| No. | Project Name | Board | Alignment to Strategic Outcomes |
Rationale | Scope & Objectives | Required Resources | Risk Rating | Priority Rating | |
|---|---|---|---|---|---|---|---|---|---|
| PM | $’000 | L/M/H | L/M/H *man-dated | ||||||
| Carry-over from 2008-2009 | |||||||||
| 1. | Occupational Health and Safety | IS | Integration and Enabling Services contribute to achieving departmental strategic objectives | Occupational Health and Safety was identified as a high risk area in the AE Risk
Assessment 2008-09. OHS’ risk of non-compliance with policies or regulations puts the health and safety of EC staff at
risk. Potential accidents or liabilities resulting from non-compliance with OHS policies could have long-lasting reputational
repercussions for the department. Concerns about OHS were moreover expressed by senior management. An audit of OHS started in November 2008, after funding had been secured. A contract was immediately put in place, for end of work March 31st 2009. The carry over is only due to the time required to submit the report to EAAC and close the project. (95% completed). The report will be completed in Q1. |
The objective of this project is to audit the occupational health and safety program to
ensure an appropriate framework is in place and implemented. This project will address the following core management controls: People (PPL-7) and Risk Management (RM-1, RM-2, RM-3). |
1.0 | |||
| 2. | Hydrometric Monitoring Stations – Federal- Provincial Agreements | WES | Weather and environmental predictions and services reduce risks and contribute to the well-being of Canadians | The Hydrometric Monitoring Stations Federal-Provincial Agreements Program under the WES Board is characterized by a
high level of complexity (e.g. complex delivery arrangements), dependency on various national and international partners, as well as compliance requirements
(Canada Water Act, Boundary Water Treaty Act, International Rivers Improvement Act, etc). Thus, it is exposed to a variety of risks:
risks associated with inflexible obligations and poor understanding of responsibilities and agreements, non-compliance risk, risk that the current decision making
and management configuration may not be optimal, especially in light of the complexities of internal and external arrangements, etc. The project started in December 2008 and carried over into 2009-10 due to other priorities such as special investigations and MAF assessment. This project is still at the planning phase (25% completed). The report will be completed in Q3. |
The objective of this project is to audit the various arrangements for the operations and the maintenance of
hydrometric monitoring stations, including the agreements with the various provinces. The focus will be on the following: (1) the internal and external
governance of the Hydrometric Program; and (2) the Hydrometric Program delivery approaches. This project will address core management controls: Accountability (AC-1, AC-3, AC-4). |
6.0 | 25 | ||
| 3. | Efficiency of the Contracting Process | IS | Integration and Enabling Services contribute to achieving departmental strategic objectives | The audit of the Efficiency of the Contracting Process was identified as a high priority during the 2007-2008
consultation process. The audit was delayed due to the team lead being reassigned to the Annual Risk Based Audit and Evaluation Plan. As a department that largely depends on others to deliver programs on its behalf, EC is reliant upon an efficient contracting procurement process. In this area, the department is exposed to the risk that the management has not established processes to identify, solicit, evaluate and manage third party contracts, as well as the risk that existing procurement processes are not effective or efficient. A value for money audit will address some of these issues. This project is still at the planning phase (20% completed). The report will be completed in Q3. |
The objective of this project is to conduct an audit of the efficiency of the contracting
processes at Environment Canada. This project will address the following core management control: Stewardship (ST-22). |
3.0 | 51 | ||
| 4. | Specified Purpose Accounts | IS | Integration and Enabling Services contribute to achieving departmental strategic objectives | The Specified Purpose accounts have not been previously audited at EC. The quality of controls in place
is unknown, and the high materiality of the area, with approximately $12 million received in 2004-2005, makes it especially important to
access the processes of the Specified Purpose Accounts for utility and compliance. While the project was identified in the Financial Audit Plan as a high priority and risk area during consultations with senior management in 2008-2009, the audit was delayed because the auditor in charge has left the department. This project is at the beginning of the reporting phase (65% completed). The report will be completed in Q3. |
The objective of this project is to audit the utility, appropriateness, and compliance of
Specified Purpose Accounts. This project will address the following core management control: Stewardship (ST-7). |
3.0 | |||
| 5. | Costing and Pricing (Vote Netted Revenue) | IS | Integration and Enabling Services contribute to achieving departmental strategic objectives | The costing and pricing (Vote Netted Revenue) program is a complex and high materiality EC function
with a high volume of transactions and a total amount of $19M processed in 2006-2007. All regions participate in the process adding to the
complexity and the scope of the program. Thus, while all revenues have been considered as lower risk in the course of the Readiness Assessment,
VNR has a complexity that other revenues do not have. Despite this, the program was never audited; the quality of the controls in place is unknown. The initial audit planned was delayed because the scope was significantly modified following the detailed risk analysis. This project is at the beginning of the reporting phase (65% completed). The report will be completed in Q3. |
The objective of this project is to audit costing and pricing mechanisms employed by the department. The objectives of the audit are to ensure that: (1) Environment Canada’s costing framework is up-to-date and is used consistently across the Department; (2) the right mechanisms are used to manage revenues; and (3) the department is properly costing its good and services and charging its clients. This project will address the following core management controls: Stewardship (ST-5, ST-6, ST-7). |
2.0 | |||
| 6. | Accounts Payable at Year-end | IS | Integration and Enabling Services contribute to achieving departmental strategic objectives | The process regulating the Accounts Payable at Year-end is complex, wide in scope, and non-automated.
All regions participate in the process and significant amounts and high levels of transactions are processed in a short period of time, driving
potential operational risks to the program and the department. In addition, the audit of Accounts Payable at Year-end is required by the Federal Accountability Act and TBS Policy. This audit must be conducted after year-end (15% completed). The report will be completed in Q3. |
The objective of this project is to audit compliance and process for expenditures and Accounts
Payable at year-end including PAYE. While Accounts Payable have been identified as high risk in the course of the Readiness Assessment, this audit focuses on year-end transactions only. This project will address core management controls: Stewardship (ST-2, ST-5, ST-7, ST-10, ST-12). |
3.0 | 23 | * | |
| Planned for 2009-2010 | |||||||||
| 7. | Physical Security | IS | Integration and Enabling Services contribute to achieving departmental strategic objectives | Physical Security was identified as a risk in the 2009-2010 AE Risk Assessment. The MAF V assessment
lists Management of Security and Business Continuity as an “opportunity for improvement” for the organization (AOM # 19). Recent incidents (laptop, document missing, etc.) and inconsistencies in security capacity across the nation have further highlighted the importance of assessing Physical Security at EC. In addition, no recent audits of security have been conducted. Some post 9/11 program changes took place; however, they were not informed by a comprehensive audit. In light of the above, the audit of Physical Security is a high priority for the department. This project will begin in Q1 and will be completed in Q3. |
The objective of this project will be to assess the appropriateness and performance of EC’s
security measures with an emphasis on asset security including building access. This project will address the following core management controls: Risk Management (RM-2, RM-3, RM-5, RM-7). |
9.0 | H | H | |
| 8. | Life Cycle Management of Assets |
IS | Integration and Enabling Services contribute to achieving departmental strategic objectives | Inconsistent life-cycle management of assets was identified as a risk area in the 2009-2010 AE
Risk Assessment and management consultations. Life cycle management of capital assets is critical for EC’s programs. Assets (e.g. atmospheric and hydrologic monitoring infrastructure; weather radars; supercomputer; fleet) will deteriorate adding occupational health and safety risks and increasing the potential for malfunction or failure (identified as a corporate risk in 2008 CRP). Risks were associated with EC’s ability to properly reinvest to keep assets up to date (“rust-out” risk), the lack of a good inventory of assets, as well as a lack of understanding of best practices. Compounding these risks are the very high materiality of the assets and the fact that no previous audit work has been done in this area. The importance of asset management for EC, a science-based department, makes the audit of this area a priority for the department. This project will begin in Q1 and will be completed in Q3. |
The objective of this project will be to assess the controls in place to support effective and
efficient life cycle management of the Department’s assets. This project will address the following core management controls: Stewardship (ST-8, ST-9). |
7.0 | 25 | H | H |
| 9. | Governance of Information Management | IS | Integration and Enabling Services contribute to achieving departmental strategic objectives | In this information age, information management (IM) is a critical indicator of the long term
viability of an organization. In a scientific department, good IM is an especially key success factor. Past audits and reviews have identified
gaps in our IM practices. Further, the three most recent rounds of MAF assessment for Environment Canada have identified opportunities for
improvement in the IM area, such as the utility of the corporate performance framework. This project will begin in Q3 of 2009 will be completed in Q1 of 2010. |
The objective of this project is to provide assurance that the Information Management Directorate
provides governance, risk management and strategic direction for information management in the department. Particular attention will be paid to
conclude on whether a clearly defined and adequate vision exists for managing the information resources of a scientific department. This project will address the following core management controls: Governance and Strategic Directions (G-3, G-5, G-6), Risk Management (RM-3, RM-6), and Stewardship (ST-19, ST-21). |
7.0 | H | H | |
| 10. | Governance of Specialized Information Technology (IT) Resources | IS | Integration and Enabling Services contribute to achieving departmental strategic objectives | In a scientific department like Environment Canada, program delivery areas often have staff
performing IT functions acquiring hardware and developing and/or supporting IT systems. These embedded personnel often have a familiarity
with the subject area that is not generally available in the wider IT community. The 2006 MAF assessment found opportunity for improvement
in the level of corporate engagement in IT management. This project will begin in Q1 and will be completed in Q3. |
The objective of this project is to provide assurance that the governance provided to support
specialized IT resources is adequate and effective. This audit will inventory the scope and nature of the IT related work being carried out in the program areas of the department, the systems that have been acquired or developed as a result of the activity, and the skill sets that are required to carry out this activity. The audit will assess the adequacy and effectiveness of the IT governance to which IT activities and resources (people and systems) are subject. This project will address the following core management controls: Governance and Strategic Directions (G-6), People (PPL-2, PPL-4), Citizen-focused Service (CFS-4), and Stewardship (ST-19, ST-21). |
12.0 | H | H | |
| 11. | Management of Additional Funding Received | EP ES WES IS |
All | Canada’s Economic Action Plan includes several spending measures to be implemented by
departments. It will be important that departments, including Environment Canada, exercise sound stewardship and due diligence in delivering on
those measures. In this context, an audit of the Management of Additional Funding Received is necessary to the department. Canadian Environmental Sustainability Indicators: Canada’s Economic Action Plan will work to improve the Government’s annual reporting on key environmental indicators, such as clean air, clean water and greenhouse gas emissions with $10 million in 2009-2010 (EC to receive $6.6 million of federal funding). This program is increasingly exposed to public scrutiny, with increasing demands for environmental information. Though the program has been involved in several recent audits/evaluations, it presents a risk associated with extensive stakeholder engagement/partnership, third party dependency, and compliance. Federal Contaminated Sites Action Plan: Canada’s Economic Action Plan has provided a significant investment in this program, $80.5 million over the next two years, for the management and assessment of federal contaminated sites and $165 million to facilitate remediation work totalling an estimated $245.5 million. EC will receive $7.9 million for program management (for EC’s custodial contaminated sites program, as well as the FCSAP Secretariat and Expert Support to all departments); $3.2 million for assessment work, and $0.5 million to facilitate accelerated remediation work. This is a highly complex horizontal initiative that is being delivered by fifteen federal custodians. Environment Canada co-leads administration of this program with the Treasury Board Secretariat. This initiative exposes Environment Canada to risks associated with both business processes due to its complexity and third party dependency, and in particular a dependency on federal financial assistance programs, that provide funding for activities related to federal contaminated sites. A recent A&E evaluation was very positive with performance measurement being the main issue. Modernizing Federal Laboratories: Canada’s Economic Action Plan has provided a significant investment in this program, $250 million over the next two years, for deferred maintenance of federal laboratories. EC submitted 16 project proposals and is competing for $22.7 million from the fund. Six of these projects (valued at $14 million) are well aligned with the budget criteria. EC projects are low dollar value, thereby contributing to our ability to complete the infrastructure projects by March 31, 2011. Arctic Research Infrastructure: Canada’s Economic Action Plan has provided a significant investment in this program, $85 million over the next two years, for the maintenance and / or upgrading of key existing Arctic Research facilities. EC submitted 3 project proposals valued at $6.6 million. The above audits will be completed between Q1 and Q4. |
The objective of this audit is to advise managers on the adequacy and effectiveness of internal controls,
to deliver their new or expanded programs, in a relevant and timely fashion. The result of the audit will also be incorporated into the risk assessment
process for the upcoming OAG audits on Canada’s Economic Action Plan e.g. program design and accountability; management frameworks; and compliance
with legislation. This audit will address the following core management controls: Governance and Strategic Directions (C-1, C-2, C-3, C-4, C-5), Policy and Programs (PP-1, PP-3), People (PPL-1, PPL-2, PPL-4), Risk Management (RM-2, RM-3, RM-4, RM-5, RM-7), Stewardship (ST-1, ST-5, ST-7, ST-10, ST-11, ST-16, ST-17), Accountability (AC-1), Learning, Innovation and Change Management (LICM-1, LICM-2, LICM-3), and Results and Performance (RP-2, RP-3). |
4.0 | H | H | |
| 12. | Weather Predictions Program (potential joint audit-evaluation – collaborative approach) | WES | Weather and environmental predictions and services reduce risk and contribute to the well-being of Canadians | The Weather Predictions Program has not yet been audited though a number of related audits and evaluations
have taken place or are underway, for example Air Quality Index by the CESD, the OAG Audit on Severe Weather Event and the Evaluation of MSC Transition. As well, an internal audit of the contingency plans for the weather prediction program was conducted in 2007. An upcoming core investment in supercomputing is valued at $12 million per year. Salary and O&M for the Weather Predictions Program account for $30 million per year and a new contract for up to $100 million is issued every seven years. This project will begin in Q2 of 2009-2010 and will be completed in Q1 of 2010-2011. |
The objective of this project is to audit the management of the Weather Predictions Program. The emphasis
will be on the role of science/research in support of weather predictions. This is a potential joint audit and evaluation project. This project will address the following core management controls: Policy and Programs (PP-1, PP-2, PP-3). The scope of this audit is still to be finalized. |
5.0 | 20 | H | M |
| 13. | CAE Holistic Opinion | IS | Integration and Enabling Services contribute to achieving departmental strategic objectives | The CAE Holistic Opinion on internal controls, risk management and governance is an Internal Audit Policy
requirement. In order to provide this opinion, the CAE relies on the internal audit and evaluation results, as well as on other providers of
assurance, such as the Auditor General, the Commissioner of the Environment and Sustainable Development, and the Comptroller general. This project
consists in gathering evidence for areas where there are gaps in the information. This is an ongoing project that will be conducted throughout Q1 to Q4. |
The objective of this project will be to conduct data gathering and various audit activities on core control elements of the MAF, in support to the CAE annual holistic opinion (the level of effort assumes a focus on the following MAF elements: Risk Management, People and Stewardship elements). | 5.0 | * | ||
| 14. | Internal Audit Follow-ups | All | Internal audit follow-ups are required to provide management assurance that previous audit recommendations
are acted upon. To this end, internal audit will monitor the implementation of past recommendations for the following audits:
|
The objective of this project will be to monitor the implementation of past recommendations. | 2.0 | ||||