This document provides summary information on the measures taken by the Office of the Public Sector Integrity Commissioner (the Office) to maintain an effective system of internal control over financial reporting (ICFR), including information on internal control management, assessment results and related action plans.
Detailed information on the Office’s authority, mandate and program activities can be found in the 2014-15 Departmental Performance Report, the 2015-16 Report on Plans and Priorities and the 2015-16 Annual Report.
2. Departmental system of internal control over financial reporting
2.1 Internal control management
The Office has a well-established governance and accountability structure to support its assessment efforts and oversight of its system of internal control. An internal control management framework, approved by the Commissioner, is in place and includes:
- Organizational accountability structures as they relate to internal control management to support sound financial management, including roles and responsibilities of senior managers in their areas of responsibility for control management;
- A code of values and ethics;
- Ongoing communication and training on statutory requirements, and policies and procedures for sound financial management and control; and
- At least annual monitoring of and regular updates on internal control management, as well as the provision of related assessment results and action plans to the Commissioner and senior management and, as applicable, the Audit and Evaluation Committee.
The Audit and Evaluation Committee provides advice to the Commissioner on the adequacy and functioning of the department's risk management, control and governance frameworks and processes.
2.2 Service arrangements relevant to financial statements
The Office relies on other organizations for the processing of certain transactions that are recorded in its financial statements as follows:
- Public Services and Procurement Canada centrally administers the payments of salaries and the procurement of goods and services in accordance with the Office’s Delegation of Authority, and provides accommodation services;
- The Treasury Board of Canada Secretariat provides the Office with information used to calculate various accruals and allowances.
- The Canadian Human Rights Commission (CHRC) provides information technology (IT) infrastructure services and a financial system platform to capture, process and report all financial transactions. The scope and responsibilities are addressed in the interdepartmental arrangement between CHRC and the Office, as well as in the attestation and summary of results prepared by CHRC on its ICFR in regards to the impact it has on its clients. PSIC relies on CHRC’s internal controls over financial reporting and the financial management system to process the financial data that has been approved, authorized and transmitted by the Office. The Office is responsible to ensure that the financial reports are accurate and fairly present the financial results and position.
3. Departmental assessment results during fiscal year 2015-16
The key findings and significant adjustments required from the current year’s assessment activities are summarized below.
New or significantly amended key controls: In the current year, there were no significantly amended key controls in existing processes which required a reassessment. Design and operating effectiveness testing, in collaboration with CHRC, was conducted on the key controls for a new payroll subsystem. Significant adjustments were not required for the new key controls.
Ongoing monitoring program: As part of its ongoing monitoring plan, the Office reviews and updates annually its process flows and narratives, which includes documenting controls. No significant control issues were found. In an environment of centralized operations, micro size organization and limited types of transactions recorded, finance utilizes substantive procedures and detailed variance reporting to efficiently obtain additional internal assurance over the financial reporting.
4. Departmental action plan
4.1 Progress during fiscal year 2015-16
The Office continued to conduct its ongoing monitoring according to the previous fiscal year’s rotational plan as shown in the following table.
|Previous year's rotational ongoing monitoring plan for current year||Status|
|Entity-level controls (2015-16)||Completed as planned; no remedial actions required.|
|IT general controls (2015-16)||Delayed to 2016-17|
|Operating expenditures (2015-16)||Completed as planned; remedial actions started.|
|Payroll (2015-16)||Delayed to 2016-17|
4.2 Action plan for the next fiscal year and subsequent years
The Office's rotational ongoing monitoring plan over the next three years, based on an annual validation of the high-risk processes and controls and related adjustments to the ongoing monitoring plan as required, is shown in the following table.
|Key control areas||Fiscal year
|IT general controls*||Yes||No||No|
|Master data on vendors||No||Yes||No|
* Under Office management