Audit of the Federal Economic Development Initiative in Northern Ontario (FedNor) — Northern Ontario Development Program (NODP)

1.0 Executive Summary

1.1 Background

The Federal Economic Development Initiative for Northern Ontario (FedNor) was established in 1987 and is responsible for promoting economic growth, diversification and job creation and sustainable, self-reliant communities in Northern Ontario by working with community partners and other organizations to improve small business access to capital, information and markets.

Within FedNor, the Northern Ontario Development Program (NODP or the "Program") is a program with ongoing funding that promotes economic growth, diversification, job creation and sustainable communities in Northern Ontario, through a community-based approach. The service area runs from the District of Muskoka to Hudson Bay and from the Manitoba border to Quebec — a large and diverse geographic area.

The Audit and Evaluation Branch's (AEB) 2005–2008 Multi Year Risk-Based Audit Plan, approved by the Departmental Audit and Evaluation Committee (DAEC), includes an audit of the FedNor NODP.

top of page

1.2 Audit Objective

The objective of the audit was to provide an independent and objective assessment of the design and operating effectiveness of the Program's management control framework (MCF) and the extent to which the transfer payments under the Program are managed in accordance with the Treasury Board's Policy on Transfer Payments.

top of page

1.3 Audit Scope

The scope of the audit covered the Program's operations from April 2002 to March 2007 in all three regional offices — Sudbury, Thunder Bay and Sault Ste Marie where the Program is delivered. The audit focused on the areas of highest risk facing the achievement of Program objectives.

top of page

1.4 Key Findings

The audit noted three areas which require improved documentation and formalization as follows:

Documentation of monitoring of project status — Prior to the finalization and approval of a contribution agreement, a risk assessment and associated monitoring plan is developed. Limited documentation was found in the project files sampled to confirm the completion of these activities as required by the monitoring plan.

To ensure compliance with the Terms and Conditions of the Program, ongoing project monitoring must be carried out with adequate documentation and audit trail. As environmental changes arise that impact the risk associated with a project, documentation of ongoing monitoring activities supports the ongoing re-evaluation of the risks and level of monitoring and scrutiny required by the Program.

Documentation supporting the risk assessment process — Processes have been designed to assess risks associated with potential projects during the project acceptance phase; however, outcomes are not consistently documented to substantiate the pre-acceptance and project approval risk assessment decisions.

When there is no formal evidence of decisions related to the risk assessment process, it is difficult to substantiate the reason for acceptance or rejection of a project proposal and provide senior management with sufficient information for appropriate decision making.

Formal monitoring and update of project risk assessment — NODP projects may span over more than twelve months during which significant changes may occur within an industry or client environment. However, risk assessments are not currently subject to formal, periodic re-evaluation impacting the appropriateness of the existing level of project monitoring activities.

Without a periodic reassessment of risk ratings, there is an increased chance that changes to the client or project's status may not result in a corresponding change to the risk assessment. This could lead to an inappropriate risk rating and level of project monitoring.

top of page

1.5 Recommendations

As a result of the key findings identified, the following three recommendations have been proposed:

1. The Director General of FedNor should establish a formal process to ensure appropriate documentation of project status/monitoring activities are linked back with expectations defined in the original risk assessment.
2. The Director General of FedNor should implement a formal process to ensure improved documentation, including the maintenance of meeting minutes, supporting documents and enhanced commentary related to: a) the initial assessment of project proposals and b) final risk ratings and associated monitoring plans to substantiate the decisions made during the project acceptance finalization processes.
3. The Director General of FedNor should develop a formal mechanism to review the risk rating of each project on a periodic basis (i.e. every 12 months) within the project life cycle and upon changes within the client environment which could potentially impact risk as changes in risk rating should impact the level of project monitoring (financial and/or project status) and projects considered for upcoming audit.

top of page

1.6 Audit Conclusion

We found that the FedNor NODP's management control framework, related practices and internal controls are in place, operating as intended and are in compliance with Treasury Board's Policy on Transfer Payments. However, the formal documentation of key decisions during the project life cycle should be improved, specifically related to monitoring of project status, documentation of the risk assessment process within the project approval phase and formal monitoring and periodic updating of the risk assessment for long-term projects.