Fiscal year 2024-2025 - Annex to the Statement of Management Responsibility Including Internal Control over Financial Reporting - Unaudited
On this page
Fiscal year -
1. Introduction
This document provides summary information on the measures taken by the Canadian Space Agency (CSA) to maintain an effective system of internal control over financial reporting (ICFR) as well as information on internal control management, assessment results and related action plans.
Detailed information on the department's authority, mandate and core responsibilities can be found in the Departmental Plan and the Departmental Results Report for the - fiscal year.
2. Departmental system of internal control over financial reporting
In this section
2.1 Internal control management
The CSA has a well-established governance and accountability structure to support departmental assessment efforts and oversight of its system of internal control.
A departmental internal control management framework is in place and comprises:
- Organizational accountability structures as they relate to internal control management to support sound financial management, including the roles and responsibilities of senior departmental managers for control management in their areas of responsibility.
- Values and ethics.
- Ongoing communication for sound financial management and control.
- Monitoring and regular updates on internal control management, as well as the provision of related assessment results and action plans to the deputy head and senior departmental management and, as applicable, the Departmental Audit Committee.
The Departmental Audit Committee (DAC) receives a summary of findings and action plans annually. DAC is an independent advisory committee to the deputy head. It is responsible to provide advice to the deputy head on the adequacy and functioning of the department's risk management, control and governance frameworks and processes.
2.2 Service arrangements relevant to financial statements
The CSA relies on other organizations for processing certain transactions that are recorded in its financial statements, as follows.
2.2.1 Common service arrangements
- Public Services and Procurement Canada (PSPC) administers the payment of salaries and the procurement of some goods and services, and provides accommodation services.
- Shared Services Canada provides the CSA with Information Technology (IT) infrastructure services (data centres, network services, etc.).
- Department of Justice Canada provides legal services.
- Treasury Board of Canada Secretariat provides information on public service insurance and centrally administers payment of the employer's share of contributions toward statutory employee benefit plans.
Readers of this annex may refer to the annexes of the above-noted departments for a greater understanding of the systems of internal control over financial reporting related to these specific services.
2.2.2 Specific arrangements
- The Department of Agriculture and Agri-Food Canada provides the CSA with a financial system platform to capture and report all financial transactions.
- The Department of Transport Canada provides support services for the human resources management system at the CSA.
3. Departmental assessment results for the to fiscal year
The following table summarizes the ongoing monitoring activities, according to the previous fiscal year's rotational plan:
| Key Control Areas | Ongoing Monitoring | Progress Status |
|---|---|---|
| ENTITY LEVEL CONTROLS | ||
| Mandatory training | Yes | Completed as planned; with no significant issues noted. |
| Organizational risk management | Yes | Completed as planned; with no significant issues noted. |
| INTERNAL CONTROLS OVER FINANCIAL MANAGEMENT | ||
| Project management | Yes | The assessment has been postponed. |
| INTERNAL CONTROLS OVER FINANCIAL REPORTING | ||
| Delegation Instrument | Yes | Completed as planned; with no significant issues noted |
| Assignment of delegated authority | Yes | Completed as planned; with no significant issues noted |
| Pay and benefit administration | Yes | Completed as planned; with no significant issues noted |
| Holdbacks on contracts | Yes | Completed as planned; with no significant issues noted |
| GENERAL IT CONTROLS | ||
| IT Controls Specific to Business Process | Yes | Control tests at the financial system level are integrated into the business process at the time of monitoring. |
The key findings and remediation actions from the current fiscal year's assessment activities are summarized in subsections 3.1 and 3.2.
3.1 New or significantly amended key controls
There were no other new or significantly amended key controls in existing processes which required a reassessment in the current fiscal year.
3.2 Ongoing monitoring program
As part of its ongoing monitoring plan, the CSA has completed its reassessment of all key control areas identified in the plan, except for Project Management, which will be finalized during the - fiscal year.
For the most part, the key controls that were tested performed as intended and were shown to be operating effectively to ensure the production of reliable financial information. Recommendations were provided in instances requiring improvement, and action plans are currently being implemented. No significant deficiencies or material weaknesses that could lead to a material misstatement of the financial statements were identified.
4. Departmental Action Plan for the next fiscal year and subsequent fiscal years
CSA's rotational ongoing monitoring plan (OMP) over the next fiscal years, based on an annual validation of the high-risk processes and controls, with related adjustments to the ongoing monitoring plan as required, is shown in the following table.
The agency employs a risk-based approach to determine the frequency of control monitoring, taking into account changes and emerging risks within its operating environment. These factors are reflected in the risk levels assigned to processes which guide the frequency of testing and are incorporated into the overall monitoring plan.
| Key Control Areas | - | - | - | - and Subsequent |
|---|---|---|---|---|
| ENTITY LEVEL CONTROLS | ||||
| Mandatory Training | - | - | - | Oui |
| Performance Appraisal | - | Oui | - | - |
| Organizational Risk Management | - | Oui | - | - |
| INTERNAL CONTROLS OVER FINANCIAL MANAGEMENT | ||||
| Chief Financial Officer Attestation | - | - | - | Oui |
| Costing | - | - | Oui | - |
| Investment Planning | - | - | Oui | - |
| Budgetary Control and Forecasting | - | Oui | - | - |
| Planning and Budgeting | Oui | - | - | - |
| Project Management | Oui | - | - | - |
| INTERNAL CONTROLS OVER FINANCIAL REPORTING | ||||
| Pay and Benefit Administration | - | Oui | - | - |
| Procurement to Payment | - | - | Oui | - |
| Acquisition Card Management | Oui | - | - | - |
| Holdbacks on Contracts | - | - | - | Oui |
| Transfer Payments | - | - | - | Oui |
| Capital Assets (Write-Offs/Disposals) | - | - | - | Oui |
| Travel and Hospitality | - | - | Oui | Oui |
| Delegation Instrument and Assignment of Delegated Authority | - | - | - | Oui |
| Payables at year-end | - | Oui | - | - |
| Month / Year-End Procedures and Financial Reports | Oui | - | - | - |
| GENERAL IT CONTROLS | ||||
| SAP – Access Control | - | Oui | - | - |
| Financial Modernization | - | Oui | - | - |
| IT Controls Specific to Business Process Footnote 1 | Oui | Oui | Oui | Oui |
In addition to the ongoing monitoring rotational plan, the CSA plans to conduct the following updates to risk, documentation and design effectiveness for the following key control areas during the fiscal years indicated:
- Organizational Risk Management: -
- Procurement to Payment: -
- Transfer Payments: - & -
- Financial Modernization: - (new)