Performance results for the internal audit function – March 31st, 2023
© His Majesty the King in Right of Canada, as represented by the Minister of Innovation, Science and Industry, .
ISSN 2816-7384
Number | Questions on Compliance Attributes of Internal Audit | Answers on Compliance Attributes of Internal Audit |
---|---|---|
1. | Do internal auditors at the CSA have the training required to do the job effectively? | The organizational chart of the audit function consists of 5 employees who occupy the following positions:
|
1 a) Percentage of staff with a professional designation:
|
||
1 b) Percentage of staff with a professional designation in progress:
|
||
1 c) Percentage of staff holding other designations:
|
||
Are multidisciplinary teams in place to address diverse risks? | The internal audit function has the necessary skills and experience to carry out the risk-based internal audit plan. The audit function employees have general knowledge of risk management, management control, and governance processes. When specific skills are required, such as information technology, external providers' services are retained. | |
2. | Is internal audit work performed in conformance with the international standards for the profession of internal audit as required by Treasury Board policy? | An audit manual containing specific procedures to ensure the application of international standard for the internal audit profession guides the audit work. In addition, various quality assurance processes are performed through the supervision of audit work throughout the execution of audits. An external assessment of professional practices is carried out every five years. The last external assessment was conducted in . |
2 a) In , the Audit Committee members were informed of the results of the external assessment of professional practices carried out in . |
||
2 b) The conclusion of the External Assessment of Professional Practices conducted in is that the internal audit function generally complies with the Institute of Internal Auditors' Standards, Definition and Code of Ethics and related government directives. For this reason, no recommendation on compliance with the standards is proposed. | ||
3. | Are Risk-Based Audit Plans (RBAP) submitted to the audit committee and approved by the deputy head implemented as planned with resulting reports published? Is management acting on audit recommendations for improvements to departmental processes? | One project under the RBAP approved by the Audit Committee in was completed and the publication of the report is underway. With respect to the audit recommendations, the implementation rate of management action in - was 81%. |
3 a) Name and status of audits for the current fiscal year of the RBAP
|
||
3 b) Date on which the audit report was approved
|
||
3 c) Date on which the audit report was published
|
||
3 d) Original planned date for completion of all management action plan (MAP) items
|
||
3 e) Status of MAP items:
|
||
4. | Is internal audit credible and adding value in support of the mandate and strategic objectives of the organization? | The internal audit aims to add value in support of the organization's objectives and conducts a survey of the audited entity after each audit to measure the effectiveness and to identify opportunities for improvement. |
4 a) A satisfaction survey of the audited entity was conducted for one audit during -. To the question of whether, in general, the audit was useful, the rating was:
|
Number | Internal Audit Title | Audit Status | Report Approval Date | Report Publication Date | Original Planned MAP Completion Date | Implementation Status |
---|---|---|---|---|---|---|
1. | Audit of Cybersecurity practices | Action plan in progress | N/A | 88% | ||
2. | Audit of the Management Framework for Space Exploration Activities Related to Science and the Use of the International Space Station | Published and no recommendations were made following the audit | N/A | N/A | ||
3. | Audit of the Lunar Exploration Accelerator Program | Action plan in progress | TBD | |||
4. | Audit of security management framework | Audit in progress |