Annex to the Statement of Management Responsibility including Internal Control over Financial Reporting - Unaudited
Fiscal year -
1. Introduction
This document provides summary information on the measures taken by the Canadian Space Agency (CSA) to maintain an effective system of internal control over financial reporting (ICFR) including information on internal control management, assessment results and related action plans.
Detailed information on the Canadian Space Agency Act, its mandate, and program activities can be found in the - Departmental Results Report and in the - Report on Plans and Priorities.
2. Departmental system of internal control over financial reporting
2.1 Internal control management
The CSA has a well-established governance and accountability structure to support departmental assessment efforts and oversight of its system of internal control which promotes continuous improvement. The CSA Framework for the internal control management, which indicates the objective, the expected results, the principle and approach as well as the roles and responsibilities in regards to internal controls, was approved by the President on .
The CSA internal control management framework includes the following:
- Organizational accountability structures as they relate to internal control management to support sound financial management, including the roles and responsibilities of senior managers in their areas of responsibility for internal control management;
- A CSA Value and Ethics Code;
- On-going communication and training on statutory requirements, policies and procedures in order to ensure sound financial management and reliable controls to manage risks;
- Monitoring and regular updates, at least twice a year, on internal control management, as well as the provision of related assessment results and action plans to the President, the Chief Financial Officer, the members of the Executive Committee and the members of the Audit Committee.
The CSA established an Audit Committee (AC) in . The AC is composed of the CSA President and three external members, one of whom chairs the Committee. In addition, the Vice-President, the Chief Financial Officer and the Chief Audit and Evaluation Executive attend all meetings. The AC provides advice to the President on the adequacy and functioning of the Agency's risk management, control and governance frameworks and processes. It reviews amongst others, the internal control system, by the update on results on the monitoring and the action plans related to the system of ICFR as well as the financial reports. In -, the AC had four meetings and participated in two teleconferences.
2.2 Service arrangements relevant to financial statements
The CSA relies on other organizations for the processing of certain transactions that are recorded in its financial statements:
Common Arrangements:
- Public Services and Procurement Canada (PSPC) centrally administers the payments of salaries and the procurement of goods and services, as per the Department's Delegation of Authority and provides accommodation services;
- Treasury Board Secretariat provides the CSA the necessary information to calculate various accruals and allowances, such as the accrued severance liability;
- The Department of Justice provides legal services to the CSA;
- Shared Services Canada (SSC) provides IT infrastructure services to the CSA in the areas of emails, data centers and telecommunications. The scope and responsibilities are addressed in the interdepartmental agreement between SSC and the CSA.
Specific Arrangements:
- The department of Agriculture and Agri-Food provides the CSA with a SAP financial system platform to capture and report all financial transactions.
- The department of Transport Canada provides support services for the human resources management system at the CSA.
3. Departmental assessment results for fiscal year -
3.1 New or significantly amended key controls
Following the implementation of the new payroll system Phoenix on , the payroll process has been reviewed to ensure that it reflects the activities as they are carried out. Some tasks have been added or removed in the payroll process and some key controls have been added to reinforce the payroll audit before payment.
3.2 On-going monitoring program
In -, the CSA performed, in accordance with the on-going monitoring plan, the reevaluation of key controls under the processes; of the organizational risks management, the delegation instrument, the assignment of delegated authority, the IT controls (access to SAP application and the continuity of SAP's operations), the payroll, the transfer payments (contributions to the European Space Agency), the end of year/month procedures and financial reports (accounts payable at year end (PAYE), establishment and monitoring of holdbacks) as well as specific related general IT controls within the listed processes.
The key financial controls evaluated for the above processes, were found to be operating effectively to prevent any significant misstatement to the Financial Statements. There were no control weaknesses identified with a high risk impact. As for the low risk findings noted, corrective measures have already been put in place to rectify them.
As a result of the on-going monitoring, the CSA identified the following improvements to strengthen its control environment.
Assignment of delegated authority
- Improve communications between the Human Resources and Finance sectors for updates on the necessary training required to maintain the financial delegation.
- Ensure, in a timely manner, that the specimen of signature master file is maintained and inform those responsible for processing payments of any additions or withdrawals of signature specimen.
- Corrective measures have been implemented in this control sector.
Establishment and follow-up of holdbacks
- Ensure that the holdback indicated on the invoice meets the terms of the contract.
- Corrective measures have been implemented in this control sector.
End of year/month procedures
- Increase the responsible employees awareness of the importance of signing and dating all the confirmation certificates of the General Ledger balances, certifying that the review has been conducted.
- Corrective measures have been implemented in this control sector.
4. Canadian Space Agency's Action Plan
4.1 Progress during fiscal year -
The CSA has maintained the on-going monitoring for the ICFR system according to the previous fiscal year's plan. The activities carried out by CSA according to this plan are summarized below:
Key Control Areas | On-going monitoring | Progress Status |
---|---|---|
Entity level controls | ||
Organizationnal Risk Management | Yes | On-going monitoring testing was conducted. No weaknesses were found. |
Delegation Instrument and Assignment of Delegated Authority | Yes | On-going monitoring testing was conducted and weaknesses were identified. Corrective measures have been implemented |
General IT controls | ||
General IT Controls | Yes | On-going monitoring testing was conducted. No weaknesses were found. |
Process level controls | ||
Payroll | Yes | On-going monitoring testing was conducted. No weaknesses were found. |
Transfer Payments | Yes | On-going monitoring testing was conducted. No weaknesses were found. |
Month / Year-End procedures and Holdback | Yes | On-going monitoring testing was conducted and two weaknesses were identified. Corrective measures have been implemented. |
In -, in addition to achieving on-going monitoring activities, the CSA has also carried out design effectiveness tests on the new payroll system Phoenix. Following the financial repercussions caused by the payroll problems, on 3 different occasions; in , and , we have submitted to the Comptroller General's Office, information about the total number of employees that have been overpaid or underpaid, including the amounts. Furthermore, we have raised problem cases to the Payroll Service Centre in Matane for their analysis and correction.
4.2 Action plan for the next fiscal year and subsequent years
The three year cycle plan for on-going monitoring focusing on the CSA's risks is presented in the following table. It is established annually following the validation of our risks, the results of tests and the audit plan.
Key Control Areas | - | - | - | and up |
---|---|---|---|---|
Entity level controls | ||||
Organizational Risk Management | - | - | Yes | - |
Performance Appraisal and Mandatory Training | - | - | - | Yes |
Delegation Instrument and Assignment of Delegated Authority | - | - | - | Yes |
Budgeting and Forecast performance | Yes | - | - | - |
General IT controls | ||||
General IT Controls | Yes | Yes | Yes | Yes |
Process level controls | ||||
Payroll Footnote 2 | Yes | Yes | Yes | Yes |
Operating Expenditures - Travel and Hospitality | - | Yes | - | Yes |
Operating Expenditures - Procurement to payment | - | Yes | - | - |
Write-Off and Disposal | - | Yes | - | - |
Work in Progress - Capital Assets | - | - | - | Yes |
Transfer Payments | - | - | - | Yes |
Month / Year-End procedures and Financial Reports | - | - | - | Yes |
Other than the rotational on-going monitoring plan, the CSA will continue to perform analyses of, Agency employees problem-based pay cases, related to the Phoenix system.
In addition, amendments have been made to the Policy on Financial Management as well as to the directives and standards that have been in effect since . We will analyze the crosswalk of requirements of the new policy or directives and modify the processes, if necessary. We are also awaiting the new TBS guidelines on the on-going monitoring of internal controls (planned for summer ) in order to make adjustments according to the requirements.