This archived Web page remains online for reference, research or recordkeeping purposes. This page will not be altered or updated. Web pages that are archived on the Internet are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats of this page on the Contact Us page.
To meet the Policy on Internal Control requirements, departments and agencies are expected to develop, and execute annually, a plan to assess the effectiveness of their Internal Control over Financial Reporting (ICFR).
The purpose of this audit was to provide real-time insight and assurance for the readiness to implement the ICFR assessment process. Such an "under development" approach, common during the implementation of major initiatives, is intended to provide timely and constructive guidance to the Chief Financial Officer (CFO) while also providing assurance.
Accordingly, the audit has assessed the adequacy of processes and practices in place to support the deployment of the Policy on Internal Control (PIC) requirement to assess Internal Control over Financial Reporting related to external financial statements. The audit approach and methodology are contained in Appendix A and Appendix B.
The process for planning and conducting a risk-based assessment of the effectiveness of internal control over financial reporting is comprised of five phases:
Phase 1: Planning;
Phase 2: Evaluating entity-level controls;
Phase 3: Evaluating internal control at the transaction or process level;
Phase 4: Testing control design and operating effectiveness; and
Phase 5: Assessing results of testing, reporting and developing management action plans, and revising future annual and multi-year plans.
The ICFR assessment process is an iterative one; the pace and scope of which is risk-based. Information obtained through each phase regarding risks and the effectiveness of controls in place to mitigate risks is used to refine and adjust ICFR assessment plans for continued relevance. This helps ensure an appropriate focus on the areas of most significance to the integrity of the financial statements.
The assessment is that Library and Archives Canada has started the planning phase of the ICFR assessment process, and significant work is still required to implement the processes and practices needed to be able to complete the remaining phases of the assessment process and comply with Policy on Internal Control requirements for the Statement of Management Responsibility Including Internal Control over Financial Reporting by 2011–2012.
The CFO has assigned the Manager, Financial Policies, Management Practices and Quality Assurance to lead the assessment planning process. Together, they are in the process of developing the risk-based approach.
This audit report provides recommendations to enable the planning and execution of the ICFR risk-based assessment plan, including:
Management has agreed and developed an action plan to address these recommendations.