Audit Committee Annual Report
Audit and Evaluation Directorate
On behalf of the external members of the Canadian Space Agency (CSA) Audit Committee (AC), I am pleased to submit our first annual report, which covers the 2010-2011 fiscal year. I would like to convey to CSA’s president the appreciation expressed by my external colleagues for including them in the Canadian Space Agency’s Audit Committee.
Fiscal year 2010-2011 was challenging because it was the first full year of operation of the AC. We were exposed to the complexity of the issues involved in the space-related sector internationally, and the strategic role the CSA plays for the Government of Canada as a whole. Although we are in an ongoing learning period, we grasped relatively quickly the context within which the CSA must operate. The CSA interacts with international partners, the industry, other departments, and universities and, as a result, is exposed to risks, and aspects of these risks which it has not fully mastered. This further complicates strategic planning and governance.
This report was prepared in keeping with the requirements in paragraph 4.4.5 of the Directive on Departmental Audit Committees, and contains the following five components:
We are satisfied with the audit reports submitted to us, the recommendations in the reports, and our discussions at the presentations we attended during the year. We are available to discuss the content of this report with you at your convenience.
Alain Jolicoeur, President of the Audit Committee
The CSA Audit Committee is composed of four members, including the deputy head. One of the three external members chairs the AC. The AC recently completed its first year of operation.
During the four meetings held in 2010-2011, the AC had a direct, transparent and constructive dialogue among its members and CSA executives.
Fiscal year 2010-2011 was a year of change at the CSA. A completely new organizational structure was implemented on April 1, 2010. Furthermore, 2010-2011, as well as the previous year, was devoted to developing a completely new program activity architecture, which was implemented on April 1, 2011. As a result of all these changes, the governance and the process in place for developing the corporate risk profile were reviewed. The members of the AC will be asked during the coming year to advise and guide senior management through the development of strategic documents essential to sound management of the CSA.
The following is a summary of the observations the external members prepared for each section of this report:
The 2010-2011 annual report is on the Committee’s roles and responsibilities during the year, in keeping with the charter and annual plan for the CSA’s AC. The external members provided the President of the CSA with objective and independent advice and recommendations on the sufficiency, quality and results of assurance on the adequacy and functioning of the Agency’s risk management, control and governance frameworks and processes.
In the past year, the external members attended orientation sessions in order to better understand the CSA’s operations and thereby enable them to more fully carry out their duties.
The members had the opportunity to comment on and recommend eight audit reports, which contained recommendations deemed appropriate with a view to continuously improving the Agency’s risk management, control and governance frameworks and processes.
In 2010-2011, the AC members were able to review a variety of documents covering all aspects of CSA management, namely, values and ethics framework, the corporate risk profile and risk management, governance and management control framework, financial statements and public accounts, as well as the corporate performance report and the report on plans and priorities. Based on the review of all the documents, it is the opinion of the members of the AC that the CSA has implemented a good number of sound management practices, but, after only one year of operation, the members are not yet ready to provide a comprehensive opinion on their assessment of the internal control system in place at the CSA. Furthermore, the members of the AC are satisfied with the CSA’s efforts to maintain auditable financial statements.
Excellent progress has been made on the internal audit function as the requirements of the Policy on Internal Audit are implemented. Since August 2009, several human resource changes (retirement and sick leave) have had an impact on the capacity of the internal audit function to deliver certain documents on time. This had an impact on the Round VIII assessment of the Management Accountability Framework (MAF). The CSA’s "Audit" management rating went from "Acceptable" to "Opportunity for improvement."
Notwithstanding the foregoing, the audit function was able to conduct and submit to the ACmost of the audit reports that were in its risk-based audit plan. The audit function did not hesitate to bring in professional service providers to remedy the internal human resource shortage and seek the specialized skills required to carry out certain audits.
During fiscal year 2010-2011, the members attended a presentation:
by the Comptroller General of Canada, who explained the role of the comptroller general function, the reasons for creating departmental audit committees in all federal organizations as well as the usefulness of the AC to Canadians, and to the President of the CSA;
by representatives from the Public Service Commission (PSC), who provided an overview of the terms of reference of the PSC and presented a history of the follow-up audit, and the results of the staffing follow-up audit which was conducted at the CSA in 2010; and
by representatives from the Office of the Auditor General (OAG), who presented the role of the OAG, and how the CSA fits into the OAG’s audit plan in the next few years.
Key areas of concern and recommendations for improvement
The members of the AC raised a concern involving the follow-up of management action plans and recommended that an on-going management action plan monitoring system be created to keep them abreast of progress made on the implementation at all AC meetings.
The members also expressed their desire to continue orientation sessions which enable them to further expand their knowledge of the CSA, but would like the sessions to focus more on strategic issues than programming standpoint.
The external members feel that the AC fulfilled its mandate during fiscal year 2010-2011 in keeping with the requirements set out in its charter (see the Audit Committee Charter in Appendix A) and its annual calendar. The AC made significant progress this year by completing its first year of operation. The CSA actively supported the AC by ensuring that it had in its possession all the information it needed to provide the President of the CSA with appropriate advice and guidance. The members of the AC feel they took the appropriate steps to meet the requirements of the Treasury Board Secretariat’s Policy on Internal Audit as well as provide the President of the CSA with informed advice and guidance in order to enhance the CSA’s governance, risk management and management control framework.
The external members provide the President of the CSA with objective, independent advice and recommendations regarding the sufficiency, quality and results of assurance on the adequacy and functioning of the Agency’s risk management, control and governance frameworks and processes. The members assess the various documents submitted to the AC, including the risk-based audit plan (RBAP) and audit reports. During the year, the external members’ role was to recommend for approval by the CSA’s President the various documents submitted. This role will be reviewed in the coming year.
In order to support the President, the Committee exercises in an integrated, risk-focused and systematic way, an oversight of core areas of Agency management, control and accountability, including reporting. In their capacity of strategic resource to the President, the external members also provide such advice and recommendations as may be requested by the President on specific emerging priorities and operational concerns.
The 2010-2011 AC Annual Report is on the roles and responsibilities the Committee undertook in keeping with the charter and annual plan for the CSA’s audit committee.
There are four members in the Committee: the President of the CSA and three external members, one of whom acts as Chair of the Audit Committee.
In 2010-2011, the members of the Committee were:
The Committee met several times during fiscal year 2010-2011, more specifically, at four official meetings in June, September, December and March.
The AC charter meets the requirements of the new Directive on Departmental Audit Committees, and it identifies the responsibilities to be met and the activities to be carried out by the AC. The latter was approved on June 21st, 2010.
The external members attended orientation sessions with a view to better understand the CSA’s operations, including:
Presentation on the organization’s activities and strategies by the directors and/or directors general of the following directorates and/or branches in February 2010:
Presentation on governance, planning and performance by the Director, Governance, Planning and Performance (June 2010);
Presentation on the management accountability framework by the Director, Governance, Planning and Performance (June 2010);
Presentation on the management of corporate risks at the CSA, by the Manager, Program Assurance (June 2010); and
Presentation by the Office of the Auditor General of their mandate and work at the CSA (September 2010).
During the year, the Chief Audit Executive (CAE) submitted eight internal audit reports to be reviewed and recommended for approval by the President of the CSA. The reports covered audits identified in the RBAP. The audits conducted covered governance, risk management and control in all the CSA’s areas of activity.
In fiscal year 2010-2011, the Audit Committee reviewed and recommended for approval by the President of the CSA the following audit reports:
The review of the eight audit reports submitted resulted in all the reports receiving on-the-spot approval. However, minor changes were suggested by the AC members in two reports, and one report was subject to a stronger criticism.
During the year, the Audit Committee held in-camera meetings with the CAE, the Chief Financial Officer (CFO) and the President of the CSA after every AC meeting. These meetings provided the members of the AC with an opportunity to discuss topics openly and freely, including sensitive issues which would be inappropriate to discuss during AC meetings. These meetings also enabled the external members of the AC to obtain more specific information on certain issues.
No Audit Committee self-assessment exercise has been carried out to date. However, since the AC began its activities one year ago, a self-assessment will be conducted in September 2011.
Further to an audit of the values and ethics management framework submitted to the AC on June 21, 2010, the external members of the AC are comfortable with the CSA’s approach to values and ethics. The audit reassured them that there were activities in place to promote values and ethics at the CSA. The follow-up on the implementation of the management action plan, which will be submitted at the next AC meeting in June 2011, will provide a further opportunity to assess the steps taken to enhance the values and ethics management framework at the CSA. The steps to be taken included the development of a values and ethics communication plan, the re-establishment of the values and ethics steering committee in order to continue the activities of the values and ethics program and the awareness of staff with regards to the process of disclosure of wrongdoing in force at the CSA.
The members of the AC were given a presentation on corporate risk management on June 22, 2010 which included the 2009-2010 corporate risk profile. A discussion followed on, among other things, the importance and impact of partners in terms of corporate risks.
Recently, the members of the AC were told that a completely new corporate risk identification approach and methodology was being developed and that the new approach would be presented to them at the AC meeting in June 2011.
Since a new corporate risk profile is being developed and the AC is in its first year of operation, the AC decided that it would not be appropriate at this stage to draw any specific conclusions on risk management. However, the AC is of the opinion that the risks are divided into two categories: the risks associated with the operating processes and strategic risks, and considers that strategic risks are more difficult to assess.
In 2010-2011, the members of the AC had a chance to review and comment on the results of the CSA’s Round VII assessment of the Management Accountability Framework (MAF), as well as the preliminary results of Round VIII for the Area of Management "Audit". As mentioned in detail in Section 5.2 of this report, the members are of the opinion that the resources allocated to the internal audit activity will be a challenge in the coming year.
The members of the AC were also exposed to various components of the management control framework throughout the year, mainly through presentations of audit reports, of current procedures in place for preparing auditable financial statements or public accounts, or even during presentation sessions designed to inform AC members of the CSA’s activities.
After just over one year of operation, the AC does not feel it can express a definitive opinion on the adequacy of the management control framework.
Discussions on the context, roles and functions of the Governance, Planning and Performance Group were held at the AC meeting on June 22, 2010. The members of the AC found that in terms of governance, there is a decision-making structure in place and it seems to be solid. There is, however, a new governance model which is currently being developed at the CSA. When the development of this new model reaches a relatively advanced stage, the latter will be presented to the AC members for comments.
The AC members reviewed and commented on the draft version of the CSA’s financial statements. Their comments were taken into account in the final version of the financial statements. The AC members noted that the financial statements were properly prepared and were in keeping with current accounting standards. Furthermore, to the best of their knowledge, the members did not find any material misstatements or omissions in the financial statements.
In December 2010, a presentation was made to the members of the AC to inform them of what stage had been reached in the preparation of auditable financial statements and future-oriented financial statements. Discussions were held on what had been achieved to date in terms of being able to produce auditable financial statements. Several controls had in fact been documented, most assets had been scanned, and an inventory item mapping exercise was being carried out. The AC members are satisfied with the efforts the CSA made to have auditable financial statements. As far as future-oriented financial statements are concerned, the latter will be useful for planning and control purposes. The members suggested that one paragraph be added to the letter of transmittal to Treasury Board to the effect that the members of the AC have reviewed and recommend the future-oriented financial statements.
The Director, Governance, Planning and Performance presented the CSA’s 2009-2010 Departmental Performance Report (DPR) to the AC on September 13, 2010. The external members of the AC indicated that the report properly described the activities carried out by the CSA and that they did not notice any key material misstatements or omissions. Having said that, the members feel that when they read the document as presented, it is hard to get an overall idea of the CSA’s performance and that it would be easier to understand if there were an executive summary. The members of the AC generally felt that the DPR should be a little less descriptive and more analytical. The person responsible for preparing the DPR mentioned that he would consider the idea of including an executive summary in the DPR; it would place the reader in the proper context right from the beginning of the document.
The Director, Governance, Planning and Performance presented a preliminary version of the CSA’s 2011-2012 Report on Plans and Priorities (RPP) to the AC on December 8, 2010. The members made comments, but no overall assessment has been made to date. The members did not notice any key material misstatements or omissions. The members of the AC will review the final version of the 2011-2012 RPP at the June 2011 meeting to determine the extent to which the comments made after the Committee reviewed the preliminary version were included in the final version of the document.
The internal audit function met all the requirements of the Policy on Internal Audit. The AC was created in late 2009-2010. The AC completed its first year of operation in 2010-2011.
The AC provided its opinion on the following aspects of the internal audit function:
An accountability framework, which includes its mission, authority and its responsibilities, is in the Internal Audit Charter. The AC approved the latter on June 22, 2010.
The CSA’s organizational structure ensures that the audit function is independent because audit staff reports to the CAE, who reports directly to the President of the CSA. The internal audit charter guarantees audit staff free access to all the information, files, staff and consultants depending on their needs, and ensures that the internal audit function is not prevented from carrying out its responsibilities and is free to present its findings to the President, the AC and to the Comptroller General of Canada.
Several changes with an impact on the capacity of the internal audit function have occurred since August 2009. As a result of the extended absence of the CAE, the position was filled on an acting basis starting in August 2009 by an experienced project manager who is a Certified Internal Auditor (CIA). A staffing process was launched in fall 2010 to fill the CAE position. The process is currently being conducted and should be completed by August 2011.
A new administrative assistant position was added to the audit and evaluation team. The position was filled in February 2010. The incumbent of this position spends a little over 50% of her time on the internal audit function. Two senior auditors also joined the internal audit team in December 2009 and April 2010. These were also two new positions. A project leader position was vacated in April 2010. That position was filled in November 2010 through a one-year secondment, which will allow the organizational chart of the internal audit function to be reviewed.
To ensure that all the required skills and resources were available to conduct the audits identified in the RBAP, during fiscal year 2010-2011, the internal audit function used external services for certain more specialized audits, such as the contracting and procurement management audit and the audit of the financial analysis of investment projects.
The members of the AC are satisfied with the progress made regarding internal audit resources, but are nevertheless surprised by the limited number of resources allocated to the internal audit function compared to its responsibilities.
The CAE submitted the RBAP for fiscal years 2010‑2011 to 2012‑2013 at the December 2010 meeting. This year, the CAE plans to submit the RBAP for fiscal years 2011-2012 to 2013-2014 at the AC meeting in June 2011. The methodology for developing the RBAP was reviewed with a view to more closely applying the guidelines in the Office of the Comptroller General of Canada (OCG) Internal Audit Planning for Departments and Agencies. The new methodology was presented at the AC meeting on March 21, 2011 to inform the members of it and to obtain their contribution.
The follow-up report on the implementation of the recommendations from the 2008-2009 self-assessment of the internal audit function’s compliance with Institute of Internal Auditor standards submitted to the AC on March 21, 2011 sets out the progress achieved on the implementation of the recommendations. Three of the seven recommendations have been 100% implemented, two are being implemented, and are 75% implemented, and the remaining two are being implemented and are 25% implemented.
Improvements have been made to the audit practices with regards to keeping proper audit work files. The new methodology currently being used to develop the RBAP, the completion of the audit manual, and the involvement of the internal audit function in the development of corporate systems will finalize the implementation of the recommendations.
An external practice inspection of the internal audit function is scheduled for 2012-2013.
As mentioned in Section 3.2 of this report, during the year, the CAE submitted eight internal audit reports to be reviewed and recommended for approval by the President of the CSA. The audits covered in the reports were those identified in the RBAP. The audits conducted covered governance, risk management and control in all the CSA’s sectors of activity.
A list of audit reports approved in 2010‑2011 is provided in Section 3.2 of this report.
At the June 2010 meeting, the CAE presented to the AC the annual report on the follow-up of management action plans dated March 31, 2010. The report covered 10 audit engagements which were in the process of being implemented. The implementation of the recommendations in seven out of 10 of the audit reports presented had been virtually completed. The three reports for which the implementation of the recommendations was just starting were the most recent reports (June 2009). A somewhat worrisome finding was that one recommendation in a 2002 report had still not been implemented. As a result, the members of the AC indicated that they wanted to be updated, every meeting, on the progress made on the actions identified in the management action plan. If need be, the members wanted to meet with the managers responsible for the delay in taking certain actions. The CAE mentioned that the plans for 2011-2012 included setting up an on-going monitoring process for the implementation of the recommendations. An update on the implementation of management action plans would therefore be presented at every AC meeting.
Office of the Comptroller General
At the first meeting of the AC in February 2010, the Comptroller General of Canada came to meet the members of the Committee and explained the role of the comptroller general function, the reason for creating departmental audit committees in all federal organizations as well as the usefulness of the AC for Canadians and the President of the CSA. The audit committee is essentially there to support the president by providing him with advice and guidance.
Public Service Commission
In September 2010, the Vice-President, Audit and Data Services Branch, and the Director General, Audit Branch, Public Service Commission (PSC), presented the results of the staffing follow-up audit conducted at the CSA in 2010. The Director General, Audit Branch, PSC, provided an overview of the mandate of the PSC and provided the context for the follow-up audit. He referred to the audit criteria and the findings from the current audit. The Vice-President, reported that the results were positive, that the required systems and practices were in place and that the next step was to obtain the PSC’s final approval of the report. She also mentioned that the PSC was pleased that an AC had been created at the CSA. The members of the AC noted that subsequent to this follow-up audit, the CSA recovered its full staffing authority.
Office of the Auditor General
In September 2010, the Assistant Auditor General of Canada, and the Principal of the Montreal office of the Office of the Auditor General of Canada (OAG), explained the role of the OAG to the members of the AC and how the CSA fits into the OAG’s audit plans in the next few years. Aside from the audits of certain items in the CSA’s financial statements, including capital assets, no audits of the CSA are planned in the near future. The Principal mentioned that the last two OAG audits of the CSA date back to 2002 (with a follow-up in 2006) and to 2010 for capital assets.
The members of the AC raised a key concern and some suggestions to be looked at in the coming year. The key concern raised is the follow-up of management action plans which is conducted annually only. The members of the AC indicated that they would like to be updated on the implementation of management action plans at every AC meeting. As mentioned in Section 5.7 of this report, the members of the AC feel that it takes too long for some recommendations to be implemented, and the members would like the managers accountable for the implementation of the particular recommendations to come explain themselves directly to the members of the AC. By doing this, they hope to have a positive impact on the implementation of the recommendations by reducing the delay in implementing them and this would consequently improve the control process at the CSA. The members therefore recommend that an ongoing monitoring system be created for the implementation of management action plans.
Among the other suggestions made by the members, there is the the member orientation sessions that should continue as it enables them to further expand their knowledge of the CSA, particularly from a strategic rather than programming standpoint. The members would also appreciate having the opportunity to continue dialogues or discussions with CSA executives in order to better understand the CSA’s strategic risks, challenges and issues.
The external members feel that the AC fulfilled its mandate in fiscal year 2010-2011 in keeping with the requirements set out in its Charter (see the Audit Committee Charter in Appendix A) and its annual calendar. The AC made significant progress this year by completing its first year of operation. The CSA actively supported the AC by ensuring it had all the information it needed in its possession to provide the President of the CSA with appropriate advice and guidance. The members of the AC feel they took the appropriate steps to meet the requirements of the Treasury Board Secretariat’s Policy on Internal Audit by providing the President of the CSA with informed advice and guidance in order to enhance the governance, risk management and management control framework at the CSA.
The Policy on Internal Audit of the federal government that came into effect on July 1, 2009, replaces the previous version dated April 1, 2006.
This policy is designed to ensure that, at both departmental and government-wide levels, internal audit and audit committees provide deputy heads and the Comptroller General, respectively, with added assurance and advice, independent from line management, on risk management, control and governance processes.
In this context, the Audit Committee is an essential component of the Canadian Space Agency's (CSA) governance structure and a critical aspect of a strong and credible internal audit regime.
The deputy head is responsible for establishing the Audit Committee. Authority in this regard is derived from the Policy on Internal Audit and the Treasury Board Directive on Departmental Audit Committees. The policy and directive also set out the basic parameters for the composition and operation of the Audit Committee as well as its responsibilities, duties, and accountability.
One provision of the directive is that the Audit Committee documents its role, responsibilities, and operation in a charter.
The Audit Committee provides objective advice and recommendations to the deputy head regarding the sufficiency, quality and results of assurance on the adequacy and functioning of the department's risk management, control and governance frameworks and processes (including accountability and auditing systems). In order to give this support to the deputy head, the audit committee will exercise oversight of core areas of departmental management, control and accountability, including reporting. This will be done in an integrated, risk-focused and systematic way.
The Audit Committee as a strategic resource to the deputy head, will also provide such advice and recommendations as may be requested by the deputy head on specific emerging priorities, concerns, risks, opportunities and/or accountability reporting.
Audit Committee Membership
The Audit Committee is composed of four members including the deputy head. The external three members are jointly selected by the deputy head and the Comptroller General, and are approved by the Treasury Board.
An external member chairs the Audit Committee.
The Chair calls meetings of the Committee, sets the meeting agenda and manages the meetings. Committee agendas will be finalized in consultation with the deputy head.
Tenure and terms of office
An external member shall serve no more than two terms. A full term of office is four years. However, to ensure continuity within the Audit Committee, engagement of members by the deputy head can be staggered. This means that the initial term of office of some members may be less than four years.
Audit Committee Meetings
The Audit Committee will meet at least four times a year. The Audit committees will schedule its meetings at least six months in advance so that CSA’s management and auditors can prepare the information and reports required to support the committee's work. Rescheduling of audit committee meetings will be by exception only.
The deputy head will have the option of meeting with the committee at any time to be briefed on the results of its deliberations and ask any advice he may need.
The quorum for a meeting shall be the majority of the members (3). No alternates shall be permitted.
Preparation and attendance by members
To enhance the effectiveness of the Audit Committee’s meetings, each member shall:
Devote the time needed to prepare for and participate in each meeting by reading the reports and background materials provided for the meeting; and
Maintain an excellent meeting attendance record.
Attendance by non-members
The Chief Financial Officer (CFO) and the Chief Audit Executive (CAE) will attend all meetings of the Audit Committee. The chair may request the attendance of other CSA officials.
As necessary, the chair shall ask a senior representative of the Office of the Auditor General (OAG) of Canada to attend the meeting to discuss the OAG’s plans, findings, and concerns. The chair may, as necessary, also ask Treasury Board of Canada Secretariat officials to attend audit committee meetings.
Minutes of meetings
Minutes of each meeting will be kept and will contain a record of the persons present. The minutes provide a record of decisions taken and a summary of the discussion, providing insight on the topics and subtopics discussed.
As part of each meeting of the Audit Committee, the committee will normally meet individually in camera with the CSA’s CFO, the CAE, the CSA’s President, the representative of the OAG when in attendance and any other officials the committee may determine.
Access by/to the Audit Committee
The Audit Committee has unfettered access to the CAE and the CFO and to other CSA employees and documentation (subject to applicable legislation) as may be required to fulfill its responsibilities.
The CAE and CFO have unfettered access to the Audit Committee and its chair.
Plan for Audit Committee activity
The chair of the Audit Committee will prepare a plan to ensure that the annual and ongoing responsibilities of the Audit Committee are scheduled and fully addressed. The plan will be presented to the committee for its approval.
Audit Committee orientation, training, and continuing education
The role of the Audit Committee can be fulfilled only if its members are well informed. Members will receive formal orientation and training on the Audit Committee’s purpose, responsibilities, and objectives and on the business of CSA. A process of continuing education – e.g., briefings and information on emerging issues and risks – will also be put in place.
Support to the Audit Committee
The Audit Committee will be provided with the resources necessary to carry out its role, responsibilities, and duties. To the extent it deems necessary to meet its responsibilities, and in keeping with its terms of reference, the Audit Committee has the authority to retain independent advice and assistance.
Secretariat support to the operation of the Audit Committee will be provided. This includes:
The timely preparation of all notices and agendas of meetings;
Coordination of presentations and distribution of reports and/or related documents that are prepared for the Audit Committee’s information or consideration;
The timely preparation and distribution of minutes of meetings; and
Performance of other duties as may be assigned.
Responsibilities and duties
The key areas of responsibility that will normally fall within the scope of concern of the Audit Committee are presented below. However, the particular emphasis and priorities for the committee will be set by the deputy head in consultation with the committee and in consideration of the particular CSA mandate, objectives and priorities, as well as the corresponding risks affecting the CSA and the government. Accordingly, the deputy head is responsible for ensuring that each of the following key areas is reviewed with an appropriate risk-guided focus and cycle:
Values and ethics: The arrangements established by management to exemplify and promote public service values and to ensure compliance with laws, regulations, policies and standards of ethical conduct;
Risk management: The corporate risk profile and the Agency’s risk management arrangements; and
Management control framework: The Agency’s internal control arrangements, including audits that may be initiated by managers (e.g. audits of transfer payment recipients).
Internal audit function
The Audit Committee shall:
Recommend, and review regularly, the CSA's internal audit charter for approval by the deputy head;
Monitor the adequacy of resources of the internal audit function;
Review and recommend for approval the annual risk assessment and the multi-year internal audit plan prepared by the CAE;
Monitor and assess the performance of the internal audit function;
Provide advice to the deputy head on the recruitment and appointment, as well on the performance, of the CAE;
Receive and approve internal auditing reports and management action plans to address recommendations; and;
Receive and review regular reports on progress against the internal audit plan, including an annual status report from the CAE on such progress;
Be made aware of audit engagements or tasks that do not result in a report to the Audit Committee and be informed of all matters of significance arising from such work.
With regard to the Office of the Auditor General of Canada (OAG) and central agencies, the Audit Committee shall:
Advise the deputy head on the adequacy of arrangements to support the OAG, other agents of Parliament and central agencies in doing audit work in the CSA;
Be briefed on audit work relating to the CSA to be undertaken by the OAG, other agents of Parliament, or central agencies;
Review draft audit reports of the OAG, other agents of Parliament and central agencies, as may be referred by the deputy head, and as may be requested by the deputy head, recommend for approval CSA responses and action plans;
Be briefed on audit-related issues and priorities raised by central agencies and, as may be requested by the deputy head, make recommendations on required action; and
Be briefed, and advise the deputy head on, the impact of government-wide initiatives to improve management practices.
With regard to follow-up on management action plans:
The audit committee will advise the deputy head on the effectiveness of arrangements in place to monitor and follow-up on management action plans responding to recommendations from internal audits, the OAG, other auditors or central agencies.
The CAE is responsible for routinely reporting to the Audit Committee on whether management's action plans have been implemented and, based on risk-targeted follow-up work, whether there is reason to question the effectiveness of the actions taken. The CAE's reporting will identify any areas where it is considered that management has accepted a level of risk that is unacceptable to the department or to the government.
With regard to financial statements and Public Accounts reporting, the Audit Committee shall:
Review CSA's financial statements with management and all significant accounting estimates and judgments therein and advise the deputy head on any apparent material concerns that could impact the accuracy of financial statements.
When the CSA's financial statements are audited, the Audit Committee will review:
The financial statements with the external auditor and senior management, discuss any significant adjustments to the statements required as a result of the audit, and any difficulties or disputes with management encountered in the course of the audit;
The management letters arising from the external audit of the CSA's financial statements or the Public Accounts;
The auditor’s findings and recommendations relating to the internal controls in place for financial statement reporting; and
As appropriate, the performance of the external auditor.
With regard to risk and departmental accountability reporting, the Audit Committee:
Will review the CSA's Corporate Risk profile and provide any related advice to the deputy head.
Will also receive copies of the Report on Plans and Priorities, the Departmental Performance Report and other CSA significant accountability reports. These reports provide context for the Audit Committees’ deliberations and advice to the deputy head. In the course of reviewing these documents, the Audit Committee will be attentive to, and provide advice on, any material misstatements or omissions that may come to their attention.
Assesment of the audit committee’s performance
Audit Committee self-assessment
The Audit Committee will periodically self-assess its performance.
Note: The objective of this is to contribute to a process of continuing improvement in the Audit Committee’s execution of its responsibilities. The discussion that takes place among members with respect to the results and implications of the self-assessment is an integral aspect of this process.
Accountability reporting by the audit committee
The Audit Committee shall prepare an annual report to the deputy head that will:
Summarize the Audit Committee’s activities undertaken and the results of its reviews;
Provide the Audit Committee’s assessment of the CSA's system of internal controls;
Document any significant concerns the Audit Committee may have in relation to the agency’s risk management, control and governance framework and processes;
Provide the Audit Committee’s assessment of the capacity and performance of the internal audit function;
Provide, as needed, recommendations for the improvement of risk management, controls, and accountability processes, including recommendations for the improvement of the CSA’s internal audit function; and
Provide such other information or documentation that the Audit Committee deems important to best convey a fair and complete picture of its activity and results and the context within which this ought to be viewed (e.g., it is good practice for the Audit Committee to disclose or include its charter in its annual report).
The deputy head will be fully briefed in advance of the finalization of this annual report.
This annual report will be made available to the Comptroller General without undue delay (i.e. normally, within one or two months of its transmittal to the deputy head).
Review of the Audit Committee Charter
The Audit Committee shall review periodically the appropriateness of its charter, for reaffirmation by the deputy head.
Audit Committee Activities and Timetable
An annual calendar stating the activities to be undertaken by the Audit Committee has been established and will be updated on a regular basis.