Audit of Regions (Atlantic, Quebec, and Prairie and Northern)

1.0 Executive Summary

1.1 Introduction

The Regional Operations Sector (ROS) is Industry Canada's main presence throughout Canada, serving a key role in advancing regional economic interests. As the Department's eyes and ears in the regions, the Sector supports strategic policy development and decision making by gathering and disseminating regional intelligence and analysis. ROS also serves as the Department's main service delivery arm in the regions.

In support of Industry Canada's mandate, the ROS serves the needs of their regional clients through the delivery of programs and services, and supports the development and understanding of national policies, programs and regulations. ROS staff work in Industry Canada's five regions: Atlantic, Quebec, Ontario, Prairie and Northern, and Pacific. Each region is led by a Regional Executive Director.

In accordance with the approved Industry Canada 2010–2011 Multi-Year Risk-Based Audit Plan, the Audit and Evaluation Branch (AEB) undertook an audit of Corporate Services in the regions.

AEB completed an audit of Corporate Services in the Ontario Region in 2003. Since then, the role of Corporate Services in the regions has changed significantly; the program clients to whom Corporate Services provides services have also changed.

In this, the first of two planned regional audits, AEB examined the Atlantic, Quebec, and Prairie and Northern regions.

1.2 Objective and Scope

The objective of this audit was to provide reasonable assurance to management that specific core management controls, as identified in the audit criteria, for Corporate Services (Finance and Administration) in three regions — Atlantic, Quebec, and Prairie and Northern — are operating effectively.

A number of sub-objectives were established to provide assurance that:

• roles and responsibilities are clear
• there is a formal risk management process that identifies risks and develops mitigation strategies
• regional Corporate Services (Finance and Administration) ensured compliance with Sections 32, 33 and 34 of the Financial Administration Act, and
• regional Corporate Services (Finance and Administration) ensured that financial transactions were carried out:
  • with due diligence
  • in compliance with Treasury Board Policies and with Industry Canada's Financial Control Framework.

The scope of the audit was the core management controls that were assessed during the planning phase as medium high and medium risk within Corporate Services (Finance and Administration), in the three regions. These controls are identified in the audit criteria.

The scope of the audit excluded Human Resources; Communications; Policy, Analysis and Intelligence; and contracting and procurement in the regional offices. Program clients were also excluded from the scope of the audit.

For sampling purposes, the audit covered the period April 1, 2009 to December 31, 2010.

1.3 Main Findings

Governance

In all three regions, roles and responsibilities are clearly defined and understood within the Finance and Administration directorate.

Risk Management

Risk management at the Finance and Administration directorate level, and at the regional level, is carried out formally and informally in a fashion that results in the identification of risks and the development of mitigation strategies.

Internal Controls

Section 32, 33 and 34 activities are carried out by authorized positions.

Financial transactions are carried out with due diligence. The regions monitor adherence to expenditure policies, directives and internal processes and procedures. Expenditures are in compliance with Treasury Board Policies, Industry Canada's Financial Control Framework and Directives.

Budgets are properly established, managed and communicated. Financial reports are reviewed and approved and these reports are communicated to regional management, the Assistant Deputy Minister (ADM) of Regional Operations and the Comptrollership and Administration Sector (CAS).

Finding 1.0: The use of blanket travel authorities limits management oversight on the mode of transportation used and the related prepaid costs.

Blanket travel authorities allow a staff member to book transportation without requesting management's approval for individual trips. Subsequent travel claim forms do not always clearly identify prepaid transportation costs, therefore limiting the amount of management oversight.

1.4 Recommendations

Internal Controls

Recommendation 1.0:

It is recommended that the Assistant Deputy Minister of Regional Operations review the travel claim process and use of the blanket travel authority, to allow greater oversight of costs.

1.5 Audit Opinion

In my opinion, the specific core management controls audited for Corporate Services (Finance and Administration) in the three regions are operating effectively, with no material weaknesses noted. 

1.6 Statement of Assurance

In my professional judgment as Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria that were agreed on with management. The opinion is applicable only to the entities examined and within the scope described herein. This audit was conducted in accordance with the Internal Auditing Standards for the Government of Canada.

____________________________________
Susan Hart
Chief Audit Executive, Industry Canada