Fiscal year 2021-2022 - Annex to the Statement of Management Responsibility Including Internal Control over Financial Reporting - Unaudited
On this page
Fiscal year -
1. Introduction
This document provides summary information on the measures taken by the Canadian Space Agency (CSA) to maintain an effective system of internal control over financial reporting (ICFR) including information on internal control management, assessment results and related action plans.
Detailed information on the department's authority, mandate and core responsibilities can be found in the Departmental Plan for the - fiscal year and the Departmental Results Report for the - fiscal year.
2. Departmental system of internal control over financial reporting
In this section
2.1 Internal control management
The CSA has a well-established governance and accountability structure to support departmental assessment efforts and oversight of its system of internal control.
A departmental internal control management framework, approved by the deputy head, is in place and comprises:
- Organizational accountability structures as they relate to internal control management to support sound financial management, including the roles and responsibilities of senior departmental managers for control management in their areas of responsibility;
- Values and ethics;
- Ongoing communication and training on statutory requirements, and policies and procedures for sound financial management and control;
- Risk-based monitoring and regular updates on internal controls, with an approved annual evaluation plan, results communicated to senior departmental management and an action plan required to address highlighted weaknesses. The Departmental Audit Committee receives a summary of findings and action plans twice a year.
The Departmental Audit Committee provides advice to the deputy head on the adequacy and functioning of the department's risk management, control and governance frameworks and processes.
2.2 Service arrangements relevant to financial statements
The CSA relies on other organizations to process and capture certain transactions recorded in its financial statements, as follow:
2.2.1 Common service arrangements
- Public Services and Procurement Canada (PSPC) administers the payment of salaries and the procurement of some goods and services, and provides accommodation services
- Shared Services Canada provides CSA with Information Technology infrastructure services (data centers, network services, etc.)
- The Department of Justice, which provides legal services
- The Treasury Board of Canada Secretariat, which provides information on public service insurance and centrally administers payment of the employer's share of contributions toward statutory employee benefit plans.
Readers of this document may refer to the annexes to the Statement of Management Responsibility including Internal Control over Financial Reporting of the above-noted departments for a greater understanding of the systems of internal control over financial reporting related to these specific services.
2.2.2 Specific arrangements
- The Department of Agriculture and Agri-Food provides the CSA support services for the SAP financial management system platform;
- The Department of Transport Canada provides support services for the human resources management system at the CSA.
3. Departmental assessment results for the to fiscal year
The Agency is at ongoing monitoring for all its financial reporting and financial management processes. The table below summarizes the ongoing monitoring activities according to previous fiscal year's rotational plan:
| Key Control Areas | Ongoing monitoring | Progress Status |
|---|---|---|
| CONTROLS OVER FINANCIAL REPORTING | ||
| GENERAL IT CONTROLS | ||
| SAP-Access Controls | Yes | Ongoing monitoring tests were conducted and weaknesses were identified. Corrective measures have been implemented. |
| PROCESS LEVEL CONTROLS | ||
| Payroll | Yes | Ongoing monitoring tests were conducted and weaknesses were identified. Corrective measures have been implemented for certain weaknesses and others are still being developed. |
| Procurement to payment | Yes | Ongoing monitoring tests were conducted and weaknesses were identified. Corrective measures have been implemented for certain weaknesses and others are still being developed. |
| CONTROLS OVER FINANCIAL MANAGEMENT | ||
| Planning and Budgeting controls | Yes | Ongoing monitoring tests were conducted. No weaknesses were found. |
The key findings and remediation actions from the current fiscal year's assessment activities are summarized in subsections 3.1 and 3.2. No material control weaknesses were identified that will affect the validity, accuracy, and completeness of the financial statements.
3.1 New or significantly amended key controls
In the current fiscal year, there were no significant changes in existing business processes requiring a reassessment of key controls. The future of work at CSA will be hybrid of working from home and office. We continue to encourage electronic documentation of controls to facilitate access and review when possible.
3.2 Ongoing monitoring program
As part of its rotational ongoing monitoring plan, CSA completed its reassessment of internal controls over financial reporting and internal controls over financial management embedded within the following business processes:
- Planning and budgeting
- Procurement to Payment
- Payroll
- SAP Access controls.
Overall, key controls are functioning as designed in preventing significant misstatements in financial reporting and in ensuring prudent use of public resources. Weaknesses highlighted were mainly due to
- Inappropriate documentation of the executed controls
- Minor instances of non compliance with delegated authority
- Timeliness in the execution of controls (pre-payroll and post payroll verifications)
- Untimely deactivation of access rights to the financial management systems
- Immaterial salary overpayments
- Minor errors in proactive disclosure of contracts.
Remediation actions implemented for identified weaknesses were:
- Formal reminder in meetings of the importance of executing and documenting controls in a timely manner
- Frequent periodic review of SAP accesses awarded and segregation of roles
- Recovery of identified overpaid salary amounts
- Sampling contracts from proactive disclosure reports to ensure accuracy.
4. Departmental Action Plan for the next fiscal year and subsequent fiscal years
CSA's rotational ongoing monitoring plan over the next fiscal years is shown in the following table. The ongoing monitoring plan is based on:
- An annual review of high-risk processes and controls
- Significant changes in business processes or deployment of new technology
- Related adjustments to the ongoing monitoring plan as required.
| Key Control Areas | - | - | - | and subsequent |
|---|---|---|---|---|
| CONTROLS OVER FINANCIAL REPORTING | ||||
| ENTITY LEVEL CONTROLS | ||||
| Budgeting and Forecasting | Yes | - | - | - |
| Organizational Risk Management | - | Yes | - | - |
| Mandatory Training | - | - | Yes | - |
| Performance Appraisal | - | - | - | Yes |
| Delegation Instrument and Assignment of Delegated Authority | - | - | - | Yes |
| GENERAL IT CONTROLS | ||||
| General IT Controls | Yes | Yes | Yes | Yes |
| PROCESS LEVEL CONTROLS | ||||
| Payroll Footnote 2 | Yes | Yes | Yes | Yes |
| Operating Expenditures - Travel and Hospitality | - | Yes | - | - |
| Operating Expenditures - Procurement to payment | - | - | Yes | - |
| Write-Off and Disposal | - | - | - | Yes |
| Work in Progress, Project investment - Capital Assets | - | - | Yes | - |
| Transfer Payments | Yes | - | - | - |
| Month / Year-End procedures and Financial Reports | - | - | - | Yes |
| CONTROLS OVER FINANCIAL MANAGEMENT | ||||
| Chief Financial Officer attestation | - | - | - | Yes |
| Planning and Budgeting | - | - | - | Yes |
| Costing | - | Yes | - | - |
| Investment planning | - | Yes | - | - |
In addition to the rotational ongoing monitoring plan included in the internal control system, the CSA will follow up on pending corrective actions based on the findings listed in section 3.2 Ongoing monitoring program.
Over the past years, the Agency introduced restrictions on certain business activities (hospitality, travel, etc.) due to Covid-19 and implemented flexible measures to facilitate other business activities. We will continue to assess risks when these restrictions are lifted and monitor controls where necessary.