Annex – Assessment of Internal Control over Financial Reporting for the fiscal year ending March 31, 2022 (unaudited)
(Back to 2021–22 Departmental Results Report)
This document provides a summary of the measures taken by the Office of the Public Sector Integrity Commissioner of Canada (the Office) to maintain an effective system of internal control over financial reporting, including information on internal control management, assessment results and related action plans.
The Office is a small organization with low risk associated with its system of internal control. In support of an effective system of internal control, the Office annually assesses the performance of its core financial controls to ensure that:
- Financial arrangements or contracts are entered into only when sufficient funding is available;
- Payments for goods and services are made only when the goods or services have been received or the conditions of contracts or other arrangements have been satisfied;
- Payments have been properly authorized.
Detailed information on the Office’s authority, mandate and core responsibility can be found in the 2021–22 Departmental Plan and the 2020–21 Departmental Results Report.
2. System of internal control over financial reporting
2.1 Internal control management
The Office has a well-established governance and accountability structure to support its assessment and oversight of its system of internal control. An internal control framework, approved by the Commissioner, is in place and includes:
- Organizational accountability structures related to internal control management to support sound financial management, including roles and responsibilities of senior managers for control management in their areas of responsibility;
- Values and ethics;
- Ongoing communication and training on statutory requirements, as well as policies and procedures for sound financial management and control;
- Regular monitoring of internal control management, as well as the provision of related assessment results and action plans to the Commissioner and senior management and, as applicable, the Audit and Evaluation Committee.
The Audit and Evaluation Committee provides advice to the Commissioner on the adequacy and functioning of the Office's risk management, control and governance frameworks and processes.
The Office leverages the results of the annual audits performed by the Office of the Auditor General of Canada and the Canadian Human Rights Commission. A summary of the service arrangements and results of their assessment conducted during the 2021–22 fiscal year is provided in the following sections.
2.2 Service arrangements relevant to financial statements
The Office relies on other organizations for processing certain transactions that are recorded in its financial statements, as follows:
Common service arrangements
- Public Services and Procurement Canada, which administers the payment of salaries and provides accommodation services;
- Shared Services Canada, which provides IT infrastructure services;
- The Office of the Auditor General of Canada, which provides audit services, including the audit of the financial statements;
- The Treasury Board of Canada Secretariat, which provides information on public service insurance and centrally administers payment of the employer’s share of contributions toward statutory employee benefit plans.
The Canadian Human Rights Commission (CHRC) provides services in the areas of financial management, information technology, human resources system access, procurement advice and a financial system platform to capture and report all financial transactions. CHRC has the responsibility of verifying and processing financial information received from the Office that is entered in the financial system. As a result, the Office relies on CHRC’s internal controls over financial reporting to process the financial data that has been approved, authorized and transmitted by the Office.
Public Services and Procurement Canada (PSPC) provides human resources management services to the Office, including staffing, classification, compensation, labour relations and human resources system data entry. PSPC has the responsibilities to ensure that the compensation and payroll issues are being addressed.
Readers of this annex may refer to the annexes of the above-noted departments for a greater understanding of the systems of internal control over financial reporting related to these specific services.
3. Assessment results during the 2021–22 fiscal year
The following table summarizes the status of the ongoing monitoring activities according to the previous fiscal year’s rotational plan.
Progress during the 2021–22 fiscal year
|Previous fiscal year’s rotational ongoing monitoring plan for the current fiscal year
|IT general controls, payroll, financial close
|Completed as planned; areas of improvements have been identified.
|Entity-level controls, operating expenditures, capital expenditures, master data on vendors, contributions
|During the current fiscal year, there were no significant changes to key controls in existing processes that required reassessment.
As a service provider and as part of the requirements of Treasury Board policies, CHRC is required to assess the following:
- Key controls within business process;
- IT general controls.
The assessment considered the controls in place at CHRC in providing services to various clients. The testing of internal controls over financial reporting has included transactions processed for the Office. The assessment revealed that the key internal controls over the payments to suppliers and financial reporting business processes were strong and operating effectively. As a result of the testing performed, the IT general controls related to systems are generally appropriate and can be relied upon.
The Office financial statements were audited by the Office of the Auditor General of Canada and present fairly, in all material respects, the financial position of the Office as at 31 March 2022.
The key findings and significant adjustments required from the current fiscal year’s assessment activities are summarized below.
New or significantly amended key controls
In the current fiscal year, there were no significantly amended key controls in existing processes. However, following the assessment results, it was determined that a reassessment is required to improve controls within the majority of the Office’s business processes. The basis of the reassessment is mostly related to changes in some processes due to the COVID-19 pandemic and to the continuous improvement of the Office’s internal controls.
4. Action plan for subsequent fiscal years
The Office's rotational ongoing monitoring plan over the next three fiscal years is shown in the following table. The ongoing monitoring plan is based on:
- An annual validation of high-risk processes and controls;
- Related adjustments to the ongoing monitoring plan, as required.
Rotational ongoing monitoring plan
|Key control areas
|Entity-level controls (every 3 years)
|IT general controls
|Based on service provider
|Based on service provider
|Based on service provider
|Operating expenditures (every 3 years)
|Capital expenditures (every 3 years)
|Master data on vendors (every 3 years)
|Contributions (every 3 years)