Secondary menu

Performance Report – For the period ending March 31, 2012

Annex to the
Statement of Management Responsibility
including Internal Control over Financial Reporting
(unaudited)

For the year ended March 31, 2012

Note to the Reader

With the new Treasury Board Policy on Internal Control, effective April 1, 2009, departments and agencies are now required to demonstrate the measures they are taking to maintain effective system of internal control over financial reporting (ICFR).

As part of this policy, departments and agencies are expected to conduct annual assessments of their system of ICFR, establish action plan(s) to address any necessary adjustments, and to attach to their Statements of Management Responsibility an unaudited summary of their assessment results and action plan.

Effective systems of ICFR aim to achieve reliable financial statements and to provide assurances that:

It is important to note that the system of ICFR is not designed to eliminate all risks, rather to mitigate risk to a reasonable level with controls that are balanced with and proportionate to the risks they aim to mitigate.

The maintenance of an effective system of ICFR is an ongoing process designed to identify, assess effectiveness and adjust as required key risks and associated key controls, as well as to monitor its performance in support of continuous improvement. As a result, the scope, pace and status of those departmental/agency assessments of the effectiveness of their system of ICFR will vary from one organization to the other based on risks and taking into account their unique circumstances.

The system of ICFR is designed to mitigate risks to a reasonable level based on an on-going process to identify key risks, to assess effectiveness of associated key controls, and to make any necessary adjustments.

Table of Contents

1. Introduction

This unaudited document is attached to Office of the Chief Electoral Officer's Statement of Management Responsibility Including Internal Control over Financial Reporting for the fiscal year ended March 31, 2012. As required by the Treasury Board Policy on Internal Control (PIC), effective April 1, 2009, this unaudited document provides summary information on the measures taken by management to maintain an effective system of internal control over financial reporting (ICFR).

1.1 Authority, Mandate and Program Activities

The Office of the Chief Electoral Officer, commonly known as Elections Canada, is an independent, non-partisan agency headed by the Chief Electoral Officer who is appointed by resolution of the House of Commons and reports directly to Parliament.

Elections Canada is responsible for administering the provisions of the Canada Elections Act, the Referendum Act and the Electoral Boundaries Readjustment Act. Its mandate is to:

Elections Canada has a single strategic outcome supported by the following Program Activity Architecture (PAA):

Program Activity Architecture (PAA)

Text version

Further details regarding Elections Canada's priorities, strategic outcome and program activity architecture are available in its Departmental Performance Report 2010-11 Departmental Performance Report and the Report on Plans and Priorities 2011–12 Part III - Reports on Plans and Priorities (RPP)

1.2 Financial Highlights

Below is key financial information for fiscal year 2011-12. More information can be found in Elections Canada's audited Financial Statements and Notes to Financial Statements.

1.3 Audited Financial Statement Note

Elections Canada's Financial Statements have been audited by the Office of the Auditor General since fiscal year 2003-04 and have always received an unqualified audit opinion.

1.4 Service Arrangements Relevant to Financial Statements

Elections Canada relies on other organizations for the processing of certain transactions that are recorded in its financial statements:

1.5 Material Changes in Fiscal Year 2011-12

The only two significant agency changes in 2011-12 that was relevant to the financial statements was the appointment in September 2011 of Helen B้langer, as Chief Financial Officer, Internal Audit and Administration; as well the Treasury Board Accounting Standard (TBAS 1.2) applies to financial statements prepared by government departments and agencies for the 2011–12 fiscal year and subsequent years. The Audit Committee continued its fifth year of operation (see 2.1 below).

2. Description of Elections Canada's Entity Level Controls Relevant to ICFR

Elections Canada recognizes the importance of setting the tone from the top to help ensure that staff at all levels understand their roles in maintaining effective systems of ICFR and is well equipped to exercise these responsibilities effectively. Elections Canada's focus is to ensure risks are managed well through a responsive and risk-based control environment that enables continuous improvement and innovation.

Elections Canada's main entity-level controls currently in place and relevant to ICFR are set out below.

2.1 Governance

Chief Electoral Officer (CEO) – The Chief Electoral Officer is appointed by a resolution of the House of Commons, so that all parties represented there may contribute to the selection process. Once appointed, the incumbent reports directly to Parliament and is thus completely independent of government and political parties. Elections Canada's CEO has the duties of a Deputy Head. As such, the CEO is the Agency's Accounting Officer and assumes overall responsibility and leadership for the stewardship, management and oversight of agency resources, as well for the measures taken to maintain an effective system of internal control. In this role, the CEO meets regularly with the Audit Committee and the Executive Committee (EXCOM).

Chief Financial Officer (CFO) – Elections Canada has a CFO, with a recognized professional accounting designation, who reports directly to the CEO and provides leadership for the coordination, coherence and focus on the design and maintenance of an effective and integrated system of ICFR, including its annual assessment.

Chief Audit Executive (CAE) – Elections Canada's CAE reports directly to the CEO. The CAE provides assurance through periodic internal audits which are instrumental to the maintenance of an effective ICFR.

Audit Committee (AC) – The AC is an advisory committee that provides objective views on the agency's risk management, control and governance frameworks. Elections Canada established its AC in December 2007. The Audit Committee is comprised of the CEO and three external members. The CEO chairs the committee, and at least one member is a financial expert with a recognized professional accounting designation. All members of AC are appointed by the CEO and selected in a manner whereby their collective abilities, knowledge and experience allow the committee to carry out its duties competently and effectively.

Executive Committee (EXCOM) – As Elections Canada's senior decision-making body, EXCOM is responsible for corporate management decision-making, setting EC policies and overseeing all aspects of management and operations. The CEO is the Chair of EXCOM and his direct reports (refer to organization Chart below) comprise the membership.

The Commissioner of Canada Elections – The Commissioner of Canada Elections is the independent officer whose duty is to ensure that the Canada Elections Act and the Referendum Act are complied with and enforced. The Chief Electoral Officer of Canada appoints the Commissioner under section 509 of the Canada Elections Act.

For a detailed view of Elections Canada, please refer to the following link:
Elections Canada Online | Organizational Chart

2.2 Key Measures Taken by Elections Canada

The control environment is an important factor for ICFR. Elections Canada's control environment incorporates a series of measures to equip its staff to manage risks well through raising awareness, providing appropriate knowledge and tools as well as developing skills. Key measures taken include:

  1. The establishment of an Elections Canada of Values and Ethics code
  2. Clear guidelines on authorities and compliance with Sections 32, 34 and 33 of the Financial Administration Act
  3. Accountability by responsibility centre managers for budgetary control and approvals of all expenditures
  4. Annual performance agreements with senior managers clearly set out financial management responsibilities
  5. A risk-based internal audit plan
  6. An established governance structure and provision of strategic direction through the Executive Committee ( EXCOM) governing council of senior managers, and the Audit Committee (AC)
  7. Regular reporting and analysis of financial performance
  8. Human resources management plan and policies that support learning and succession planning
  9. A requirement for accounting designations in key financial management positions

3. Assessment of Elections Canada's System of ICFR

3.1 Assessment Baseline

In 2009, the Government of Canada issued a new policy to support control-based audit requirements or those of the Policy on Internal Control, the policy requirement under section 6.1.2 of the Policy on Internal Control relating to the signature of the Statement of Management Responsibility Including Internal Control Over Financial Reporting will be phased-in over a period of three years based on department's state of readiness with the objectives to provide reasonable assurance that:

Over time, this includes assessment of design and operating effectiveness of the system of ICFR and an on-going monitoring program leading to continuous improvement of the departmental/agency system of ICFR.

Design effectiveness means to ensure that key control points are identified, documented, in place and that they are aligned with the risks (i.e. controls are balanced with and proportionate to the risks they aim to mitigate) and that any remediation is addressed. This includes the mapping of key processes and IT systems to the main accounts by location as applicable.

Operating effectiveness means that the application of key controls has been tested over a defined period and that any required remediation is addressed.

Ongoing monitoring program means that a systematic integrated approach to monitoring is in place, including periodic risk-based assessments and timely remediation.

Such testing covers all departmental/agency control levels which include corporate or entity, general computer and business process controls.

3.2 Assessment Method at Elections Canada

In proceeding with its preparation for a control-based audit, Elections Canada has taken measures to assess its system of ICFR starting with documentation and assessment of its entity (corporate) level controls.

Elections Canada will continue its assessment based on its financial statement putting emphasis on its main accounts, including:

For each of these significant accounts, Elections Canada will determine which sub-transactions are material and complete the following steps:

Elections Canada is also committed to documenting and assessing its IT general system controls (IT infrastructure).

Finally, Elections Canada will take into account new information available from recent audits or evaluations.

4. Elections Canada's Assessment Results

During 2011-12, Elections Canada completed high-level documentation and assessment of its entity level controls. The findings from this assessment are summarized below.

4.1 Design Effectiveness of Key Controls

Elections Canada has prepared a statement of work to get external assistance to help the finalization of a detailed action plan and establish an overall financial management control framework focusing on key controls. When undertaking design effectiveness testing, Elections Canada has started documenting its entity level controls and validating key controls with the stakeholders. Elections Canada also continues verifying that the documented controls are in place and correspond to actual practices. Design effectiveness also included ensuring appropriate alignment of each key control with risks.

4.2 Operating Effectiveness of Key Controls

Elections Canada is committed to completing the design effectiveness of control activities to identify and strengthen key controls before it can initiate the testing of operating effectiveness across all areas. When completing operating effectiveness testing, Elections Canada intends to ensure that key controls are functioning over time and any necessary corrective actions that are identified are initiated and addressed.

4.3 Ongoing Monitoring Program

As described in section 2, Elections Canada has a well established governance model, including Sector Operational plans which defined corporate risk profile and an enabling environment to support staff at all levels. In particular, AC, which was established in 2007, is instrumental in providing independent advice relating to Elections Canada's system of internal control. Looking ahead, as shown in section 5, the agency will seek opportunities to further strengthen its entity level controls taking into account results from annual assessments and audits. The long term action will includes ensuring that there is a well-integrated monitoring program in placed to raise awareness and understanding of the agency's system of ICFR at all levels, and equip people with the knowledge, skills, and tools needed.

5. Elections Canada's Action Plan

5.1 Progress as of March 31, 2012

During 2011-12, Elections Canada began its assessment of the effectiveness of its key controls. Below is a summary of the main progress made by the agency.

5.2 Action Plan

Building on progress to date, Elections Canada has developed a multi-year plan to fully implement the requirements of the Policy on Internal Control (PIC) and is positioned to complete the main assessment of its system of ICFR in 2012-13.

By the end of 2012-13, Elections Canada plans to (refer also to grid below):

  • Test operating effectiveness of entity level controls
  • Complete a risk assessment to identify key risks, accounts and business processes

By the end of 2013-14, Elections Canada plans to (refer also to grid below):

  • Document key business processes
  • Test design effectiveness of key business processes
  • Test operating effectiveness of key business processes
  • Document key IT general controls
  • Address required remediation identified during assessments

For 2014-15 and future years:

  • Elections Canada plans to finalize the documentation of key IT general controls, test design effectiveness of IT general controls, address required remediation identified during assessments, and test operating effectiveness of IT general controls
  • Elections Canada will ensure that ongoing monitoring of key controls occurs cyclically based on risk


PIC Implementation Plan 2012-13 2013-14 2014-15
Assessment of design effectiveness of key controls
Entity level controls reviewed and documented
v
v
Existing documentation of key processes, IT applications
v
(High)
v
(Medium)
v
(Low)
Key risk and key controls documentation completed
v
(High-Medium)
v
(Low)
Design testing of key controls completed and remediation addressed
v
(High)
v
(Medium)
v
(Low)
Assessment of operating effectiveness of key controls
Operating effectiveness testing plan documented and initiated
v
(High)
v
(Medium)
v
(Low)
Operating effectiveness testing of key controls completed and remediation addressed
v
(High)
v
(Medium)
v
(Low)