ARCHIVED - Internal Audit Committee

Archived Information

The Standard on Web Usability replaces this content. This content is archived because Common Look and Feel 2.0 Standards have been rescinded.

Archived information is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Terms of Reference

The Internal Audit Committee is an advisory body that is chaired by the Chairperson of the Military Police Complaints Commission. The Committee will provide an oversight and facilitation role on key aspects of audit, as well as on internal and quality control systems. Specifically, the Committee will:

The MPCC will comply with the Internal Audit Policy Suite issued in October, 2005 by the Treasury Board Secretariat (TBS). To facilitate compliance, a copy of that policy document along with appendices, as amended from time to time, will comprise an addendum to these Terms of Reference. At least annually MPCC's Chief - Financial Services will highlight for the Committee any changes to TBS policy or any exceptions in compliance/variances in practice.

Membership

In compliance with the TBS Internal Audit Policy Suite of October 2005- Appendix C - the MPCC Chairperson will determine membership from time to time. Membership is as follows:

Reporting Relationship

The Committee reports to the Executive Committee. As a practical matter the Committee will meet, on an occasional agenda item, within the Executive Committee's regular monthly meetings. The MPCC Chairperson chairs the proceedings and, accordingly, no further reporting is required. The record of decisions will be embodied in minutes of the Executive Committee.

Frequency of Meetings

The Committee will meet as required at the call of Chair, but expects to meet at least twice a year: first to recommend approval of the annual internal audit plan and again following completion of audits to consider the auditor's findings/recommendations.

Communications

All completed internal audit reports, in both official languages, will be forwarded to the Comptroller General and posted on the MPCC website.

Policy on Internal Audit

Please note that the following document is not in effect until April 1, 2006. The current Internal Audit Policy remains in effect until March 31, 2006.

Table of Contents

  1. Effective Date
  2. Application
  3. Context
  4. Policy Statement
  5. Policy Requirements
  6. Consequences
  7. References
  8. Enquiries
  9. Appendix - Responsibilities of The Comptroller General for Internal Audit

1. Effective Date

1.1 This policy takes effect on April 1, 2006, replacing the 2001 Policy on Internal Audit.

1.2 The implementation of this policy will be phased in between the effective date of the policy and April 1, 2009. A review of the implementation will be conducted six months prior to April 1, 2009, to determine if changes to the policy are required.

2. Application

2.1 This policy applies to departments and agencies defined as departments within the meaning of section 2 of the Financial Administration Act. Throughout this policy, the terms “government-wide” and “across government” refer to these departments.

2.2 For the purposes of this policy, Treasury Board has established criteria for designating departments as small departments and agencies (SDAs). These criteria are provided in section 5.4.1 below. All other departments are referred to as large departments and agencies (LDAs).

3. Context

3.1 This policy is issued pursuant to paragraph 7.(1) (a) of the Financial Administration Act.

3.2 This policy is designed to ensure that, at both departmental and government-wide levels, internal audit and audit committees provide deputy heads and the Comptroller General, respectively, with added assurance, independent from line management, on risk management, control, and governance processes. (The terms risk management, control, and governance processes are defined in The Professional Practices Framework published by the Institute of Internal Auditors, January 2004.)

3.3 While deputy heads, in the context of the Treasury Board Secretariat Management Accountability Framework, are responsible for the systems of internal controls in their departments, this policy provides a clear and integrated assignment of responsibilities for internal auditing between deputy heads and the Comptroller General that supports strong internal auditing across government.

4. Policy Statement

4.1 The objective of the policy is to strengthen public sector accountability, risk management, resource stewardship and good governance by reorganizing and bolstering internal audit on a government-wide basis.

4.2 In that context, Treasury Board has decided that:

4.2.1 The Government of Canada sustain a strong, credible internal audit regime that has the confidence of the government, contributes directly to effective risk management, sound resource stewardship and good governance, and is repositioned as a key underpinning of governance within departments and agencies and across government.

4.2.2 The government ensure the real and perceived independence of internal audit from line management by introducing:

4.2.3 All departments and agencies, and the government as a whole, be supported by professional and comprehensive internal audit coverage through a changed delivery model in which:

4.2.4 The Comptroller General is responsible for focused, sustained functional leadership of internal audit across government in order to build and develop capacity; ensure adequate levels of professionally qualified resources; and ensure adherence to professional standards and rigorous methodology in the delivery of internal audits.

4.2.5 Chief audit executives provide annual holistic opinions to deputy heads and audit committees on the effectiveness and adequacy of risk management, control, and governance processes in their departments, as well as reporting on individual risk-based audits. Similarly, it was decided that the Comptroller General report annually to Treasury Board on the state of risk management, control and governance processes across government, addressing fundamental controls, including basic reporting controls for financial statements, thematic or sectoral controls, and the results of risk-based internal audit work carried out within departments.

5. Policy Requirements

5.1 The term “deputy head” is used in this policy in the broad sense assigned to it by section 11 of the Financial Administration Act. It includes deputy ministers, heads of agencies, chief executive officers, and statutory or designated deputy heads.

5.2 This policy recognizes that departments are diverse in size and risk. The requirements below distinguish among those applicable to deputy heads of large departments, deputy heads of SDAs, and those that apply to all deputy heads.

5.3 Deputy heads of large departments (all departments other than those designated as SDAs) are responsible for:

5.3.1 Establishing an internal audit function that is appropriately resourced and that operates in accordance with this policy and professional internal auditing standards.

5.3.2 Establishing an independent departmental audit committee that includes a majority of external members who are not currently in the federal public service. (Requirements relating to the role, responsibilities and membership of the departmental audit committee are described in Directive on Departmental Audit Committees.)

5.3.3 Appointing a qualified chief audit executive at a senior executive level, reporting to the deputy head, to lead and direct the internal audit function. (Directive on Chief Audit Executives, Internal Audit Plans, and Support to the Comptroller General sets out additional requirements for chief audit executives. The Comptroller General's Guidelines on the Responsibilities of Chief Audit Executives and Guidelines on Expected Qualifications of Chief Audit Executives provide advice on the responsibilities and expected qualifications of chief audit executives.)

5.3.4 Approving a departmental internal audit plan that addresses all areas of higher risk and significance, including audits identified by the Comptroller General as part of government-wide or sectoral coverage, and designed to support an annual opinion from the chief audit executive on departmental risk management, control, and governance processes. (Directive on Chief Audit Executives, Internal Audit Plans, and Support to the Comptroller General sets out additional requirements for departmental internal audit plans.)

5.3.5 Ensuring appropriate internal audit coverage for special operating agencies and other entities within their departments and under their control.

5.4 Small departments and agencies

5.4.1 For the purpose of designating departments as SDAs under this policy, the two criteria of fewer than 500 full-time equivalents and a reference-level of less than $300 million per year will apply for all departments except agents of Parliament (Office of the Auditor General, Office of the Chief Electoral Officer, Office of the Commissioner of Official Languages, Office of the Information Commissioner and Office of the Privacy Commissioner), which are treated as LDAs. Any exclusions to the application of these criteria will require the approval of the Treasury Board, providing the SDA has the demonstrated capacity to fully meet the expectations set out in this policy for LDAs, on an ongoing basis, either on its own or via the provisions of such capacity by the leadership of the portfolio of the departments/agencies to which the SDA is accountable. Similarly, any exceptional additions to the list of SDAs will require the approval of Treasury Board and will be treated on a case-by-case basis. For both exclusions and additions, the Comptroller General will provide an independent assessment.

5.4.2 The Comptroller General will conduct horizontal and other audits on SDAs each year and will provide deputy heads with copies of all relevant audit reports. Recognizing that SDAs vary in terms of size and risk, in many cases deputy heads may decide that the work performed by the Comptroller General fully meets their internal audit requirements. However, considering the risk profile and control environment of their departments, deputy heads must decide whether further internal audits are necessary. If further work is needed, the deputy head shall approve an internal audit plan.

5.4.3 When deputy heads of SDAs need internal auditing work beyond that conducted by the Comptroller General, but do not have enough work or resources to sustain a credible, professional internal audit function, the Comptroller General will facilitate access to independent, qualified internal auditing resources.

5.4.4 When an SDA conducts an internal audit, the deputy head must ensure that the internal auditing work meets the Internal Auditing Standards of the Government of Canada as prescribed by the Comptroller General.

5.4.5 When an SDA conducts an internal audit, the deputy head must ensure that the audit work is overseen and guided by an independent audit committee. The deputy head must establish a departmental audit committee in accordance with Directive on Departmental Audit Committees, or a joint independent audit committee with other portfolio-related departments, or arrange with the Comptroller General to have access to the SDA Audit Committee.

5.5 Deputy heads of all departments are responsible for:

5.5.1 Putting in place effective procedures to ensure systematic review of control and accountability processes in their departments.

5.5.2 Taking into account the results of internal audits conducted by the Comptroller General.

5.5.3 Ensuring that the audit committee receives all of the information and documentation needed or requested to fulfill its responsibilities, subject to applicable legislation.

5.5.4 Ensuring that management action plans are prepared that adequately address the recommendations and findings arising from internal audits, and that the action plans have been effectively implemented.

5.5.5 Ensuring that completed audit reports are:

5.5.6 Ensuring that the respective Minister is briefed periodically on significant items arising from the work of internal audit and the audit committee. It is expected that the Minister would meet annually in camera with the Internal Audit Committee for assurance regarding risk management, control and audit systems. It is also expected that the deputy head would routinely be briefed by the Audit Committee on their assurance findings.

5.5.7 Ensuring that the Office of the Comptroller General and its agents, for the purpose of carrying out assigned responsibilities, are given:

5.6 Responsibilities of the Comptroller General

5.6.1 Treasury Board has assigned specific responsibilities to the Comptroller General for the functional leadership and monitoring of internal auditing across government, for horizontal auditing in LDAs and SDAs, and for the support of information technology and forensic auditing. These responsibilities are described in the Appendix.

5.6.2 Treasury Board also requires the Comptroller General to report annually to the Board on:

5.6.3 Treasury Board has delegated to the Comptroller General the authority to issue such operational directives, standards and guidelines as are necessary to support this policy.

5.7 Monitoring and Reporting

5.7.1 Deputy heads are responsible for monitoring adherence to this policy in their departments. Departments should have measures in place, as appropriate, to ensure:

5.7.2 Departmental audit committees will prepare annual reports to their deputies on their activities, including assessments of the internal audit functions. These reports will be made available to the Comptroller General.

5.7.3 The Comptroller General is responsible for government-wide leadership of internal audit, and for directing horizontal audits, including focused horizontal and other audits in SDAs.At a minimum, the Comptroller General should have measures in place to ensure:

5.7.4 The Comptroller General will report annually to Treasury Board on the implementation of this policy and on the effectiveness of the internal audit function across government, based on the analysis of internal audit plans and reports, practice inspections of departmental internal audit functions, audit committee reports and work undertaken directly by the Comptroller General.

5.7.5 The Comptroller General will establish a framework to guide the evaluation of the policy; Treasury Board Secretariat will make sure an evaluation is conducted within five years.

6. Consequences

6.1 If, as a result of this monitoring, it is apparent that a department has not complied with this policy, consequences that are applicable to all Treasury Board policies, and as set out in the Financial Administration Act, will apply.

7. References

7.1 Other Relevant Legislation

7.2 Related Publications

8. Enquiries

Please send any questions about this policy to:

Office of the Assistant Comptroller General, Internal Audit
Treasury Board of Canada Secretariat
L'Esplanade Laurier
300 Laurier Avenue West
Ottawa, Ontario
K1A 0R5

Email: ias-svi@tbs-sct.gc.ca
Fax: 613-952-3698

Appendix - Responsibilities of The Comptroller General for Internal Audit

As directed by the Treasury Board, the Comptroller General must:

  1. Provide effective functional leadership of internal auditing across government;
  2. Develop and support an effective human resources strategy to ensure that the government has sufficient, well-trained, professional internal audit resources;
  3. Determine the professional standards to be used for internal auditing in the federal government;
  4. Develop and support the implementation of standard internal auditing methodology and procedures to be used across government;
  5. Support the implementation of suitably qualified audit committees, and develop and support expected committee practices to be used across government;
  6. Conduct ongoing practice inspections and assessments of the entire spectrum of departmental internal audit activities as set out in the Policy on Internal Audit. These inspections to be carried out by independent and qualified professionals who will communicate the results to respective deputy heads, departmental audit committees and chief audit executives;
  7. Identify, and indicate to deputy heads, which audits are to be included in departmental internal audit plans as part of government-wide coverage;
  8. Conduct horizontal and other internal audits focused on SDAs, and communicate the results to the appropriate deputy heads and the SDA audit committee;
  9. Establish an independent SDA audit committee to provide oversight and guidance on internal auditing in SDAs. (Requirements relating to the role, responsibilities and membership of the SDA audit committee are set out in Directive on Small Departments and Agencies Audit Committee);
  10. Undertake or lead horizontal audits that address government-wide, sectoral or thematic issues in accordance with approved Treasury Board Audit Committee government-wide audit plans;
  11. Support departments in undertaking internal audits of information technology and forensic audits;
  12. Confer with, and provide advice to, deputy heads, audit committees, chief audit executives and internal auditors on the application of the Policy on Internal Audit and professional internal auditing standards;
  13. Maintain an active liaison with chief audit executives and deputy heads on significant issues of risk, control or management practices in departments, and ensure that effective and timely action is taken where there are serious issues to be resolved; and
  14. Maintain effective liaison with agents of Parliament and central agencies on audit issues.

Directive on Departmental Audit Committees

Please note that the following document is not in effect until April 1, 2006. The current Internal Audit Policy remains in effect until March 31, 2006.

1. Purpose

1.1 This document provides direction to deputy heads on the responsibilities, membership and operations of departmental audit committees.

2. Context

2.1 The departmental audit committee is an essential part of the audit regime established by the Policy on Internal Audit. The Policy calls for the deputy head of each department, other than small departments and agencies (SDAs), to establish an independent departmental audit committee that includes experienced, competent external members. Deputy heads of SDAs may also choose to establish a departmental audit committee when their departments are undertaking internal audits.

2.2 This directive is issued pursuant to paragraph 7.(1) (a) of the Financial Administration Act.

3. Effective Date

3.1 This directive will take effect on April 1, 2006. (See Policy 1.1)

4. Requirements

4.1 Role of Departmental Audit Committees

The audit committee shall ensure that the deputy head has independent, objective advice, guidance, and assurance on the adequacy of the department's control and accountability processes. In order to give this support to the deputy head, the audit committee should exercise active oversight of core areas of departmental control and accountability in an integrated and systematic way.

4.2 Responsibilities of Departmental Audit Committees

The key areas of responsibility that shall be addressed by the departmental audit committee are:

4.2.1 Values and Ethics: The audit committee shall review, at least annually, the arrangements established by management to exemplify and promote public service values and to ensure compliance with laws, regulations, policies, and standards of ethical conduct.

4.2.2 Risk Management: The audit committee shall review, at least annually, the corporate risk profile and departmental risk management arrangements.

4.2.3 Management Control Framework: The audit committee shall review, at least annually, departmental internal control arrangements, including the adequacy of management-led audit.

4.2.4 Internal Audit Function

The audit committee shall:

4.2.5 Office of the Auditor General and Central Agencies

The audit committee shall:

4.2.6 Follow-up on Management Action Plans

4.2.6.1 The audit committee shall:

4.2.6.2 The chief audit executive shall report periodically to the audit committee on whether management's action plans have been implemented and whether the actions taken have been effective. The chief audit executive's report shall identify any areas where he or she believes management has accepted a level of risk that is unacceptable to the department or to the government.

4.2.7 Financial Statements and Public Accounts Reporting

4.2.7.1 The audit committee shall review the departmental financial statements with management and all significant accounting estimates and judgments therein and recommend to the deputy head whether they should be accepted.

4.2.7.2 When the departmental financial statements are audited, the audit committee shall review:

4.2.8 Risk and Accountability Reporting

The audit committee shall review the departmental Corporate Risk profile and the Report on Plans and Priorities, the Departmental Performance Report and other significant accountability reports, to ensure that, to the best of their knowledge, there are no material misstatements or omissions.

4.3 Membership of the Departmental Audit Committee

4.3.1 Audit committees must include independent, external members who are not currently in the federal public service. By April 1, 2009, all audit committees must have a majority of external members. Members from the federal public service shall be limited to the deputy heads, and associate deputy ministers and assistant deputy ministers from other departments. The deputy head would be the only internal representative on the audit committee if he or she elects to chair the committee. The preferred model would be a committee comprised entirely of external members with the deputy head as an ex-officio member.

4.3.2 Deputy heads are responsible for establishing an independent departmental audit committee that includes a majority of external members who are not currently in the federal public service. Deputy heads and the Comptroller General shall jointly select audit committee members for approval by the Treasury Board.

4.3.3 The Comptroller General shall also establish competency profiles for external audit committee members and standards for tenure, terms of service, conditions for removal, conflict of interest, liability indemnification, security clearance, remuneration, and protocols to address disagreements.

4.3.4 Members of an audit committee shall be selected so that their collective skills, knowledge, and experience will allow the committee to competently and efficiently undertake its duties. Members of the audit committee should be free of any real or perceived conflict of interest.

4.3.5 The audit committee shall have three to five members. External members shall be engaged by the deputy head for a term of four years.

4.3.6 A member shall serve no more than two terms. To ensure adequate continuity, engagements can be staggered and initial terms may be for less than four years.

4.3.7 All members of the audit committee shall be familiar with private or public sector financial reporting, or undertake to become familiar within the first year after appointment. At least one member shall be a financial expert who possesses:

4.3.8 The deputy head or an external member shall chair the audit committee. If the deputy head is chair, an external member shall be vice-chair. The preferred model is for the chair to be an external member.

4.3.9 The quorum for the committee shall be a majority of the members. No alternates shall be permitted.

4.3.10 The deputy head, the senior financial officer, and the chief audit executive shall be expected to attend all meetings of the audit committee. The chair may request the attendance of other departmental officials.

4.3.11 The chair shall, as necessary, ask a senior representative of the OAG to attend the audit committee meeting to discuss the OAG's plans, findings and other matters of mutual concern.

4.3.12 The chair may, as necessary, ask Treasury Board Secretariat officials to attend the audit committee meeting.

4.3.13 Audit committee members shall receive formal orientation and training on the committee's responsibilities and objectives, and on the business of the department.

4.4 Operations of the Departmental Audit Committee

4.4.1 The role, responsibilities, and operations of the audit committee shall be documented in an audit committee terms of reference or charter, approved by the deputy head. The document shall be reviewed periodically by the audit committee and reaffirmed by the deputy head.

4.4.2 The chair of the audit committee shall prepare a plan to ensure that the annual and ongoing responsibilities are scheduled and fully addressed. The plan shall be presented to the committee for its approval.

4.4.3 The audit committee shall meet at least four times a year. Audit committees are encouraged to schedule their meetings one year in advance so that departmental management and auditors can prepare the information and reports required to support the committee's work. Rescheduling of audit committee meetings would be by exception only.

4.4.4 As part of each meeting of the audit committee, the committee shall meet individually in camera with each of the deputy head (if not a committee member), the departmental senior financial officer, the chief audit executive, the representative of the OAG when in attendance, and any other officials the committee may determine.

4.4.5 The audit committee shall prepare an annual report to the deputy head that shall:

5. Enquiries

Please send any questions about this directive to:

Office of the Assistant Comptroller General, Internal Audit
Treasury Board of Canada Secretariat
L'Esplanade Laurier
300 Laurier Avenue West
Ottawa, Ontario
K1A 0R5

Email: ias-svi@tbs-sct.gc.ca
Fax: 613-952-3698

Date modified: