissioner, and the OCOL. The external audits and studies were taken into account in EC’s planning process to ensure proper coverage and minimize duplication of efforts. Section 7 lists the external audits and studies underway or to be carried out during the period covered by this plan.