ARCHIVED - Mid-Year Update of the Risk-Based Audit Plan 2011-2012 to 2013-2014

Archived information

This Web page has been archived on the Web. Archived information is provided for reference, research or record keeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

Date: November 2011

PDF Version (334 Kb, 33 Pages)




Table of Contents




Introduction

The Treasury Board Policy on Internal Audit (2009) seeks to support strong and accountable public sector management by ensuring effective internal auditing. In response to this requirement, AANDC has developed this three-year Risk-Based Audit Plan. This plan details the assurance services that Audit and Assurance Services Branch will provide, independent of line management, to sustain a strong, credible internal audit regime that contributes directly to sound risk management, control and governance.

Purpose

This document was prepared by Aboriginal Affairs and Northern Development Canada, Audit and Assurance Services Branch (AASB) for the Deputy Minister who is advised by an independent, external five (5) member Audit Committee. It outlines the Risk-Based Audit Plan 2011-2012 to 2013-2014 for Aboriginal Affairs and Northern Development Canada (AANDC). The plan has been designed to support the allocation of audit resources to those areas that represent the most significant priorities for AANDC and to respond to requirements of the Treasury Board Policy on Internal Audit (2009).

Document Organization

Introduction
  • This section provides an overview of the role of the internal audit function and Treasury Board expectations with respect to audit to provide the reader with the context for this plan.
Risk-Based Audit Planning Approach
  • This section describes the process followed to build this plan.
The Three-Year Risk Based Audit Plan
  • This section details the comprehensive plan for 2011-2012 to 2013-2014, including a summary of activities over three years.
Resource Considerations
  • This section details the resource considerations required to execute the audit plan.
Appendices
  • This section provides various detailed tables to further describe the plan.


Return to Table of Contents 



The Role and Scope of Internal Audit

Internal audit plays a vital role in governance and accountability. Without a strong, objective and independent assurance function, the effectiveness of the overall governance framework of the organization is severely weakened. With an effective internal audit function, there is greater confidence that the decisions being taken are informed by appropriate information on risk and control. Internal audit's systematic and disciplined approach adds value and improves an organization's operations.

Through the Federal Accountability Act (2006) and Action Plan, the Government of Canada committed to strengthen auditing and accountability within departments by clarifying the managerial responsibilities of deputy heads within the framework of ministerial responsibility, and by enhancing the internal audit function.

The role of the AANDC internal audit function, in conjunction with the Audit Committee, is to ensure that AANDC’s Deputy Minister and the Comptroller General of Canada, are provided with assurance, independent from line management, on the department's risk management, control and  governance processes. The internal audit function fulfills this role by bringing a systematic, disciplined approach to assessing and improving the effectiveness of the department's risk management, control and governance processes.

The scope of work of the internal audit function is to determine whether AANDC's network of risk management, control, and governance processes (as designed and represented by management) is adequate and functioning in a manner to ensure:

When opportunities for improving management control, governance, or resource stewardship are identified during audits, they are communicated to the suitable level of management so that appropriate action can be taken.

The internal audit function plays an important role in supporting departmental operations. It provides assurance on all important aspects of the risk management strategy and practices, management control frameworks and practices and governance. Where control weaknesses exist and where the achievement of objectives is at risk, internal audit plays a role in providing constructive advice and recommendations. In this way, internal audit contributes to enhanced accountability and performance.

Treasury Board Policy Requirements

AANDC is subject to the Treasury Board Policy on Internal Audit (2009). This policy states that the internal audit function in the Government of Canada is a professional, independent appraisal function that provides objective, substantiated conclusions as to how well an organization's risk management, control and governance processes are designed and working.

The Policy on Internal Audit (2009) further clarifies that the focus of internal audit is on all management systems, processes and practices, including the integrity of financial and non-financial information. The policy requires that the Deputy Minister approve a risk-based audit plan that identifies and addresses areas of highest risk and significance, including audits identified by the Office of the Comptroller General as part of government-wide or sectoral coverage. The Audit Committee is required to review the audit plan and advise the Deputy Minister on its adequacy.

Recent changes to the Internal Audit Policy have removed the requirement that the Chief Audit Executive provide an annual holistic opinion. However, the Internal Audit Policy (2009) now requires the audit plan to "perform risk-based internal audits necessary to provide an independent annual overview report to the deputy head on the adequacy and effectiveness of risk management, control and governance processes within the department." The Treasury Board Directive on Chief Audit Executives, Internal Audit Plans, and Support to the Comptroller General directs that the risk based audit plan focus predominantly on the provision of assurance services.

The Government of Canada has adopted the Institute of Internal Auditors’ (IIA) Professional Practices Framework, including the International Standards for the Professional Practice of Internal Auditing (IIAC Standards) for internal auditing in the Government. AASB conducts its work in accordance with these standards.

Strategy for Overview Reporting on Risk Management, Control & Governance Processes

One of the cornerstones of the Policy on Internal Audit (2009) is the requirement that the Chief Audit Executive provides annual overview reporting on departmental risk management, control and governance processes. In support of annual reporting for these three elements, the audit plan aims to achieve sufficient coverage of all elements of the Treasury Board’s Management Accountability Framework (MAF) and Core Management Controls Framework. Together, these frameworks describe departmental risk management, control and governance processes for an effectively controlled and accountable department.

The Chief Audit and Evaluation Executive’s annual overview report, together with other inputs such as the Chief Financial Officer’s Statement on Internal Control as well as information gleaned from other assurance providers, collectively provide departmental Senior Management and the Comptroller General with assurance on the state of the Department’s risk management, controls and governance processes.

Return to Table of Contents 





Risk-Based Audit Planning Approach

To meet the expectations of the Treasury Board Directive on Chief Audit Executives, Internal Audit Plans, and Support to the Comptroller General for audit plans, a risk-based approach was used. This approach allows audit resources to be targeted to areas of highest risk.

In establishing priorities for the Risk-Based Audit Plan, AASB employs a risk-based approach to annual audit planning, consistent with guidance from the Office of the Comptroller General (OCG). The approach includes assessments of risk and significance (equally weighted) for each of the AANDC program activities (51 entities) and internal services (31 entities) aligned to the AANDC Program Activity Architecture (PAA) (see AANDC Audit Universe in Appendix A).

In preparing the three-year audit plan, AASB’s prioritization of auditable units was completed based on information gathered through extensive review of corporate documents such as the departmental risk profiles, departmental plans and priorities, performance reports, budgets, results of past audits, evaluations and reviews, and results from last year’s risk-based planning exercise. An auditable unit is an entity that is definable and has discrete objectives that would be the subject of an audit. The audit universe is the collection of the auditable entities. The audit universe was reviewed to confirm that the existing auditable units were still valid and to add or delete any auditable units so that the universe reflects the current PAA and business environment. AASB met with members of AANDC’s Senior Management Committee to gain a better understanding of their priorities, risks in their sectors as well as other areas of the department, and to discuss planned and potential audits.  AASB has also connected with external stakeholders (Office of the Comptroller General and the Office of the Auditor General) to get their input in the risk assessment and identification and timing of potential audits.

Conduct and Timing of an Internal Audit
Once approved, the Risk-Based Audit Plan provides AASB with the Deputy Minister’s direction on what specific audits should be undertaken in the coming year. Each audit consists of the following phases:

The Planning Phase is undertaken to gain an understanding of the objectives, activities, key risks and controls of the area subject to audit. The audit objectives and scope are finalized and audit criteria are established. During the Conduct Phase, auditors carry out the audit program to ascertain whether each audit criterion is satisfied. Auditors conduct interviews, review documentation, perform analysis, observe activities and employ other techniques to obtain sufficient, relevant and reliable information to reach conclusions and support preliminary findings. Findings are reviewed with management to validate accuracy.

During the Reporting Phase, the draft audit report is prepared outlining background and context, and the auditor’s findings, conclusions and recommendations. Management prepares a Management Response and Action Plan outlining their response to the findings as well as the corrective action planned to mitigate the identified control gaps.

In the Follow-up Phase, a follow-up is performed to ensure that the required measures have indeed been implemented.

The audit may take from three (3) to twelve (12) months depending on the size and complexity of the area subject to audit as well as the specific scope and objectives of the engagement.

Several audit planning and prioritization workshops were held with AANDC internal audit staff. During the workshops, AASB participants engaged in discussions to analyze and put in priority order each auditable unit based on assessments of risk level, significance and legal risk. Risk level is defined as the level of risk to which each entity is exposed and considers the auditable unit’s current and anticipated business conditions, the presence of risk factors and the impact of specific risk exposures. Significance considers the relative importance of the program activity or internal service to the achievement of the department’s overall objectives. Significance includes materiality of the entity and its intrinsic importance to the department. Legal risk considers the level of exposure to legal issues that may affect the activities of the department. The methodology employed for the assessment of risk is aligned to the departmental corporate risk tolerances, as defined in the AANDC corporate risk assessment scales.

In accordance with the OCG’s guidance on risk-based audit planning, once units in the audit universe were analyzed based on risk and significance, a final audit priority rank was assigned. The second pass allowed AASB staff to determine the final audit priority ranking of each auditable unit by considering additional factors including priorities of the OCG where horizontal audits are planned and the activities of the Office of the Auditor General (OAG). Planned evaluations, the corporate risk profile, recent audits, and audits already underway were also considered. The result was a final audit priority rating of the auditable units.

Following that exercise, AASB held two consultation sessions with Directors and Directors General from across the department to discuss the priority rankings and potential audits. Modifications were made to the risk and significance assessment of auditable units to adjust ratings to reflect new information. The information and perspectives gathered during these sessions were particularly useful in informing the potential scope and timing of planned audits.

Finally, the three-year audit plan was developed taking into account the following planning considerations:

The plan is also presented to Audit Committee members for their review and recommendation for approval by the Deputy Minister.

Return to Table of Contents 





The Three Year Risk-Based Audit Plan

This section presents an overview of the AANDC 2011-12 to 2013-14 Risk-Based Audit Plan. As described in detail in the Risk-Based Audit Planning Approach section, AANDC internal audit priorities for the upcoming three years are based on a set of planning considerations and AASB assessments of risk and significance for auditable units or because they are a condition of renewal or change. The AANDC Audit Universe (Appendix A) encompasses all significant activities performed by AANDC in support of its mandate. It is comprised of program activities and internal services at the sub-activity level, and serves as the basis from which audit priorities are selected. In prioritizing the AANDC audit universe, AASB performed extensive interviews, review of corporate documents, completed three internal prioritization workshops and two consultation workshops with management. The distribution of the final priority ranking of these units is illustrated in the figure to the right.

Auditable Unit Priority Rankings

Auditable Unit Priority Rankings

Auditable Unit Priority Rankings - Pie Chart

The chart illustrates the final priority rankings for each auditable unit of AANDC's audit universe. The priority rankings are as follows:

Audit Coverage

AANDC's Three Year Risk-Based Audit Plan meets Treasury Board expectations that the plan addresses areas of higher risk and significance through appropriate audit coverage of these areas.

This section describes how the plan appropriately addresses areas of higher risk and significance. The chart to the right summarizes the audit coverage over the three years of the plan. There is complete coverage of all Very High ranked units. For entities rated High, there is 91% coverage, the remainder having been covered by recent AANDC audits or PSC audits. The coverage of moderate ranked units is 9% (due to participation in an OCG audit of an entity considered moderate risk by AANDC), while coverage of low priority auditable units is 0%.

Coverage of Auditable Units

Coverage of Auditable Units

Coverage of Auditable Units (histogram)

The chart illustrates the Risk-Based Audit Plan's coverage of auditable units. In determining the coverage of auditable units, priority was given to auditable units that received a final priority ranking of "Very High" or "High". The coverage of auditable units is as follows:

The Corporate Risk Profile is management's point in time reflection of the most significant risks that threaten achievement of AANDC's mandate and AASB seeks to ensure that all of these risks are covered in the planned audits. The chart to the right summarizes the number of new and ongoing audits and preliminary surveys in the first year (2011-2012) and linkages to the corporate risks. Every corporate risk is covered by at least two assurance engagements (audits). Appendix B describes these linkages in greater detail.

Audit Coverage of Corporate Risks

Coverage of Corporate Risks

Audit Coverage of Corporate Risks (histogram)

The graph illustrates the extent to which AANDC corporate risks are covered by the new and ongoing audits and preliminary surveys in 2011-2012. Please note that individual projects may cover one or more risk area. The coverage is as follows:

In support of the CAEE's annual reporting on departmental risk management, control and governance processes, the audit plan aims to achieve sufficient coverage of all elements of the Treasury Board's Management Accountability Framework (MAF) and Core Management Controls Framework. The chart to the right summarizes the extent to which these frameworks are covered in the planned audits and preliminary surveys for 2011-2012. Appendix C describes these linkages in greater detail. The only elements not covered by at least one audit are Effectiveness of Internal Audit and Effectiveness of Evaluation, both responsibilities of the CAEE. It should be noted that the role of the CAEE as Chief Audit Officer and Chief Evaluation Officer would present impairments to the internal auditor's independence and objectivity, should these functions be subject to internal audit.

Coverage of MAF/Core Management Control Elements

Coverage of MAF / Core Management Control Elements

Coverage of MAF/Core Management Control Elements (histogram)

The graph illustrates the extent to which Management Accountability Framework (MAF) and Core Management Control elements are covered by all planned and on-going projects in 2011-2012. Please note that individual projects may cover one or more element. The coverage is as follows:

The measures suggested by the IIAC to mitigate any impairment will be employed during any such internal auditing engagement. The OAG has recently assessed both areas, Evaluating the Effectiveness of Programs (Fall 2009) and Effectiveness of Internal Audit (June 2011).

2011-2012 to 2013-2014 Audit Plan

Table 1 below outlines the number of planned audits, OCG audits and preliminary surveys for each of the three years of the plan.

TABLE 1 2011-12 2012-13 2013-14
  Ongoing New Projects New Projects New Projects
Audits [Note 1] 14 9 9
OCG Audits   1 1  
Preliminary Surveys 2 1 2 1
Total 10 16 12 10

Table 2, accessible via the link below, presents a three-year view of the audit plan that sets out the recommended projects over the period from 2011-2012 to 2013-2014. For each project, the final priority ranking and current and planned audits are outlined. Each of the planned audits for the auditable unit is listed over the three-year period.

At the end of the three-year plan, audits and reviews of all high risk and significant ranked auditable units will have been started, allowing AANDC to achieve the coverage required by the Policy on Internal Audit (2009).

TABLE 2 2010-2011
(ongoing)
2011-2012
(Year 1)
2012-2013
(Year 2)
2013-2014
(Year 3)
2011-2012 to 2013-2014 Audit Plan Priority Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4
Ongoing (projects that commenced in 2010-11 and will carry forward into 2011-12) * AC indicates quarter in which the project should be tabled at the AANDC Audit Committee
1. Audit of Infrastructure Very High     AC                      
2. System Under Development Audit of the Indian Registry System Very High         AC                  
3. Audit of the Delegation of Authorities, Organizational Design and Classification High                 AC          
4. Audit of Business Continuity Planning Moderate     AC                      
5. Preliminary Survey of IM/IT Governance High         AC                  
6. Preliminary Survey of Litigation Management High       AC                    
7. Management Practices Audit - Alberta Region High     AC                      
8. Management Practices Audit - Atlantic Region High     AC                      
9. Management Practices Audit - Manitoba Region High     AC                      
10. Management Practices Audit - Ontario Region High     AC                      
2011-12 (projects commenced in 2011-12, some of which carry forward into 2012-13)
1. Audit of Exceptional Contracting Limits Authority Very High       AC                    
2. Audit of Contracting Very High         AC                  
3. AANDC Horizontal Audit of the Management Control Framework Grants and Contributions (Note- this is a recurring audit due to the importance to the department and level of materiality. Audit scope will be amended annually to reflect results of previous audits.) Very High             AC              
4. Audit of Acquisition Cards, Travel, Hospitality, Taxis and Conferences Very High             AC              
5. Audit of the Implementation of Child and Family Services Prevention Focused Approach Very High               AC            
6. Audit of Environmental Management & Contaminated Sites - South of 60 Very High           AC                
7. Audit of AANDC and Adjudication Secretariat Support to the Independent Assessment Process High         AC                  
8. Audit of the Secure Certificate Information System - Expenditure Management High       AC                    
9. Preliminary Survey of Additions to Reserves High            AC                
10. Management Practices Audit - British Columbia Region High       AC                    
11. OCG Audit of Management of Horizontal Issues Moderate               AC            
12. Management Practices Audit - Yukon Region High         AC                  
13. Management Practices Audit - Northern Affairs Organization High         AC                  
14. Management Practices Audit - Québec Region High           AC                
15. Management Practices Audit - Northwest Territories Region High           AC                
16. Management Practices Audit- Nunavut Region High           AC                
2012-13 (projects commenced in 2012-13, some of which carry forward into 2013-14)
1. Audit of Income Assistance Very High                   AC        
2. Audit of Management of Negotiation Loans Very High                 AC          
3. Audit of Housing Certification and Ministerial Loan Guarantee Processes High                 AC          
4. Audit of Northern Contaminated Sites High                 AC          
5. Audit of AANDC Support to the Specific Claims Process High                   AC        
6. Audit of Post-Secondary Education High                     AC      
7. Audit of the Management of the Strategic Policy Process High                   AC        
8. Audit of Financial Budgeting and Forecasting High                     AC      
9. Follow up Audit of AANDC Implementation of Government of Canada Payroll Interface High                     AC      
10. OCG Horizontal Audit of G&C's MCF Phase 2 (delayed by OCG) Very High                            
11. Preliminary Survey of Lands Management High               AC            
12. Preliminary Survey of Implementation of Modern Treaty Obligations & Self-Government Very High                 AC          
2013-14 (projects commenced in 2013-14, some of which carry forward into 2014-15)
1. Audit of Elementary and Secondary Schools Very High                           AC
2. Post Implementation Audit of Education Information System Very High                            
3. Audit of Community focused Economic Development Programming Very High                           AC
4. AANDC Horizontal Audit of the Management Control Framework Grants and Contributions (Note- this is a recurring audit due to the importance to the department and level of materiality. Audit scope will be amended annually to reflect results of previous audits.) Very High                            
5. Audit of Information Technology Security High                            
6. Audit of Financial Reporting High                            
7. Audit of Nutrition North High                       AC    
8. Audit of Capacity Development Programs High                            
9. Audit of Management of Moneys High                            
10. Preliminary Survey of Northern Oil and Gas High                         AC  

Audit of Infrastructure

System Under Development Audit of the Indian Registry System

Audit of the Delegation of Authorities, Organizational Design and Classification

Audit of Business Continuity Planning

Preliminary Survey of IM/IT Governance

Preliminary Survey of Litigation Management

Management Practices Audit of Alberta Region

Management Practices Audit of Atlantic Region

Management Practices Audit of Manitoba Region

Management Practices Audit of Ontario Region

 

2011-12 (projects started in 2011-12, some of which carry forward into 2012-13)
Audit of Exceptional Contracting Limits Authority

Audit of Contracting

AANDC Horizontal Audit of the Management Control Framework Grants and Contributions (Note- this is a recurring audit due to the importance to the department and level of materiality. Audit scope will be amended annually to reflect results of previous audits.)

Audit of Acquisition Cards, Travel, Hospitality, Taxis and Conferences

Audit of the Implementation of Child and Family Services Prevention Focused Approach

Audit of Environmental Management & Contaminated Sites - South of 60

Audit of AANDC and Adjudication Secretariat Support to the Independent Assessment Process

Audit of the Secure Certificate Information System - Expenditure Management

Preliminary Survey of Additions to Reserves

Management Practices Audit - British Columbia Region

OCG Audit of Management of Horizontal Issues

Management Practices Audit - Yukon Region

Management Practices Audit - Northern Affairs Organization

Management Practices Audit - Québec Region

Management Practices Audit - Northwest Territories Region

Management Practices Audit- Nunavut

 

2012-13 (projects started in 2012-13, some of which carry forward into 2013-14) 
Audit of Income Assistance

Audit of Management of Negotiation Loans

Audit of Housing Certification and Ministerial Loan Guarantee Processes

Audit of Northern Contaminated Sites

Audit of AANDC Support to the Specific Claims Process

Audit of Post-Secondary Education

Audit of the Management of the Strategic Policy Process

Audit of Financial Budgeting and Forecasting

Follow up Audit of AANDC Implementation of Government of Canada Payroll Interface

OCG Horizontal Audit of G&C's MCF Phase 2 (delayed by OCG)

Preliminary Survey of Lands Management

Preliminary Survey of Implementation of Modern Treaty Obligations & Self-Government

 

2013-14 (projects started in 2013-14, some of which carry forward into 2014-15) 
Audit of Elementary and Secondary Schools

Post Implementation Audit of Education Information System

Audit of Community focused Economic Development Programming

AANDC Horizontal Audit of Management Control Framework Grants and Contributions (Note- this is a recurring audit due to the importance to the department and level of materiality. Audit scope will be amended annually to reflect results of previous audits.)

Audit of Information Technology Security

Audit of Financial Reporting

Audit of Nutrition North

Audit of Capacity Development Programs

Audit of Management of Moneys

Preliminary Survey of Northern Oil and Gas

The detailed audit plan for 2011-2012, including objective, scope and rationale, is presented in Appendix D. All audits will be conducted with a high level of assurance.

Changes to the Plan

The audit plan is an evergreen document and is updated annually with adjustments in-year if necessary. This year’s audit plan is a continuation of the 2010-2011 to 2012-2013 Plan and as such, includes ongoing audits and audits carried forward that have been delayed or revised to reflect current business priorities and conditions. Details of these changes can be found in Appendix E.

Challenges to Achieving the Three Year Plan

AANDC programs and services are delivered in a complex policy and political environment by a department with responsibility and accountability for meeting the needs of Canada’s Aboriginal people and Northerners. AANDC operates in a constantly evolving policy landscape and is shifting from a legalistic approach to a policy-based approach that is more focussed on reconciliation, partnerships, and the sustainable development of Aboriginal communities.

Two other factors complicating operations in the AANDC context, as identified in the Corporate Risk Profile, are challenges related to the availability of timely, pertinent, consistent, and accurate information and second, the need to attract, recruit and retain sufficiently qualified experienced and representative human resources. Given this context, the plan was crafted to allow flexibility to respond to changes and emerging risks. The plan identifies resources to address unplanned AANDC or government-wide priorities and to fully support the OCG’s general requirements for government-wide audit activity.

Audit and Assurance Services Branch is in a rebuilding phase seeking to strengthen its internal staff capacity and capability. The audit community continues to face a shortage of qualified staff. In response, AASB has adopted a team approach where internal resources are supplemented with qualified contractors. This approach not only allows AASB to access required capability from the external community, it also facilitates transfer of knowledge and skills to internal resources thereby building internal capacity. To enable this team approach, AASB requires access to efficient contracting vehicles and efficient contracting services.

Audit and Assurance Services Branch will mitigate these challenges by ensuring that senior management closely monitors progress against the three-year plan and takes timely action to resolve any issues that arise. AASB will provide an update to the Audit Committee at each of its meetings on the progress it is making implementing the plan, any challenges it is facing in doing so, and the actions being taken to manage these challenges.

Return to Table of Contents 





Resource Considerations

This section presents the resource requirements of all internal audit activities planned for 2011-2012. Projects actually undertaken will depend on the availability of financial and human resources. The estimated resource requirements for small, medium, and large projects have been updated to reflect current forecasts and are consistent with the results of historical project cost analysis presented to Audit Committee in 2010-2011. This approach has proven to be the most accurate basis of forecasting costs. All AANDC program activities and internal services operate under challenging business conditions that can only be completely understood once audit planning is completed. Prior to the planning process, it is not possible to accurately forecast resource requirements for each project.

Audit and Assurance Services Branch assurance activities represent over 80% of branch resource requirements. Other internal audit activities which include monitoring of action plans from past audits, administration, annual audit planning, quality assurance and improvement, reporting, learning and development, as well as liaison with OAG and other external assurance providers represents 12%. The remainder is allocated to management assurance requests and emerging priorities.

The Three-Year Plan identifies that, on average, 11 audit projects will be carried out on an annual basis.  This number has decreased slightly from earlier plans and reflects the capacity of the organization and its partners and the inclusion of some larger audits.

Resource Considerations

Resource Considerations

Resource Considerations - Pie Chart

The chart illustrates the resource allocations for all internal audit activities planned for 2011-2012. The resource requirements are as follows:

Resource Requirements

Based on the cost assumptions in Appendix F in terms of the planned audits for 2011-2012, the resource requirements are summarized in the same annex. The dollar and staff resource requirements presented below are aligned with current budget forecasts.

While the level of effort and costs will vary from project to project, it is our professional opinion that this level of resourcing is adequate to achieve the plan.

Return to Table of Contents 





Appendix A - AANDC Audit Universe

Auditable Units Planned Audit Ranking
Departmental Programs
First Nations Child and Family Services Audit of the Implementation of Child and Family Services Prevention Focused Approach (2011-12) Very High
Elementary and Secondary Education Audit of Elementary and Secondary Schools (2013-14)

Post Implementation Audit of Education Information System (2013-14)
Very High
Income Assistance Audit of Income Assistance (2012-13) Very High
Registration and Membership System Under Development Audit of Indian Registry System (ongoing) Very High
Environmental Management Audit of Environmental Management and Contaminated Sites - South of 60 (2011-12) Very High
Implementation of Modern-Treaty Obligations Preliminary Survey of Implementation  of Modern Treaty Obligations and and Self-Government (2012-13) Very High
Negotiations of Claims and Self-Government Audit of Exceptional Contracting Limits Authority (2011-12)

Audit of Management of Negotiation Loans (2012-13)

Preliminary Survey of Implementation of Modern Treaty Obligations and Self-Government (2012-13)
Very High
Activation of Community Assets Audit of Community focused Economic Development Programming (2013-14) Very High
Community Infrastructure Assets and Facilities Audit of Infrastructure (ongoing) Very High
Specific Claims Audit of AANDC Support to the Specific Claims Process (2012-13) High
Independent Assessment Process Audit of AANDC and Adjudication Secretariat Support to the Independent Assessment Process (2011-12) High
Post-Secondary Education Audit of Post-Secondary Education (2012-13) High
First Nations Government Audit of Capacity Development Programs (2013-14) High
Water and Wastewater Infrastructure Audit of Infrastructure (ongoing) High
Housing Audit of Infrastructure (ongoing)

Audit of Housing Certification and Ministerial Loan Guarantee Processes (2012-13)
High
Northern Contaminated Sites Audit of Northern Contaminated Sites (2012-13) High
Aboriginal Entrepreneurship The program is undergoing a major redesign and will be reassessed at a later date. High
Nutrition North Audit of Nutrition North (2013-14) High
Management of Moneys Audit of Management of Moneys (2013-14) High
Registration of Rights and Interests in Reserve Lands Preliminary Survey of Lands Management (2012-13) High
Additions to Reserve Preliminary Survey of Additions to Reserves   (2011-12) High
Northern Oil and Gas Preliminary Survey of Northern Oil and Gas (2013-14) High
Education Facilities Audit of Infrastructure (ongoing) Moderate
Estate Management Audit of Management of Moneys (2013-14) Moderate
Strategic Federal Investments and Partnerships (Economy)   Moderate
Management of Treaty Relationships   Moderate
Family Violence Prevention   Moderate
Science Initiatives   Moderate
Assisted Living   Moderate
Consultation and Engagement   Moderate
Métis Rights Management   Moderate
National Child Benefit Reinvestment   Moderate
Northern Political Development and Government Relations   Moderate
Northern Mines and Minerals   Moderate
Northern Land and Water  Management   Moderate
Institutions and Organizations (including Representative Organizations)   Moderate
Urban Aboriginal Strategy   Moderate
Common Experience Payments   Moderate
Northern Environmental Management   Moderate
Clarity of Reserve Boundaries (land surveys)   Moderate
Commemoration   Moderate
Climate Change Adaptation   Moderate
First Nation and Inuit Youth Employment Strategy   Low
Northern Contaminants (research)   Low
Management of Other Negotiated Settlements   Low
Métis and non-status Indian Organizational Capacity Development (Representative Organizations)   Low
Inuit Relations   Low
Renewable Energy and Energy Efficiency   Low
Treaty Annuities Audit of Management of Moneys (2013-14) Low
Cultural Education Centres   Low
Support to the Truth and Reconciliation Commission   Low
 
Auditable Units Planned Audit Ranking
Internal Services
Information Management Preliminary Survey of IM/IT Governance (ongoing) Very High
Grants and Contributions Controls AANDC Horizontal Audit of the Management Control Framework Grants and Contributions (2011-12)

OCG Horizontal Audit  of G&C's MCF Phase 2 (2013-14)

AANDC Horizontal Audit of the Management Control Framework Grants and Contributions (2013-14)
Very High
Expenditure Management Audit of Exceptional Contracting Limits Authority (2011-12)

Audit of Contracting (2011-2012)

Audit of Acquisition Cards, Travel, Hospitality, Taxis and Conferences (2011-12)
Very High
Information Technology Post Implementation Audit of Education Information System (2013-14) High
Financial Planning and Budgeting Audit of Financial Budgeting and Forecasting (2012-13) High
External Reporting Audit of Financial Reporting (2013-14) High
IM/IT Security Audit of Information Technology Security (2013-14) High
Strategic Policy Development Audit of the Management of the Strategic Policy Process (2012-13) High
Organizational Design and Classification Audit of the Delegation of Authorities, Organizational Design and Classification (2012-2013) High
IM/IT Governance Preliminary Survey of IM/IT Governance (ongoing) High
Litigation Management Preliminary Survey of Litigation Management  (ongoing) High
Compensation and Benefits Follow up Audit of AANDC Implementation of Government of Canada Payroll Interface (2012-13) High
Human Resources Staffing and Planning Not covered due to planned PSC audits High
Strategic and Business Planning   Moderate
Complaints and Allegations   Moderate
ATIP Management   Moderate
Risk Management   Moderate
Corporate Security   Moderate
Learning and Development   Moderate
Occupational Health and Safety   Moderate
Values and Ethics   Moderate
Loans and Accounts Receivable   Moderate
Assets and Property Management   Moderate
Continuity of Operations Audit of Business Continuity Planning (Continuity of Operations) (ongoing) Moderate
Communication   Moderate
Labour Relations   Low
Revenues   Low
Official Languages   Low
Accommodations   Low
Library and Information Centre   Low
Legal Services   Not Rated
Audit and Evaluation   Not Rated


Return to Table of Contents 





Appendix B - Linkage of 2011-2012 Audits to the Corporate Risk Profile

2011-2012 Audit Projects HR Capacity & Capabilities Information for Decision Making Implementation Resource Alignment Federal Partnership Aboriginal Relationship External Partnership Legal Risk
Ongoing 
System Under Development Audit of the Indian Registry System   X X     X   X
Audit of Infrastructure     X X X   X  
Audit of the Delegation of Authorities, Organizational Design and Classification X              
Audit of Business Continuity Planning X       X   X X
Preliminary Survey of IM/IT Governance     X X        
Preliminary Survey of Litigation Management   X           X
Management Practices Audit-Alberta Region X X     X      
Management Practices Audit-Atlantic Region X X     X      
Management Practices Audit-Manitoba Region X X     X      
Management Practices Audit-Ontario Region X X     X      
2011-12 Projects 
Audit of the Implementation of Child and Family Services Prevention Focused Approach     X X   X X X
Management Control Framework Grants and Contributions – AANDC Horizontal Audit       X X X X  
Audit of Environmental Management and Contaminated Sites – South of 60     X   X X X X
Audit of Contracting       X        
Audit of Exceptional Contracting Limits Authority       X        
Audit of Acquisition Cards, Travel, Hospitality, Taxis and Conferences       X        
Audit of AANDC and Adjudication Secretariat Support  to the Independent Assessment Process     X   X     X
OCG Audit of Management of Horizontal Issues (OCG - Led)       X X      
Preliminary Survey of Additions to Reserves     X     X   X
Audit of Secure Certificate Information System - Expenditure Management   X   X        
Management Practices Audit-British Columbia Region X X       X    
Management Practices Audit-Yukon Region X X     X      
Management Practices Audit-North West Territories Region X X     X      
Management Practices Audit-Nunavut Region X X     X      
Management Practices Audit-Quebec Region X X       X    
Management Practices Audit-Northern Affairs Organization X X       X    


Return to Table of Contents 





Appendix C - Linkage of 2011-2012 Audits to MAF Elements

2011-2012 Audit Projects Values-based Leadership and Organizational Culture Managing for Results Governance and Planning Citizen-focused Service Effectiveness of Internal Audit Function (1) Quality and Use of Evaluation (1) Effectiveness of Financial Management and Control Effective Management of Security
Ongoing    Note (1) – These 2 Areas of MAF are the responsibility of the CAEE and therefore were not considered in the RBAP.
System Under Development Audit of the Indian Registry System       X        
Audit of Infrastructure             X  
Audit of the Delegation of Authorities, Organizational Design and Classification X           X  
Audit of Business Continuity Planning   X X         X
Preliminary Survey of IM/IT Governance     X          
Preliminary Survey of Litigation Management     X          
Management Practices Audit  - Alberta Region X X X X     X  
Management Practices Audit  - Atlantic Region X X X X     X  
Management Practices Audit  - Manitoba Region X X X X     X  
Management Practices Audit  - Ontario Region X X X X     X  
2011-12 Projects
Audit of the Implementation of Child and Family Services Prevention Focused Approach       X     X  
Management Control Framework Grants and Contributions - AANDC Horizontal Audit   X X X     X  
Audit of Environmental Management and Contaminated Sites - South of 60             X  
Audit of Contracting             X  
Audit of Exceptional Contract Limits Authority             X  
Audit of Acquisition Cards, Travel, Hospitality, Taxis and Conferences X           X  
Audit of AANDC and Adjudication Secretariat Support to the Independent Assessment Process   X X       X  
Audit of Secure Certificate Information System - Expenditure Management             X  
OCG Audit of Management of Horizontal Issues   X X          
Preliminary Survey of Additions to Reserves       X        
Management Practices Audit - British Columbia Region X X X X     X  
Management Practices Audit - Yukon Region X X X X     X  
Management Practices Audit - North West Territories Region X X X X     X  
Management Practices Audit - Nunavut Region X X X X     X  
Management Practices Audit - Quebec Region X X X X     X  
Management Practices Audit - Northern Affairs Organization X X X X     X  
 
2011-2012 Audit Projects Integrated Risk Management Excellence in People Management Effective Procurement Effectiveness of Information Management Effectiveness of Information Technology Management Effectiveness of Asset Management Investment Planning and Management of Projects
Ongoing    Note (1) – These 2 Areas of MAF are the responsibility of the CAEE and therefore were not considered in the RBAP.
System Under Development Audit of the Indian Registry System X     X      
Audit of Infrastructure           X  
Audit of the Delegation of Authorities, Organizational Design and Classification X X       X  
Audit of Business Continuity Planning X       X X  
Preliminary Survey of IM/IT Governance X     X X   X
Preliminary Survey of Litigation Management X            
Management Practices Audit  - Alberta Region X X X        
Management Practices Audit  - Atlantic Region X X X        
Management Practices Audit  - Manitoba Region X X X        
Management Practices Audit  - Ontario Region X X X        
2011-12 Projects
Audit of the Implementation of Child and Family Services Prevention Focused Approach              
Management Control Framework Grants and Contributions - AANDC Horizontal Audit              
Audit of Environmental Management and Contaminated Sites - South of 60 X            
Audit of Contracting X   X        
Audit of Exceptional Contract Limits Authority X   X        
Audit of Acquisition Cards, Travel, Hospitality, Taxis and Conferences X   X        
Audit of AANDC and Adjudication Secretariat Support to the Independent Assessment Process              
Audit of Secure Certificate Information System - Expenditure Management X   X        
OCG Audit of Management of Horizontal Issues             X
Preliminary Survey of Additions to Reserves              
Management Practices Audit - British Columbia Region X X X        
Management Practices Audit - Yukon Region X X X        
Management Practices Audit - North West Territories Region X X X        
Management Practices Audit - Nunavut Region X X X        
Management Practices Audit - Quebec Region X X X        
Management Practices Audit - Northern Affairs Organization X X X        


Return to Table of Contents 





Appendix D - 2011-2012 Audit Projects

The more detailed audit plan for 2011-2012 is presented below with each project described in terms of its objective, scope and rationale.

Audit Objective and Scope Rationale for Conduct
Audit of the Implementation of Child and Family Services Prevention Focused Approach Very High
The objective of this audit is to assess the adequacy and effectiveness of the controls supporting the implementation of the prevention-focused approach within the First Nations Child and Family Services (FNCFS) Program. The new prevention model is being implemented in First Nations communities in five provinces, covering nearly half of the First Nations children in Canada.

The scope of the audit will include the management controls that support the implementation, delivery and monitoring of prevention-focused FNCFS programming in the AANDC regions where implementation is underway.  The type of audit testing performed in each of the five regions will be determined during the planning phase and will be dependent on the extent to which prevention focused programming is implemented in each region. The proposed scope will include MAF and Core Management Control elements that ensure effective governance, risk management, stewardship, and accountability related to the FNCFS program.
Maps to Program Activity Architecture
  • Strategic Outcome: The People
  • Activity: Social Development
  • Sub-Activity: First Nations Child and Family Services

Maps to Corporate Risk Profile
  • Implementation
  • Resource Alignment
  • Aboriginal Relationship
  • External Partnership
  • Legal

The First Nations Child and Family Services (FNCFS) Program assists First Nations in providing access to culturally sensitive child and family services in their communities, and ensures that the services provided to First Nations children and their families on-reserve are comparable to those available to other provincial residents in similar circumstances. Programming is material (over $500 million), highly visible and extremely sensitive. The delivery model is complex and includes a variety of third party partners, participants and agreements.

The shift to the Prevention Focused Approach has resulted in significant new investments by the department and a change in programming focus. A recent departmental evaluation in one Region has indicated a number of issues that need to be resolved. This audit will provide assurance to management and others that the new prevention focused programming is being implemented in accordance with the department's authorities and commitments.
Management Control Framework Grants and Contributions - AANDC Horizontal Audit Very High
The objective of this audit is to assess the adequacy and effectiveness of selected controls in AANDC's management Grants and Contributions Management Control Framework, as well as compliance with the Policy on Transfer Payments (2008).

The scope of this audit will be determined during the planning phase and will include a selection of management practices and controls that ensure the efficiency and effectiveness of the implementation of Grants and Contributions within the department. The scope will be designed to build upon the findings of audits undertaken by the department in prior years. In assessing the adequacy and effectiveness of the selected controls, the audit will look horizontally at their application across a selection of programs and regions.
Maps to Program Activity Architecture
  • Strategic Outcome: Internal Services
  • Activity: Resource Management Services

Maps to Corporate Risk Profile
  • Resource Alignment
  • Federal Partnership
  • Aboriginal Relationship
  • External Partnership

Grants and Contributions are the primary vehicles through which AANDC programming is delivered. In addition to being financially material (over $6 billion), the Comptroller General and Treasury Board place emphasis on improving the effectiveness of transfer payment controls through the introduction of risk-based approaches and increased consideration of the demands on recipients.

AANDC continues to implement the 2008 Policy on Transfer Payments, in particular those provisions which came into effect on April 1, 2010. Several large programs have introduced risk-based program control frameworks and the CFO Sector is finalizing the AANDC Grant and Contribution Management Control Framework to formalize and improve transfer payment management controls.
Audit of Environmental Management and Contaminated Sites - South of 60 Very High
The objective of this audit is to provide assurance over the adequacy and effectiveness of the management controls established to ensure that the department's responsibilities related to environmental management and contaminated sites (south of 60th parallel), are being met.

The scope of the audit will include the management practices and controls that ensure compliance with relevant legislation, regulations, guidelines and policies. The audit will most likely include a focus on how AANDC works with other federal departments and levels of government that have jurisdiction over environmental matters on reserve. The scope will also likely include those controls for identifying and assessing contaminated sites on First Nation lands south of 60th parallel.

The specific regions and program activities to be included within the scope of this audit will be determined during the planning phase.
Maps to Program Activity Architecture
  • Strategic Outcome: Land and Economy
  • Activity: Federal Administration of Reserve Land
  • Sub-Activity: Environmental Management

Maps to Corporate Risk Profile
  • Implementation
  • Federal Partnership
  • Aboriginal Relationship
  • External Partnership
  • Legal Risk

One of AANDC's legislated responsibilities and continued priorities is sound environmental management and conservation of Canada's natural resources on reserve. Federal environmental acts, regulations, guidelines and policies demonstrate the government's determination to be a leader in these domains and to ensure that the actions of federal departments are exemplary. Over the last few years, there have been significant changes to the environmental legislative and regulatory frameworks in which federal organizations operate.

The environmental management and contaminated sites programs are highly visible and are inherently high risk due to their complexity, magnitude of potential impacts, liability issues and degree of recent change. While past Auditor General reports indicate that progress is being made South of 60, recent reallocations of funds to sites North of 60 have resulted in concern around resource levels available for South of 60 sites. As well, the OAG has cited AANDC and Environment Canada as having significant control gaps in meeting on-reserve environmental management obligations.
Audit of Contracting (including Exceptional Contracting Limits Authority)  Very High
The objective of this audit is to provide assurance over the adequacy and effectiveness of the controls in place to support the effective and efficient management and processing of goods and services contracts, including compliance with the Financial Administration Act and Government of Canada and AANDC policies, procedures and guidelines.

The scope of the audit will include contracting processes for procuring service and goods, and include special authorities related to exceptional contracting limits authority. The audit will likely focus on CFO Branch, Sector, and Regional controls for entering into and managing the various contracting processes (i.e. low-dollar contracts, sole-source contracts, competitive contracts, and larger Standing Offers and Supply Arrangements). The audit may include focus on controls in place to support the implementation of the Procurement Strategy for Aboriginal Business.

The focus of this audit will be on Core Management Controls related to governance, stewardship, accountability and Treasury Board requirements related to contracting and procurement.

The scope of this audit will be finalized during the planning phase of the audit.
Maps to Program Activity Architecture
  • Strategic Outcome: Internal Services
  • Activity: Resource Management Services

Maps to Corporate Risk Profile
  • Resource Alignment

Contracting is financially material given the magnitude of services contracts procured, particularly within certain Sectors located in Headquarters. The Government and Canadians are very sensitive to the importance of respecting the principles of fairness and integrity in the letting of contracts and this function can be subject to intense public scrutiny. The timeliness of contracting processes remain a challenge in the department, particularly for those functions that place heavy reliance on procuring technology and services to deliver on their commitments.

Prior internal and OAG audits have raised concerns in the area of contracting and the CFO Sector plans to review its contracting processes in the coming year.
Audit of Acquisition Cards, Travel, Hospitality, Taxis and Conferences Very High
The objective of this audit is to provide assurance over the adequacy and effectiveness of the management controls supporting the use and management of acquisition cards and the procurement of travel, hospitality, taxis and conferences, including compliance with legislation and Government of Canada and AANDC policies, procedures and guidelines.

The proposed scope will include MAF and Core Management Control elements that ensure effective governance, risk management, stewardship and accountability related to acquisition cards, travel, hospitality, taxis and conferences.
Maps to Program Activity Architecture
  • Strategic Outcome: Internal Services
  • Activity: Resource Management Services

Maps to Corporate Risk Profile
  • Resource Alignment

Departmental expenditures on acquisition cards, travel, hospitality, taxis and conferences are subject to strict policy requirements and by their nature, subject to government and public scrutiny.

The Government of Canada recently announced the new Directive on the Management of Expenditures on Travel, Hospitality and Conferences to ensure that the costs of travel, hospitality and conferences are reasonable and tied to Government priorities.
Audit of AANDC and Adjudication Secretariat Support to the Independent Assessment Process High
The objective of this audit is to provide assurance on the adequacy and effectiveness of the management controls of both AANDC and Indian Residential Schools Adjudication Secretariat (IRSAS) in meeting their obligations to support to the Independent Assessment Process.

The scope of the audit will include the responsibilities of AANDC and IRSAS to support the Independent Assessment Process (IAP) and the Chief Adjudicator. The proposed scope will include MAF and Core Management Control elements that ensure effective governance, risk management, stewardship, and accountability related to support to the IAP.

The scope will not include those aspects of the independent alternative dispute resolution processes within the Independent Assessment Process that are administered under the direction of the Chief Adjudicator, and appointee of the Oversight Committee (formed of representatives of the parties to the Indian Residential Schools Settlement Agreement).
Maps to Program Activity Architecture
  • Strategic Outcome: The People
  • Activity: Residential Schools Resolution
  • Sub-Activity: Independent Assessment Process

Maps to Corporate Risk Profile
  • Implementation
  • Federal Partnership
  • Legal Risk

This is a very significant program, both in terms of importance and the magnitude of financial payments (estimated at over $600M). Risk is inherently high given the speed at which the processes and organizational capacity must be developed and fully operational. Actual volumes of claims cannot be reasonably predicted which makes it difficult to plan for and respond to demands on short notice, particularly given the imposed deadlines for receipt of claims (2012-13) and processing of claims (2013-14). Processes have been streamlined considerably to improve efficiency of processing, yet AANDC and IRSAS are highly dependent on Adjudicators to achieve efficiency and timeliness of processing.
Preliminary Survey of Implementation of Modern Treaty Obligations and Additions to Reserves Very High
The objective of the preliminary survey is to document the programs activities and risks and recommend objectives and priorities for a future audit of one or more aspects of these programs. The survey will be exploratory and focus on gaining an understanding of management controls supporting the implementation of comprehensive claims, self-government agreements, and other modern treaties. The survey will also explore the relationship between claims implementation processes and the additions to reserves processes. Maps to Program Activity Architecture
  • Strategic Outcome: The Government
  • Activity: Treaty Management
  • Strategic Outcome: The Land and Economy
  • Activity: Federal Administration of Reserve Land

     
Maps to Corporate Risk Profile
  • Implementation
  • Aboriginal Relationship
  • Legal Risk

These programs are highly complex due to the magnitude and many facets of settled claims and self-government agreements. Successful implementation of these modern treaty obligations requires a high degree of knowledge and skill sets to negotiate implementation agreements and implement agreed upon program activities. To accomplish this, in-depth understanding of both the settlements and related programming are required. These program activities are significant in AANDC's efforts to move forward the Aboriginal agenda from Indian Act into own governance.

There is significant downstream uncertainty and risk associated with estimating costs and timelines of implementation. Legal risk could be high if Canada fails to meet its obligations.

No recent audits have been completed by Audit and Assurance Services Branch in these program areas.


Return to Table of Contents 





Appendix E - Changes to the Audit Plan

Ongoing Audits

The resource implications of audit projects that began in 2010-2011 but were not completed within that period are identified below as ongoing audits from the 2010-2011 Plan.

2010-2011 Ongoing Audits Expected Completion Date
Audit of Infrastructure Q1 2011-2012
System Under Development Audit of Indian Registry System Q2 2011-2012
Audit of the Delegation of Authorities, Organizational Design and Classification Q3 2011-2012
Audit of Business Continuity Planning Q1 2011-2012
Preliminary Survey of IM/IT Governance (previously scoped as audit) Q1 2011-2012
Preliminary Survey of Litigation Management Q2 2011-2012

Changes made in November 2011 related to the current RBAP (2011-2014)

Name of the Project Rationale for Change
Audit of SCIS – Expenditure Management was added to our RBAP The audit of SCIS Expenditure Management was initiated at the request of management. The objective of this audit was to provide assurance that a sound control framework is in place to manage expenditures in accordance with relevant policies
Audit of Contracting (incl. Exceptional Contracting Limits for CFN contracts) was divided into two separate audit projects:

  • Audit of Exceptional Contracting Limits Authority

  • Audit of Contracting
During the planning phase of this project, we came to the conclusion that the purpose and the processes related to the exceptional contracting are quite different than the regular contracting activities. As a result, the decision was taken to do two separate audits: an Audit of Exceptional Contracting Limits Authority and an Audit of Contracting
Preliminary survey of Modern Treaty and Additions to Reserves was divided into two separate preliminary surveys:

  • Modern Treaty and Self-Government

  • Additions to Reserves
During our planning discussion we noticed that there are limited linkages between Modern Treaty and Additions to Reserves. The Audit Committee decided to undertake two separate surveys: a preliminary survey of Modern Treaty and Self-Government and a preliminary survey of Additions to Reserves.
Audit of Delegation of Authorities, Organizational Design and Classification (deferred) This audit was deferred by a few months at the request of management due to organizational change within the auditable entity. The work on this audit project will resume in January 2012 and this audit project will be completed in 2012-2013
OCG Horizontal Audit of Information Management (cancelled) AANDC was not scoped in by the OCG on this horizontal audit.
Management Practices Audits Four management practices audits (Alberta Region, Atlantic Region, Manitoba Region and Ontario Region) that were launched and completed in 2010-2011 were not included in the final version of the 2011-2012 Annual update as the audit methodology was not finalized

Six management practices audits were identified as high priority for the department in 2011-2012. They are: British Columbia region, Northern Affairs Organization, Nunavut region, Northwest Territories region, Québec region, and Yukon region (management request).

Removed or Carry-Forward Audits

In light of last year's activities and the results of this year's risk assessment and prioritization exercise, the table below identifies any changes. A complete analysis of all the changes from the 2010-2011 to 2012-2013 plan is reflected below.

Removed or Carry-Forward Audits
Audit Name and year planned Rationale
Review of Performance Measurement System for Education (2010-11) This audit was deferred to 2013-2014 to allow for further development and implementation of the system.
Audit of Band Classification (2010-11) This audit was removed because it may be covered in the Audit of Capacity Development Programs in 2013-14.
Audit of Family Violence Prevention Program (2010-11) This audit was replaced with a Preliminary Survey in 2010-2011 at the request of the Departmental Audit Committee
Audit of Income Assistance (2011-12) This audit was deferred to 2012-13 to allow program to implement planned changes
Audit of Specific Claims (2011-12) This audit was deferred to 2012-2013 to allow for implementation of the Specific Claims Tribunal operations
Audit of Negotiation Loans (2011-12) This audit was deferred to 2012-2013 and replaced with the Audit of Management of Negotiation Loans
Audit of Funding for Implementation (2011-12) This audit was removed from the plan and will be covered under the Preliminary Survey of Implementation of Modern Treaty Obligations & Additions to Reserves in 2011-2012
Audit of AANDC Emergency Response Capability (2011-12) This audit was removed from the plan as the auditable entity was identified as low audit priority
OCG Horizontal Audit of Information Management (2011-12) AANDC was not scoped in by the OCG on this horizontal audit. 
Audit of Consultation and Accommodation (2011-12) This audit was removed from the plan as the auditable entity was identified as low audit priority
Audit of OASIS (2011-12) The audit was removed from the plan until determination is made as to whether the system will be replaced
Audit of Data Warehouse (2011-12) This audit was removed from the plan as departmental IT priorities have changed
Audit of Financial Planning and Budgeting (2011-12) This audit was deferred to 2012-2013 and renamed Audit of Financial Reporting to allow for implementation of planned process changes
Audit of Performance Measurement and Reporting(2011-12) This audit was removed from the plan as the auditable entity was identified as low audit priority
Audit of Lands Management (2012-13) This audit was revised to a Preliminary Survey in 2012-2013 to better scope the project
Audit of Economic Development (2012-13) The audit was deferred to 2013-2014 to allow for program restructuring and renamed Audit of Community focused Economic Development Programming
Audit of Indian Government Support (2012-13) This audit was removed from the plan as it may be covered under the Audit of Capacity Development Programs in 2013-2014
Audit of Natural Resources (2012-13) This audit was removed from the plan as the auditable entity was identified as low audit priority
Audit of Human Resource Planning (2012-13) This audit was removed from the plan due to coverage provided in other audits and Management Practices Audits
Audit of Advertised Appointments (2012-13) This audit was removed from the plan due to coverage provided in PSC Audits of Advertised Appointments
Audit of IT Security (2012-13) This audit was deferred to 2013-2014 to allow for higher priority audits
Audit of Occupational Health and Safety  (2012-13) This audit was removed from the plan as the auditable entity was identified as low audit priority
Audit of Learning and Development (2012-13) This audit was removed from the plan as the auditable entity was identified as low audit priority
Audit of Integrated Planning (2012-13) This audit was removed from the plan to allow for the further development of the strategic planning process in the department
Audit of Strategic Policy and Planning (2012-13) This audit was renamed Audit of the Management of the Strategic Policy Process


Return to Table of Contents 





Appendix F - Resource Utilization

Cost Assumptions

For purposes of identifying initial resource requirements, AASB has assumed, based on experience, that its average portfolio is comprised of large, medium, and small audit engagements as well as preliminary surveys. The anticipated direct and indirect costs of these projects in 2011-2012 are detailed below.

Cost Assumptions
Cost Factors Large Audit Medium Small Audit or
Preliminary Survey
Contract Dollars $275,000  $180,000  $95,000
FTEs 2 1.5 1
FTE Costs  $150,000 $112,500 $75,000
Travel and Other $40,000 $30,000 $13,000


Resource Utilization

Resource Utilization
Audits and Preliminary Surveys To Complete
in 2011-2012
FTE Contract $ FTEs Travel &
Other $
Total
Audit of Infrastructure (ongoing) 15% 0.3 $41,000 $23,000 $6,000 $70,000
System Under Development Audit of the Indian Registration System (ongoing) 40% 0.8 $110,000 $60,000 $16,000 $186,000
Audit of Business Continuity Planning (ongoing) 25% 0.5 $69,000 $38,000 $10,000 $117,000
Preliminary Survey of IM/IT Governance (ongoing) 25% 0.25 $24,000 $19,000 $3,000 $46,000
Preliminary Survey of Litigation Management (ongoing) 40% 0.4 $38,000 $30,000 $5,000 $73,000
AANDC Horizontal Audit of the Management Control Framework Grants and Contributions 75% 1.5 $206,250 $112,500 $30,000 $348,750
Audit of Acquisition Cards, Travel, Hospitality, Taxis and Conferences 60% 0.54 $97,200 $61,200 $16,200 $174,600
Audit of the Implementation of Child and Family Services Prevention Focused Approach 50% 1 $137,500 $75,000 $20,000 $232,500
Audit of Contracting 100% 2 $275,000 $150,000 $40,000 $465.000
Audit of Exceptional Contracting Limits Authority 100% 1 $95,000 $75,000 $13,000 $183.000
Audit of Environmental Management & Contaminated Sites - South of 60 100% 2 $275,000 $150,000 $40,000 $465,000
Audit of AANDC and Adjudication Secretariat Support to the Independent Assessment Process 100% 2 $275,000 $150,000 $40,000 $465,000
Preliminary Survey of Implementation of Additions to Reserves 100% 1 $95,000 $75,000 $13,000 $183,000
Audit of Secure Certificate Information System – expenditure management 100% 2 $275,000 $150,000 $40,000 $465,000
OCG Audit of Management of Horizontal Issues (OCG- led) 50% 0.5 $47,500 $37,500 $6,500 $91,500
Management Practices Audit - British Columbia Region 100% 1 $95,000 $75,000 $13,000 $183,000
Management Practices Audit – Yukon Region 100% 1 $95,000 $75,000 $13,000 $183,000
Management Practices Audit – Northern Affairs Organization 100% 1 $95,000 $75,000 $13,000 $183,000
Management Practices Audit - Québec Region 100% 1 $95,000 $75,000 $13,000 $183,000
Management Practices Audit - North-West Territories Region 100% 1 $95,000 $75,000 $13,000 $183,000
Management Practices Audit- Nunavut Region 100% 1 $95,000 $75,000 $13,000 $183,000
Other            
Monitoring of action plans from past audits 100% 0.5 $0 $38,000 $0 $38,000
Administration 100% 0.5 $0 $38,000 $0 $38,000
Audit Committee Secretariat 100% 0.5 $0 $38,000 $0 $38,000
Annual Risk-Based Audit Planning 100% 0.5 $0 $38,000 $0 $38,000
Quality Assurance & Improvement Program 100% 0.5 $0 $38,000 $0 $38,000
Annual Report of the CAE  100% 0.25 $0 $19,000 $0 $19,000
Learning & Development 100% 1.47 $0 $110,000 $11,000 $121,000
Liaison on External Audit activities 100% 3 $0 $225,000 $0 $225,000
Management Requests and Emerging Priorities 100% 0.5 $99,000 $0 $0 $99,000
Grand Total   29.51 $2,729,450 $2,200,200 $387,700 $5,317,300


Return to Table of Contents 





Footnotes:

  1. Four Management Practices Audits were launched and completed in Q4. Note that they were not included in the final version of 2011-2012 Annual update of the 3 years plan as the audit methodology was not finalized. (return to source paragraph)

 
 
Date modified: