open Secondary menu

2011 Departmental Performance Report

Annex to the
Statement of Management Responsibility
including Internal Control over Financial Reporting

For the year ended March 31, 2011

Note to the Reader

With the new Treasury Board Policy on Internal Control, effective April 1, 2009, departments and agencies are now required to demonstrate the measures they are taking to maintain effective system of internal control over financial reporting (ICFR).

As part of this policy, departments and agencies are expected to conduct annual assessments of their system of ICFR, establish action plan(s) to address any necessary adjustments, and to attach to their Statements of Management Responsibility an unaudited summary of their assessment results and action plan.

Effective systems of ICFR aim to achieve reliable financial statements and to provide assurances that:

It is important to note that the system of ICFR is not designed to eliminate all risks, rather to mitigate risk to a reasonable level with controls that are balanced with and proportionate to the risks they aim to mitigate.

The system of ICFR is designed to mitigate risks to a reasonable level based on an on-going process to identify key risks, to assess the effectiveness of associated key controls and adjust as required, as well as to monitor the system in support of continuous improvement. As a result, the scope, pace and status of those departmental assessments of the effectiveness of their system of ICFR will vary from one organization to another based on risks and taking into account their unique circumstances.

This annex is unaudited.

Table of Contents

1. Introduction

This unaudited document is attached to Office of the Chief Electoral Officer's Statement of Management Responsibility Including Internal Control over Financial Reporting for the fiscal year ended March 31, 2011. As required by the new Treasury Board Policy on Internal Control (PIC), effective April 1, 2009, for the first time, this unaudited document provides summary information on the measures taken by management to maintain an effective system of internal control over financial reporting (ICFR).

1.1 Authority, Mandate and Program Activities

The Office of the Chief Electoral Officer, commonly known as Elections Canada, is an independent, non-partisan agency headed by the Chief Electoral Officer who is appointed by resolution of the House of Commons and reports directly to Parliament.

Elections Canada is responsible for administering the provisions of the Canada Elections Act, the Referendum Act and the Electoral Boundaries Readjustment Act. Its mandate is to:

Elections Canada has a single strategic outcome supported by the following Program Activity Architecture (PAA):

Program Activity Architecture (PAA)

Further details regarding Elections Canada's priorities, strategic outcome and program activity architecture are available in its Departmental Performance Report and the Report on Plans and Priorities 2010–11 Part III - Reports on Plans and Priorities (RPP)

1.2 Financial Highlights

Below is key financial information for fiscal year 2010-11. More information can be found in Elections Canada's audited Financial Statements.

1.3 Audited Financial Statements

Elections Canada's Financial Statements have been audited by the Office of the Auditor General since fiscal year 2003-04 and have always received an unqualified (unmodified effective 2010-11) audit opinion.

1.4 Service Arrangements Relevant to Financial Statements

Elections Canada relies on other organizations for the processing of certain transactions that are recorded in its financial statements:

1.5 Material Changes in Fiscal Year 2010-11

The only significant Agency change in 2010-11 that was relevant to the financial statements was the departure in May 2010 of Gisèle Côté, Chief Financial Officer and Chief Audit Executive, and the immediate appointment of Brian Berry in an acting capacity pending staffing of a replacement in 2011-12.

The Departmental Audit Committee continued its fourth year of operation (see 2.1 below).

On August 6, 2010, Elections Canada received approval from Treasury Board to modify its Program Activity Architecture (PAA) effective 2011-12. The new PAA now better reflects the results that Elections Canada delivers to Canadians. The following chart illustrates Elections Canada's new PAA.

Program Activity Architecture (PAA) effective 2011-12

A crosswalk that compares the old architecture with the new, and also describes the redistribution of financial resources, can be found on the Elections Canada Web site at Elections Canada Program Activity Architecture Crosswalk

2. Description of Elections Canada's Entity Level Controls Relevant to ICFR

Elections Canada recognizes the importance of setting the tone from the top to help ensure that staff at all levels understand their roles in maintaining effective systems of ICFR and is well equipped to exercise these responsibilities effectively. Elections Canada's focus is to ensure risks are managed well through a responsive and risk-based control environment that enables continuous improvement and innovation.

Elections Canada's main entity-level controls currently in place and relevant to ICFR are set out below.

2.1 Governance

Chief Electoral Officer (CEO) – The Chief Electoral Officer is appointed by a resolution of the House of Commons, so that all parties represented there may contribute to the selection process. Once appointed, the incumbent reports directly to Parliament and is thus completely independent of government and political parties. Elections Canada's CEO has the duties of a Deputy Head. As such, the CEO is the Agency's Accounting Officer and assumes overall responsibility and leadership for the stewardship, management and oversight of Agency resources, as well for the measures taken to maintain an effective system of internal control. In this role, the CEO meets regularly with the Departmental Audit Committee and the Executive Committee (EXCOM).

Chief Financial Officer (CFO) – Elections Canada has an acting CFO, with a recognized professional accounting designation, who reports directly to the CEO and provides leadership for the coordination, coherence and focus on the design and maintenance of an effective and integrated system of ICFR, including its annual assessment.

Chief Audit Executive (CAE) – Elections Canada's acting CAE reports directly to the CEO. The CAE provides assurance through periodic internal audits which are instrumental to the maintenance of an effective ICFR.

Departmental Audit Committee (DAC) – The DAC is an advisory committee that provides objective views on the agency's risk management, control and governance frameworks. Elections Canada established its DAC in December 2007. The Audit Committee is comprised of the CEO and three external members. The CEO chairs the committee, and at least one member is a financial expert with a recognized professional accounting designation. All members of DAC are appointed by the CEO and selected in a manner whereby their collective abilities, knowledge and experience allow the committee to carry out its duties competently and effectively.

Executive Committee (EXCOM) – As Elections Canada's senior decision-making body, EXCOM is responsible for corporate management decision-making, setting EC policies and overseeing all aspects of management and operations. The CEO is the Chair of EXCOM and his direct reports (refer to organization Chart below) comprise the membership.

The Commissioner of Canada Elections – The Commissioner of Canada Elections is the independent officer whose duty is to ensure that the Canada Elections Act and the Referendum Act are complied with and enforced. The Chief Electoral Officer of Canada appoints the Commissioner under section 509 of the Canada Elections Act.

For a detailed view of Elections Canada, please refer to the following link: Elections Canada Online | Organizational Chart

2.2 Key Measures Taken by Elections Canada

The control environment is an important factor for ICFR. Elections Canada's control environment incorporates a series of measures to equip its staff to manage risks well through raising awareness, providing appropriate knowledge and tools as well as developing skills. Key measures taken include:

  1. The establishment of an Elections Canada of Values and Ethics code
  2. Clear guidelines on authorities and compliance with Sections 32, 34 and 33 of the Financial Administration Act
  3. Accountability by responsibility centre managers for budgetary control and approvals of all expenditures
  4. Annual performance agreements with senior managers clearly set out financial management responsibilities
  5. A risk-based internal audit plan
  6. An established governance structure and provision of strategic direction through EXCOM governing council of senior managers, and the Departmental Audit Committee
  7. Regular reporting and analysis of financial performance
  8. Human resources management plan and policies that support learning and succession planning
  9. A requirement for accounting designations in key financial management positions

3. Assessment of Elections Canada's System of ICFR

3.1 Assessment Baseline

The Office of the Comptroller General is taking a tiered approach to implementing PIC. The first wave included 22 of the largest departments and the second wave of departments includes departments and agencies that currently have audited financial statements. Elections Canada is a part of the second wave.

Over time, Elections Canada will assess the design and operating effectiveness of its system of ICFR and will implement an on-going monitoring program leading to continuous improvement of its system of ICFR.

Design effectiveness means to ensure that key control points are identified, documented, in place and that they are aligned with the risks (i.e. controls are balanced with and proportionate to the risks they aim to mitigate) and that any remediation is addressed. This includes the mapping of key processes and IT systems to the main accounts by location as applicable.

Operating effectiveness means that the application of key controls has been tested over a defined period and that any required remediation is addressed.

Ongoing monitoring program means that a systematic integrated approach to monitoring is in place, including periodic risk-based assessments and timely remediation.

Such testing covers all Agency control levels which include corporate or entity, general computer and business process controls.

3.2 Assessment Method at Elections Canada

In proceeding with its preparation for a control-based audit, Elections Canada has taken measures to assess its system of ICFR starting with documentation and assessment of its entity (corporate) level controls.

Elections Canada will continue its assessment based on its financial statement putting emphasis on its main accounts, including:

For each of these significant accounts, Elections Canada will determine which sub-transactions are material and complete the following steps:

Elections Canada is also committed to documenting and assessing its IT general system controls (IT infrastructure).

Finally, Elections Canada will take into account new information available from recent audits or evaluations.

4. Elections Canada's Assessment Results

During 2010-11, Elections Canada completed documentation and assessment of its entity level controls. The findings from this assessment are summarized below.

4.1 Design Effectiveness of Key Controls

When undertaking design effectiveness testing, Elections Canada documented its entity level controls and validated key controls with the stakeholders. It verified that the documented controls are in place and correspond to actual practices. Design effectiveness also included ensuring appropriate alignment of each key control with risks.

4.2 Operating Effectiveness of Key Controls

Elections Canada is committed to completing the design effectiveness of control activities to identify and strengthen key controls before it can initiate the testing of operating effectiveness across all areas. When completing operating effectiveness testing, Elections Canada intends to ensure that key controls are functioning over time and any necessary corrective actions that are identified are initiated and addressed.

4.3 Ongoing Monitoring Program

As described in section 2, Elections Canada has a well-established governance model, including corporate risk management and an enabling environment to support staff at all levels. In particular, DAC, which was established in 2007, is instrumental in providing independent advice relating to Elections Canada's system of internal control.

5. Elections Canada's Action Plan

5.1 Progress as of March 31, 2011

During 2010-11, Elections Canada began its assessment of the effectiveness of its key controls. Below is a summary of the main progress made by the Agency.

5.2 Action Plan

Building on progress to date, Elections Canada has developed a multi-year plan to fully implement the requirements of the PIC and is positioned to complete the main assessment of its system of ICFR in 2013-14.

By the end of 2011-12, Elections Canada plans to:

  • Test operating effectiveness of entity level controls
  • Complete a risk assessment to identify key risks and accounts
  • Address required remediation identified during assessments

By the end of 2012-13, Elections Canada plans to:

  • Document key business processes
  • Test design effectiveness of key business processes
  • Test operating effectiveness of key business processes
  • Document key IT general controls (commence)

Future years:

  • In 2013-14, Elections Canada plans to finalize the documentation of key IT general controls, test design effectiveness of IT general controls, address required remediation identified during assessments, and test operating effectiveness of IT general controls
  • In 2013-14 and thereafter, Elections Canada will ensure that ongoing monitoring of key controls (entity level, business process and IT general controls) occurs cyclically based on risk
PIC Implementation Plan 2011-12 2012-13 2013-14
Assessment of design effectiveness of key controls
Existing documentation of key processes, IT applications and entity level controls reviewed
Key risk and key controls documentation completed
Design testing of key controls completed and remediation addressed
Assessment of operating effectiveness of key controls
Operating effectiveness testing plan documented and initiated
Operating effectiveness testing of key controls completed and remediation addressed