Audit and Evaluation Plan 2007-08 to 2009-10

Annex B: Key Areas of Risk

The risk and opportunity analysis conducted by Audit and Evaluation revealed a number of key areas of risks. More particularly:

Statutory Obligations and Policy
EC has extensive statutory obligations (e.g., CEPA, SARA, environmental agreements at all levels) and in the current context, departmental obligations are increasing. The Government also announced a very ambitious regulatory agenda at a time when environment is high on the public agenda.
Risks: Risk of not meeting statutory obligations could result in a loss of credibility and potential litigation. Risk of not meeting our national and international commitments could damage the department's reputation. Complexity of partnership arrangements/ agreements, if not managed effectively, could result in fragmented efforts, decreased cooperation and consensus.
Governance
EC has done major restructuring over the last two years through the implementation of new results management and governance structures to better align accountability. The analysis revealed that since the new governance structure is in place, there remains concerns about clarity on roles and accountabilities between both structures (i.e., Boards, Outcome Project Grouping leads versus Assistant Deputy Ministers, program managers), resulting in organizational confusion. There is no systematic approach to risk management in the department.
Risks: Risk of unclear understanding of roles and responsibility under the new governance structure resulting in organizational confusion. Absence of a systematic approach to risk management could result in a lack of focus and under funding more important priorities.
Financial Control
A greater importance is given to financial controls particularly with the Government's Accountability Agenda and the new Internal Audit Policy. Departmental financial information is fragmented and coming from different sources.
Risks: Risk in terms of not providing managers with quality and reliable information to make decisions. Risks of not having auditable financial statements (by 2009) and not providing assurance on financial controls could result in an embarrassment for the Department for not meeting the Internal Audit Policy requirements.
Human Resources
The existing and the new regulatory agenda will demand a significant level of resources and capacity.
Risks: Risk of not having sufficient capacity to implement and enforce existing and proposed new regulations and standards will result in challenges to deliver. Risk associated with not having departmental long-term human resources planning to address recruitment, retention, corporate knowledge, retirements, etc.
Performance Measurement
Performance measurement has been a recurring area of major concern for a number of years across government. While the department has implemented a systematic approach to performance measurement (with the OPGs and OPPs), concerns remain about its effective use for decision-making.
Risks: Risk of not effectively using performance information for decision-making.
Information Management
Information management has also been a recurring area of concern for the last several years and continues to require attention. There is no global approach to information and knowledge management in the department.
Risks: Risk that Information Management (IM) activities are not aligned to departmental priorities.

Previous page | ToC