Internal Audit Charter
Elections Canada's Internal Audit Charter has been revised and updated as part of a regular review process and in response to the revised Treasury Board (TB) Policy Suite on Internal Audit, which became effective on April 1, 2017.
2. Effective Date
This Internal Audit Charter takes effect on April 1, 2018. It replaces the Internal Audit Charter that came into effect on April 1, 2017.
3. Mission, Responsibility and Scope of the Internal Audit Function
The mission of the internal audit function is to provide independent and objective assurance services that add value to improve Elections Canada's operations. This helps the agency accomplish its objectives by bringing a systematic, disciplined approach that evaluate and improve the effectiveness of:
- risk management strategies and practices
- management control frameworks, systems and practices
- governance processes
Elections Canada's Chief Audit Executive (CAE) is the Senior Director, Electoral Integrity and Internal Audit sector, who reports directly to the Deputy Chief Electoral Officer, Regulatory Affairs (starting July 2018).
The Chief Electoral Officer (CEO) and senior management are responsible for ensuring that management controls promote the achievement of goals and risk mitigation. The internal audit function is important in assisting the CEO and senior management to fulfill this responsibility.
The internal audit function will conduct selected examinations of activities that are judged to pose a higher-than-average risk or where the CEO requires added assurance that controls are effective.
The internal audit function's scope of work is to determine whether the agency's network of risk management, control and governance processes, as designed and represented by management, is adequate given the agency's size, risk and resources, and to determine whether these processes achieve their objectives.
When audits identify opportunities for improving management control, governance and risk management, these opportunities will be communicated to the appropriate level of management.
4. Legislative and Policy Authorities
A revised TB Policy Suite on Internal Audit, which includes the Directive on Internal Audit in the Government of Canada, took effect on April 1, 2017 and replaces the Policy Suite on Internal Audit of April 1, 2012.
The revised policy suite introduced a number of changes applicable to all federal institutions that served to streamline the instruments, remove conflicting audit requirements and clarify the roles and responsibilities of the Comptroller General.
Furthermore, under the new policy instruments, agents of Parliament (AoPs) continue to be excluded from the application of a number of requirements. In some instances, Elections Canada may decide to take action in the spirit of these requirements.
As a result, Elections Canada identified several key changes that potentially impacted the operation of its audit function and audit committee, and warranted further examination.¬
The policy changes were discussed with the Audit Committee members at their August 2017 meeting, which resulted in the following decisions:
Mandatory Internal Audit Function
The policy suite states that the internal audit function is mandatory only in departments that have a reference level of more than $300 million per year. Given EC's environment and its status as an AoP (with limited oversight by central agencies), EC will continue to have an internal audit function.
Qualifications of the Chief Audit Executive
CAEs designated by agents of Parliament are specifically exempted from having an internal audit certification or a professional accounting designation. The audit committee recommends that the CAE obtains their internal audit certification.
Departmental Audit Committee Chair Eligibility
Although the policy suite introduces a new requirement for audit committee chairs in departments to be from outside of the federal public administration unless an exemption is granted by the Comptroller General of Canada, agents of Parliament are exempted from this requirement. The CEO will continue to be the Chair of the Audit Committee until otherwise decided.
Audit Members to Proactively Disclose Remuneration and Expenses Annually
As an agency, Elections Canada is not required to proactively disclose individual external audit committee remuneration and expenses (including travel and hospitality) as now required by departments. However, this has been adopted as a best practice by Elections Canada. This will be implemented in 2018–2019, based on guidelines provided by the Office of the Comptroller General technical bulletin.
Audit Members to Disclose Activities Annually
As an agency, Elections Canada is not required to proactively disclose—at least annually, as now required by departments—all new activities, interests or appointments of the external audit committee members. This is done to assess whether they may impair, or be seen to impair, their ability to discharge their duties in an independent and objective manner. However, this has been adopted as a best practice by Elections Canada. It will be implemented in 2018–2019.
CAE and DAC Annual Reports No Longer Required
The policy suite no longer requires the preparation of the Departmental Audit Committee (DAC) annual report and the CAE annual report. However, these may be prepared as required by the Deputy Head. The CAE and Audit Committee will collaborate to produce a single annual report.
The CAE and staff of the internal audit function are responsible for:
- Developing and implementing a flexible multi-year internal audit engagement plan, to be updated annually, using risk-based methodology; the plan will:
- consider the input of the agency's senior managers and the Audit Committee to address any risks or control concerns identified by management or external auditors
- arrange for internal audits that the Office of the Comptroller General undertakes as part of government-wide coverage, including fundamental controls and selected horizontal audits
- primarily provide assurance services, and deliver other services only on an exceptional basis
- be submitted to the Audit Committee for review and recommendation, and then be submitted to the CEO for approval
- Communicating the plan of engagements and resource requirements for the internal audit function, including significant interim changes and the effects of resource limitations, to the CEO and the Audit Committee.
- Ensuring that the internal audit resources are appropriate, sufficient and effectively deployed to achieve the approved plan.
- Ensuring the timely completion of internal auditing engagements and timely provision of reports to the Audit Committee.
- Ensuring that internal auditors have appropriate professional qualifications and skills, and opportunities to maintain and develop their internal auditing competence; this includes the opportunity to become a Certified Internal Auditor or at least a Certified Government Auditing Professional, or to acquire any other relevant auditing certification.
- Establishing appropriate policies and procedures to guide the internal audit function and ensuring that the Internal Auditing Standards for the Government of Canada are followed.
- Developing and maintaining a quality assurance and improvement program that covers all aspects of the internal audit function and continually monitors its effectiveness.
- In consultation with the CEO and the Audit Committee, ensuring that a qualified, independent reviewer or external review team periodically conducts a practice inspection or other external review of the internal audit function and that the results of this external assessment are communicated to the CEO and the Audit Committee.
- Periodically issuing summary reports to the Audit Committee and management about the results of audit activities and the resulting management action plans.
- Coordinating internal auditing activities and plans with other internal and external assurance providers and coordinating consulting activities to ensure suitable coverage and minimize duplication of effort.
- Publishing the internal audit charter, internal audit reports, and the Audit Committee's Terms of Reference on Elections Canada's website, as appropriate.
- Collaborating with the external members of the audit committee to produce a joint annual report on the activities of the audit function and audit committee during the previous year, to be published on Elections Canada's website.
- Ensuring the disclosure, at least annually, by individual external audit committee members of all new activities, interests or appointments that may impair, or be seen to impair, the members' independence and objectivity.
- Ensuring the disclosure and online publication of the external audit members' remuneration, as per the mechanism established by the Office of the Comptroller General.
The CAE and staff of the internal audit function are authorized to:
- Have unrestricted access to all functions, records, property and personnel and obtain information and explanations from Elections Canada's employees and contractors, subject to applicable legislation.
- Have full and free access to the Audit Committee members and, at least annually, have an in camera discussion with external committee members.
- Allocate resources, set frequencies, propose subjects, determine scope of work and apply the techniques required to accomplish audit objectives.
- Obtain assistance, as required, from personnel in units of the agency where they perform audits and from other specialized services in or outside Elections Canada.
- Carry out audit responsibilities free of any impairment, including reporting findings to the CEO and the Audit Committee.
7. Independence and Conflicts
The CAE reports functionally to the CEO and has access to the Audit Committee as described in this document. As part of their reports to the Audit Committee, the CAE will include a regular report on audit activities.
The CAE will monitor the reporting structure to ensure that she is not impaired in the operations of the internal audit function. Any impairment will be brought to the attention of the CEO and the Audit Committee.
The CAE, in the discharge of their duties, shall be accountable to the CEO and the Audit Committee to:
- Report significant issues related to the processes for controlling Elections Canada's activities, including potential improvements to those processes, and provide information concerning such issues through to resolution.
- Provide information periodically on the status and results of the annual audit plan and the adequacy of internal audit resources.
- Coordinate with and oversee other assurance control and monitoring functions (risk management, evaluation, compliance, security, legal, ethics, environment, and external audit).
- Submit an annual summary of the achievements of their work in the internal audit plan.
9. Additional Requirements
The audit committee recommended that the CAE have an internal audit certification.
The CAE and their staff shall abide by the principles of integrity, objectivity, confidentiality and competency articulated in The Institute of Internal Auditors' Code of Ethics.
10. Standards of Audit Practice
The internal audit function will be guided by the TB Policy Suite on Internal Audit and by professional standards, including standards of the International Professional Practices Framework of the Institute of Internal Auditors.