CFIA's control environment also includes a series of measures to enable its staff to manage risks well through raising awareness, providing appropriate knowledge and tools as well as developing skills and capacity. Key measures include:
The self-assessment is a systematic review conducted by management to provide assurance on ICFR.
In support of the Policy on Internal Control, an effective system of internal control has the objective of providing reasonable assurance that:
A formalized system of ICFR includes assessing the design and operating effectiveness of the department's system of ICFR and ensuring that an on-going monitoring program is in place leading to continuous improvement of the system of ICFR.
Design effectiveness assessment - Through design effectiveness assessment, the CFIA will ensure that key controls relevant to ICFR have been properly identified, documented, implemented and that they are aligned with the risks that they aim to mitigate and that any remediation is addressed appropriately and in a timely manner. The assessment activities include documentation and mapping of key business processes or IT systems, identification of key risks and the internal controls implemented to mitigate these risks, and a walk-through to assess the design effectiveness of the internal controls.
Operating effectiveness assessment - Through operating effectiveness assessment, the CFIA will ensure that the application of key controls over financial reporting has been tested over a defined period and they are working as intended. The assessment activities include performing a sample test of transactions to determine whether the documented procedures and internal control measures are being followed.