Recommendation 1.24 -
Foreign Affairs, Trade and Development Canada, Human
Resources and Skills Development Canada, Aboriginal Affairs and Northern
Development Canada, and Transport Canada should complete their assessment of
internal controls within the planned timelines, including addressing gaps and
weaknesses. In addition, these four departments and Veterans Affairs Canada
should fully implement a program of ongoing monitoring without delay.
|
Aboriginal Affairs and
Northern Development Canada, Human Resources and Skills Development Canada,
and Transport Canada’s response.
Agreed.
Aboriginal
Affairs and Northern Development Canada, Human Resources and Skills
Development Canada, and Transport Canada recognize the importance of
completing the testing of internal controls over financial reporting,
addressing gaps and weaknesses, and implementing a program for on-going
monitoring of these controls, while working on other equally important
priorities.
Each department has put in
place systems for internal controls over financial reporting, including
requirements for internal reconciliations and analysis, and post verification
reviews. Work is underway to ensure that these and other internal controls
are operating effectively to mitigate risk.
Building on concrete steps
taken to date, the departments will undertake to complete their first full
risk-based assessment of internal controls over financial reporting,
including identifying and addressing gaps and weaknesses in internal controls
by 31 March, 2015, 31 March, 2016 and 31 March, 2014 respectively.
As the initial assessment for
each key process is completed, Aboriginal Affairs and Northern Development
Canada, Human Resources and Skills Development Canada, and Transport Canada
will implement a program for continuous monitoring of their internal controls
over financial reporting. |
High |
To ensure continuous progress in advancing
its agenda to complete the first full risk based assessment of internal
controls, while working on other equally important priorities, Employment
and Social Development Canada (ESDC) (formerly Human
Resources and Skills Development (HRSDC)), will undertake the
following activities over the next 3 fiscal years:
§ ESDC
will update its current workplan by conducting a risk-based assessment to reconfirm
the key business processes that should be included in the scope of the
Department’s internal control assessment, and determine the type, extent and
the frequency of testing required, for key control activities embedded within
these financial business processes.
§ Based on the results of the risk assessment:
a) Revise
the current work plan to reflect the key business processes that will be
included in the scope of the Department’s internal control assessment;
b) Revise
the current work plan to reflect the timing and steps to be taken to ensure
that the first full risk based assessment (which includes documenting
business processes and internal controls, testing the design effectiveness
and operating effectiveness of internal controls), is completed by 2015-16;
and
c) Developing a plan
for continuous monitoring to ensure that the key controls continue to be
relevant.
§ In line with the Policy on Internal Control, ESDC will develop
a Departmental Internal Control Framework that will outline the roles and responsibilities
for maintaining, monitoring and reviewing internal controls, and ensuring
that timely corrective measures are taken when issues are identified, and
that internal controls within the department align with the governance
structure of ESDC.
Complete the
elements of the revised work plan as follows:
§ Perform the Design Effectiveness (DE) testing of financial
controls over financial reporting for Canada Pension Plan (CPP); which includes
documenting business process and internal controls; testing the design
effectiveness; and identifying and addressing any gaps and weaknesses in
internal controls.
§ Perform the Design Effectiveness (DE) testing of financial
controls over financial reporting for Employment Insurance (EI); which includes
documenting business process and internal controls; testing the design
effectiveness; and identifying and addressing any gaps and weaknesses in
internal controls.
§ Complete Operating Effectiveness (OE) testing and remediation,
including identifying any gaps and weaknesses for all key business processes,
including CPP and EI programs.
§ Once OE testing and remediation is completed, use a phased
approach to initiate the monitoring cycle.
§ Due to the changes in the IT infrastructure and modernization
initiatives within the Department, review and validate the design
effectiveness of key controls in these areas. Based on this assessment, complete
Operating Effectiveness (OE) testing and remediation of any control
weaknesses. |
CFOB (DG of Integrated Corporate Accounting and
Accountability Directorate)
CFOB (DG of Integrated Corporate Accounting and
Accountability Directorate)
CFOB (DG of Integrated Corporate Accounting and
Accountability Directorate)
CFOB/PPSB
CFOB/PPSB
CFOB/PPSB
CFOB
CFOB/IASB/IITB |
January 31, 2014
March 31, 2014
March 31, 2014
December 31, 2014
December 31, 2014
March 31, 2016
March 31, 2016
March 31, 2016 |