Annex to the Statement of Management Responsibility Including Internal Control Over Financial Reporting
Download the PDF version (96 KB)
Summary of the assessment of effectiveness of the system of internal control over financial reporting and the action plan for the Canadian Space Agency for fiscal year 2012-2013 (unaudited)
This document provides summary information on the measures taken by the Canadian Space Agency (CSA) to maintain an effective system of internal control over financial reporting (ICFR) including information on internal control management, assessment results and related action plans.
2. Canadian Space Agency's Control Environment Relevant to ICFR
The CSA acknowledges that it is senior management's responsibility to set the tone so that employees at all levels understand the part they play in maintaining an effective system of ICFR and are able to carry out effectively their responsibilities in this regard. The CSA's priority is to ensure that risks are properly managed within a flexible, risk based control environment that enables continuous improvement and innovation.
2.1 Positions, Roles and Key Responsibilities
The CSA's key positions and committees that have the responsibility for maintaining and monitoring the effectiveness of the system of ICFR are described below.
As deputy head, the CSA's President assumes the overall responsibility and leadership with respect to the measures taken to ensure the effectiveness of the system of ICFR, chairs the Executive Committee and is a member of the Audit Committee. As President, he approves the Framework for Internal Control Over Financial Reporting and signs annually the CSA's Statement of Management Responsibility Including Internal Control Over Financial Reporting which accompanies the financial statements as well as the Letter of Representation regarding financial information reported in the Public Accounts of Canada.
Chief Financial Officer (CFO)
The CFO reports directly to the President and provides a leadership role in coordinating and ensuring the consistency and direction on the design and maintenance of an effective and integrated system of ICFR, including its annual assessments. The management of the organisation's risk profile is under the CFO's responsibility. The CFO chairs the Financial Management Committee and assists at the Audit Committee. The CFO also signs annually the CSA's Statement of Management Responsibility Including Internal Control Over Financial Reporting which accompanies the financial statements as well as the Letter of Representation regarding financial information reported in the Public Accounts of Canada.
Chief Audit Officer (CAO)
The CAO reports directly to the President and is independent of the line managers. The CAO provides assurance by conducting periodic internal audits, which are essential for maintaining the system of ICFR's effectiveness. The CAO also assists at the Audit Committee.
Audit Committee (AC)
The AC reports to the President of the CSA. It is an advisory committee whose mandate is to provide objective advice and oversee management control and accountability procedures. The AC met for the first time on February 18, 2010. In 2012-2013, the AC had two meetings, participated in six teleconferences and two work sessions. The CSA President, two ex-officio members whom are the CAO and the CFO, and three external members, one of whom chairs the Committee, form the AC. The AC reviews amongst others, the CSA's risk profile and internal control system, including assessments and action plans associated with the system of ICFR as well as the financial reports. The AC also recommends the financial statements to the President for signature.
Executive Committee (EC)
The CSA's EC, chaired by the President, is the CSA's official decision making body. As such, the EC is responsible for governance and control over the CSA's programs and activities. In accordance with its mandate, the EC is responsible for all management, monitoring and control of activities. The EC members review, approve and monitor the organization's risk profile and its internal control system, particularly by regular updates on assessments and action plans related to the system of ICFR.
2.2 Main Entity Level Controls
The CSA's control environment includes a series of measures to help employees manage risks effectively by increasing their awareness and knowledge, providing them with appropriate tools and upgrading their skills. The main measures include the following :
2.3 Service Arrangements Relevant to Financial Statements
The CSA relies on other organizations for the processing of certain transactions that are recorded in its financial statements :
Common Arrangements :
Specific Arrangements :
3. Assessment results during fiscal year 2012-2013
During 2012-2013, the CSA significantly progressed in design effectiveness testing in all key control areas and also significantly progressed in operating effectiveness testing for the process level control areas.
3.1 Design effectiveness testing of key controls
In the current year, the CSA completed design effectiveness testing of the following control elements: mandatory training, performance appraisal, delegation instrument, assignment of delegated authority, general IT controls and write-off and disposal.
As a result of design effectiveness testing, the CSA identified the following main corrective measures required :
Assignment of delegated authority
General IT controls
Write-off and disposal
3.2 Operating effectiveness testing of key controls
In 2012-2013, the CSA completed operating effectiveness testing for payroll, operating expenditures (procurement to payment), travel and hospitality, transfer payments as well as for month / year-end procedures and financial reports.
As a result of the operating effectiveness testing, the CSA identified the following main corrective measures required :
Operating expenditures, travel and hospitality
Month / year end procedures and financial reports
3.3 On-going monitoring of key controls
The CSA has not started the on-going monitoring of key controls in 2012-2013.
4. Canadian Space Agency's Action Plan
4.1 Progress during fiscal year 2012-2013
During 2012-2013, the CSA continued to make significant progress in assessing and improving its key controls and the progress status is in line with the Treasury Board Secretariat's expectations. The progress made by the CSA based on the plans identified in the previous fiscal year's annex are summarized as follows :
|Elements in previous year's action plan identified for 2012-2013||Progress Status|
|Key Control Areas||Documentation||Effectiveness
and Action Plan
|Entity level controls|
|Organizational Risk Management||Yes||The documentation is complete.|
|Performance Appraisal and Mandatory Training||Yes||Design effectiveness testing is complete, weaknesses have been identified and the corrective measures have been implemented.|
|Delegation Instrument and Assignment of Delegated Authority||Yes|
|General IT controls|
|Access & Development of Modules / Functionalities||Yes||Design effectiveness testing is complete, weaknesses have been identified and the corrective measures have been implemented.|
|Process level controls|
|Payroll||Yes||Yes||Yes||Design and Operating effectiveness testing are complete, weaknesses have been identified and the corrective measures will all be implemented in 2013-2014.|
|Travel and Hospitality||Yes||Yes||Operating effectiveness testing is complete, weaknesses have been identified and the corrective measures have been implemented.|
|Operating Expenditures - Procurement to Payment||Yes||Yes|
|Write-Off and Disposal||Yes||Design effectiveness testing is complete, weaknesses have been identified and the corrective measures will all be implemented in 2013-2014.|
|Work in Progress - Capital Assets||Yes||Design effectiveness testing has been deferred to 2013-2014 since the risk was low because the Office of the Auditor General of Canada annually audits this expenditure item and that no weaknesses have been previously identified.|
|Transfer Payments||Yes||Only the design effectiveness testing was planned for 2012-2013 however, operating effectiveness testing was also conducted and weaknesses have been identified. The corrective measures have been implemented for Month / Year-End Procedures and financial reports and will all be implemented in 2013-2014 in regards to Transfer Payments.|
|Month / Year-End Procedures and Financial Reports||Yes|
4.2 Status and action plan for the next fiscal year and subsequent years
Due to progress to date, the CSA will complete the design effectiveness testing and the associated corrective measures in 2013-2014 and will complete the full assessment of its system of ICFR in 2014-2015. At that time, the CSA will be applying its rotational on-going monitoring plan to reassess control performances on a risk basis across all control areas. The status and action plan for the completion of the identified control areas for the next fiscal year (Year 1, 2013-2014) and the subsequent years (Year 2, 2014-2015 and Year 3, 2015-2016) are as follows:
|Key Control Areas||Assessment Elements|
|Design effectiveness testing and corrective measures||Operating effectiveness testing and corrective measures||On-going monitoring rotationFootnote 1|
|Entity level controls|
|Organizational Risk Management||Year 1||Year 1||Future years|
|Performance Appraisal and Mandatory Training||Completed||Year 2||Future years|
|Delegation Instrument and Assignment of Delegated Authority||Completed||Year 1||Year 2|
|Budgeting and Forecast Performance||Year 1||Year 2||Future years|
|General IT controls|
|General IT Controls||Completed||Year 1||Year 3|
|Process level controls|
|Travel and Hospitality||Completed||Completed||Year 3|
|Operating Expenditures - Procurement to Payment||Completed||Completed||Year 2|
|Write-Off and Disposal||Completed||Year 1||Year 2|
|Work in Progress - Capital Assets||Year 1||Year 2||Year 3|
|Transfer Payments||Completed||Completed||Year 1|
|Month / Year-End Procedures and Financial Reports||Completed||Completed||Year 3|
Consultations with the Audit Committee will continue in order to get independent advice on the CSA's system of ICFR, including advice on governance and risk management. Also, the CSA will continue to look for opportunities to strengthen its controls while considering assessment results and annual audits.
- Footnote 1
The frequency of the on-going monitoring of key control areas is risk-based and may occur over a multi-year cycle.
- Date modified: