Internal Audit Charter
Elections Canada's Internal Audit Charter has been revised and updated as part of a regular review process and in response to the revised Treasury Board (TB) Policy Suite on Internal Audit, which became effective on July 1, 2009.
2. Effective Date
This Charter takes effect on June 25, 2010. It replaces the Internal Audit Charter of January 2009.
3. Mission, Responsibility and Scope of the Internal Audit Function
The mission of the internal audit function is to provide independent and objective assurance services designed to add value to and improve Elections Canada's operations. It helps the agency accomplish its objectives by bringing a systematic, disciplined approach to evaluating and improving the effectiveness of:
- risk management strategies and practices
- management control frameworks, systems and practices
- governance processes
Given the size, risk profile and resources of Elections Canada, it has been decided not to appoint a full-time Chief Audit Executive (CAE). Instead, the duties and responsibilities of the CAE have been assigned to the Chief Financial Officer (CFO), with due provision for dealing with any conflicts that might arise.
The Chief Electoral Officer and senior management are responsible for ensuring that management controls are effective to promote achievement of goals and to mitigate risks. The internal audit function is an important means to assist the Chief Electoral Officer and senior management to discharge this responsibility.
Internal Audit will conduct selected examinations of activities that are judged to be higher risk or where the Chief Electoral Officer requires added assurance that controls are effective.
The scope of work of the internal audit function is to determine whether the agency's network of risk management, control and governance processes, as designed and represented by management, is adequate given the agency's size, risk and resources and whether these processes achieve their objectives.
When opportunities for improving management control, sound resource stewardship and the agency's image are identified during audits, they will be communicated to the appropriate level of management.
4. Legislative and Policy Authorities
The Charter has taken into account the requirements of sections 16.1 and 16.2 of the Financial Administration Act, which require the Chief Electoral Officer to ensure that the agency has internal audit capacity appropriate to its needs and to establish an audit committee in accordance with directives issued by the Treasury Board.
The Charter also ensures compliance with the TB Policy Suite on Internal Audit. Section 2.3 of the policy provides that deputy heads of agents of Parliament may authorize any departures from specific policy requirements that they deem appropriate in light of the governance arrangements, statutory mandate and risk profile of the organization. The Office of the Chief Electoral Officer complies with the principles of the TB Policy Suite on Internal Audit. However, the Chief Electoral Officer has authorized the following departures to preserve the independence of Elections Canada as an agent of Parliament:
- The internal audit plan does not necessarily address risks or incorporate audits that may be identified by the Office of the Comptroller General (OCG) as part of government-wide or sectoral coverage.1
- While it uses the results of internal audits directed, led and/or performed by the OCG as part of the information gathered during the preparation of the internal audit plan, Elections Canada does not necessarily have to ensure that its internal audit plan appropriately addresses horizontal risks identified by the OCG.2
- The minister is not briefed periodically on significant matters arising from the work of internal audit or the Audit Committee. In addition, the minister is not offered the opportunity to meet with the Audit Committee at least once a year to discuss its annual report or any significant concerns that may be raised therein or that may otherwise arise.3
- Access to departmental information and employees, and support during audits by the OCG, is not required.4
- Elections Canada does not make the Audit Committee's annual report available to the OCG.5 However, it is posted on the Elections Canada Web site.
- Internal audit reports are not submitted to the OCG. However, they are posted on the Elections Canada Web site.6
The CAE and staff of the internal audit function are responsible for:
- Developing a flexible annual audit plan using appropriate risk-based methodology; the plan is designed to:
- consider the input of senior management of the agency and the Audit Committee
- include any risks or control concerns identified by management or external auditors
- include, where appropriate, internal audits identified by the OCG as part of government-wide coverage, including fundamental controls and selected horizontal audits
- be focused primarily on providing assurance services, with other services being provided on an exceptional basis only
- be submitted to the Audit Committee for review and recommendation, and submitted to the Chief Electoral Officer for approval
- consider the input of senior management of the agency and the Audit Committee
- Implementing the annual audit plan, as approved, including, and as appropriate, any special tasks or projects requested by the deputy head or the Audit Committee.
- Communicating the plan of engagements and resource requirements for the internal audit function, including significant interim changes and the impact of resource limitations, to the Chief Electoral Officer and the Audit Committee.
- Ensuring that internal audit resources are appropriate, sufficient and effectively deployed to achieve the approved plan.
- Ensuring the timely completion of internal auditing engagements and that reports are provided to the Audit Committee with a minimum of delay.
- Maintaining a professional audit staff with sufficient knowledge, skills, experience and professional certifications to meet the requirements of this Charter, as well as opportunities for sufficient training and development to maintain and develop their internal auditing competence.
- Establishing appropriate policies and procedures to guide the internal audit function.
- Developing and maintaining a quality assurance and improvement program.
- In collaboration with the Audit Committee, ensuring that a practice inspection or other external review of the internal audit function is conducted periodically by a qualified, independent reviewer or external review team and that the results of this external assessment are communicated to the Chief Electoral Officer and the Audit Committee.
- Issuing periodic reports to the Audit Committee and management summarizing the results of audit activities.
- Keeping the Audit Committee informed of emerging trends and successful practices in internal auditing.
- Assisting in the investigation of significant suspected fraudulent activities within Elections Canada and notifying management and the Audit Committee, and the OCG where appropriate, of the results.
- Coordinating internal auditing activities and plans with other external providers of assurance and consulting activities to ensure suitable coverage and minimize duplication of effort.
- After discussion with the Chief Electoral Officer, informing the Office of the Auditor General without delay of any issue of risk, control or management practice that may be of significance to the government and/or require the Treasury Board of Canada Secretariat's involvement.
- Publishing on the Elections Canada Web site the Internal Audit Charter, internal audit reports, the Terms of Reference of the Audit Committee and the annual report of the Audit Committee.
The CAE and staff of the internal audit function are authorized to:
- Have unrestricted access to all functions, records, property and personnel and have the right to obtain information and explanations from Elections Canada's employees and contractors, subject to applicable legislation.
- Have full and free access to the Audit Committee.
- Allocate resources, set frequencies, select subjects, determine scope of work and apply the techniques required to accomplish audit objectives.
- Obtain the necessary assistance of personnel in units of the agency where they perform audits as well as other specialized services from within or outside Elections Canada.
- Have unimpaired ability to carry out audit responsibilities, including reporting findings to the Chief Electoral Officer and to the Audit Committee.
7. Independence and Conflicts
To provide for the independence of the internal audit function, its personnel report to the CAE, who reports directly to the Chief Electoral Officer and has access to the Audit Committee in a manner outlined in the section on accountability. The CAE will include as part of his or her reports to the Audit Committee a regular report on audit activities.
The CAE's responsibilities have been assigned to the CFO, whose responsibilities include non-audit functions. The CAE understands the importance of the objectivity and independence of the internal audit function. The Risk-Based Audit Plan will include audits on activities under the Chief Financial Officer, Internal Audit and Administration. In addition, all audits can include a finance component and, possibly, a recommendation addressed to the CFO. To maintain the independence of the audit function in such cases, the Director, Internal Audit will include appropriate external quality assurance on all audits covering the sector. The Director shall also have appropriate access to the Chief Electoral Officer and Audit Committee members if needed.
The CAE, in the discharge of his or her duties, shall be accountable to the Chief Electoral Officer and the Audit Committee to:
- Report significant issues related to the processes for controlling the activities of Elections Canada, including potential improvements to those processes, and provide information concerning such issues through to resolution.
- Provide information periodically on the status and results of the annual audit plan and the sufficiency of Internal Audit resources.
- Coordinate with and provide oversight on other assurance control and monitoring functions (risk management, evaluation, compliance, security, legal, ethics, environmental and external audit).
- Submit an annual summary of the work done throughout the year versus the internal audit plan.
9. Standards of Audit Practice
The internal audit function will be guided by the TB Policy Suite on Internal Audit (revised July 2009) and by professional standards, including standards of the International Professional Practices Framework of the Institute of Internal Auditors.
Approved by the Chief Electoral Officer on September 29, 2010
1 Treasury Board of Canada, Policy on Internal Audit, July 2009, 5.4.4.
2 Treasury Board of Canada, Policy on Internal Audit, July 2009, 5.6.2.
3 Treasury Board of Canada, Policy on Internal Audit, July 2009, 5.6.6.
4 Treasury Board of Canada, Policy on Internal Audit, July 2009, 5.6.7.
5 Treasury Board of Canada, Policy on Internal Audit, July 2009, 5.8.2.
6 Treasury Board of Canada, Directive on Chief Audit Executives, Internal Audit Plans, and Support to the Comptroller General, Section 5.