Key Compliance Attributes of Internal Audit

Why publish key compliance attributes of internal audit?

The objective of the Treasury Board Policy on Internal Audit is to ensure that the oversight of public resources throughout the federal public administration is informed by a professional and objective internal audit function that is independent of departmental management.

Heads of organizations are responsible for ensuring that internal audit in the department is carried out in accordance with the Institute of Internal Auditors International Professional Practices Framework unless the framework is in conflict with the Treasury Board Policy or its related directive; if there is a conflict, the policy or directive will prevail.

Departments with internal audit functions are required to publish key attributes of compliance as per section A.2.2.3.1 of the Treasury Board Directive on Internal Audit. It is important that the public is aware that heads of government organizations are receiving assurance and that activities are managed in a way that demonstrates responsible stewardship.

These attributes have been selected because they demonstrate to an external audience that, at a minimum, the fundamental elements necessary for oversight are in place, are operating as intended and are achieving results. The key attributes of compliance with the policy and standards are:

Publishing departmental key compliance attributes provides pertinent information to Canadians and parliamentarians regarding the professionalism, performance and impact of the internal audit function in departments. These are not performance measures and no targets are attached. Under the Policy, the Comptroller General has the authority to amend these attributes, should there be changes in the internal audit environment and/or due to the evolving maturity of the internal audit function.

Table 1: Key Compliance attributes results
Key Compliance Attributes Results as of June 30, 2022
% of staff with an internal audit or accounting designation (Certified Internal Auditor [CIA], Chartered Professional Accountant [CPA]) 44%
% of staff with an internal audit or accounting designation in progress (CIA, CPA) 0%
% of staff holding other designations (Certified Government Auditing Professional [CGAP], Certification in Risk Management Assurance [CRMA], etc.) 25%
Date of last comprehensive briefing to the Departmental Audit Committee on the internal processes, tools, and information considered necessary to evaluate conformance with the Institute of Internal Auditors (IIA) Code of Ethics and the Standards and the results of the Quality Assurance and Improvement Program (QAIP) March 29, 2022
Date of last external assessment January 24, 2019

Risk-Based Audit Plan (RBAP) and related Information*

  1. name/status of audit for the current fiscal year of the RBAP
  2. date the audit report was approved
  3. date the audit report was published
  4. original planned date for completion of all management action plan (MAP) items
  5. status of MAP items
Refer to Table 2 – Audit plan and related information.*
Average overall usefulness rating from senior management (ADM-level or equivalent) of areas audited

Average overall usefulness rating from senior management: (Percentage of responding auditees from post-audit survey results per section “10-Satisfaction” of the most recent Capacity Assessment Template (CAT).)

Good: 100%

Table 2 –  Audit plan and related information*
Internal audit Audit status Report approved date Report published date Original planned MAP completion date Implementation status
Laser Audit of the Application of Gender-based Analysis Plus (GBA+) Approved/MAP fully implemented June 2019 August 2019 March 2020 100%
Follow-up Audit on the Implementation of the Commissioner of the Environment and Sustainable Development Recommendations on Sustainable Development Strategies Approved/MAP fully implemented November 2019 January 2020 December 2020 100%
Internal Audit of Information Technology Security Approved/MAP not fully implemented April 2020 July 2020 March 2023 0%
Laser Audit of the Recipient Audit Framework Approved/MAP not fully implemented June 2021 July 2021 April 2022 33%
Advisory Engagement – Staffing Monitoring Framework Approved/MAP not fully implemented December 2021 N/A March 2022 66%
Laser Audit of the Reimbursement of Work from Home Expenses Approved/MAP not fully implemented March 2022 May 2022 April 2022 0%
Joint Audit/Evaluation of the Disaster Financial Assistance Arrangements Program (DFAA) In progress
Control Self-Assessment of the National Security Policy Directorate Approved June 2022 N/A N/A N/A
Control Self-Assessment of the National Security Operations Directorate In progress
Audit of COVID-19 Response Fund Management In progress
Advisory Engagement of Public Safety Canada’s Vaccination Policy Framework In progress
In-flight Advisory Engagement – Firearms Buy-Back Program Not started
Laser Audit of Extraordinary Policing Costs Not started
Laser Audit of the Temporary Exceptional Procedures During the Pandemic for Information Management (IM)/Information Technology (IT) In progress
Audit of Enterprise Risk Management (ERM) In progress

*Audit engagements from past fiscal years will remain listed in the table until 100% MAP implementation is achieved.

Date modified: