We are currently moving our web services and information to Canada.ca.

The Treasury Board of Canada Secretariat website will remain available until this move is complete.

Guidelines for Audit Committees in Crown Corporations and Other Public Enterprises

Table of Contents

1. Introduction

Audit committees are an essential component of good corporate governance. Section 148 of the Financial Administration Act (FAA) requires that all parent Crown corporations have an audit committee (for those that have fewer than four directors, the board of directors constitutes the audit committee). The FAA stipulates that the Auditor General of Canada is appointed the external auditor, or joint auditor of each Crown corporation, unless otherwise dictated in the corporation’s legislation, or the Auditor General waives the appointment. Appendix B provides a consolidation of FAA provisions related to Crown corporation auditors and audit committees.

The Guidelines for Audit Committees in Crown Corporations and Other Public Enterprises offer suggestions for consideration by the boards of directors and audit committees of federal Crown corporations. Other public enterprises with board governance structures may also find these Guidelines useful.

The Guidelines present a framework to support the work of audit committees. Individual audit committees and boards of directors must tailor the Guidelines to meet their specific needs. In doing so, they should consider the unique circumstances of their corporation, for example, its size, its mandate, the sensitivity of the issues confronting it, and the levels of experience of individual members of the board of directors and the audit committee.

Appendix A of the Guidelines contains a series of questions to consider in relation to various aspects of the role of an audit committee. The questions are designed to aid audit committees in performing their due diligence by asking the necessary probing questions of management and by considering the reasonableness of responses in light of members’ knowledge and understanding.

2. Crown Corporations

Although Crown corporations operate at arm’s length from the government, they are public policy institutions and are ultimately accountable to Parliament, through the appropriate Minister, for the conduct of their affairs. The government has a range of instruments to influence the conduct of Crown corporations, including legislative amendments, directives, approvals of corporate plans, individual appointments to key positions, and approvals and guarantees of corporate financing.

The roles of Crown corporations vary widely and may include helping the government meet policy and economic objectives and deliver services. Wholly owned by the government, these organizations are governed by boards of directors, which have responsibility for the stewardship of the corporations by providing strategic direction, safeguarding corporate resources, monitoring performance, and reporting to the government and to Parliament. For more information on the accountability framework for Crown corporations, please see Corporate Governance in Crown Corporations and Other Public Enterprises - Guidelines.

3. Audit Committee Overview

3.1 Authorities

The audit committee of a Crown corporation has the power to investigate any matter brought to its attention. It has full access to all books, records, facilities, and personnel of the corporation. In addition, with the board of directors’ approval, the audit committee has the power to access outside counsel and other experts.

Audit Committee effectiveness relies heavily on an awareness and understanding of their responsibilities and duties and the professional responsibilities of management and the auditors (internal and the Auditor General, or if applicable, other joint external auditor). Open, candid, direct and respectful communications between the Audit Committee, management, and the auditors with respect to these responsibilities are essential.

3.2 Responsibilities and Duties

An audit committee is a core committee of the board of directors, and its responsibilities and duties are set out in subsection 148(3) of the FAA and cover the following areas:

Financial reporting

The central role of the audit committee of a Crown corporation is to help the board of directors fulfill its responsibility for the accuracy and integrity of the corporation’s financial reports. The committee reviews, and advises the board of directors with respect to, the financial accounts, records, and statements of the corporation and its wholly-owned subsidiaries. This work includes overseeing the financial reporting and disclosure process, monitoring the choice of accounting policies and principles, and discussing risk management policies and practices with management.

Internal Audit

The committee oversees the corporation’s internal audit function. This work focuses on the financial and management control and information systems and on the management practices of the corporation and its wholly-owned subsidiaries.

Annual External Auditor’s Report

The committee reviews, and advises the board of directors with respect to, the annual external auditor’s report on the corporation, which examines the financial statements, accounts and records of the corporation and its wholly-owned subsidiaries.

Special Examinations

The committee reviews, and advises the board of directors with respect to, special examination plans and reports. A special examination assesses whether, for a defined period of time, the corporation’s financial and management control and information systems and its management practices were maintained in a manner that:

  • Provided reasonable assurance that they safeguarded and controlled the corporation’s assets and those of each subsidiary;
  • The financial, human and physical resources of the corporation and each subsidiary were managed economically and efficiently, and
  • The operations of the corporation and its subsidiaries were carried out effectively.
Evaluating External Auditors

Under the FAA, the Auditor General is appointed as the external auditor, or as a joint auditor, of each Crown corporation, unless otherwise dictated in the corporation’s legislation, or unless the Auditor General waives the appointment.

In the private sector, a firm’s audit committee evaluates the external auditor’s performance and makes a recommendation to the board of directors about future use of that auditor.

In the case of Crown corporations, because the Auditor General’s role is defined in legislation, a Crown corporation’s audit committee does not influence his or her participation in an audit. However, the Office of the Auditor General of Canada regularly seeks feedback on its services. If applicable, the audit committee should evaluate external auditors from the private sector.

Other Functions Assigned by the Board of Directors

As a key committee of the board of directors, the audit committee is often charged with additional oversight responsibilities connected to its core duties in areas such as the following:

  • Regulatory compliance;
  • Ethics and standards of corporate integrity or behaviour;
  • Whistle-blowing mechanisms; and
  • Corporate plans and budgets.

3.3 Further Insight and Guidance

This section provides further insight and guidance to aid audit committees in discharging their legislated oversight responsibilities.

Financial Statements

The audit committee has a duty to “review, and advise the board of directors with respect to, the financial statements that are to be included in the annual report of the corporation.” See footnote1

Accountability of a Crown corporation to the Minister and to Parliament rests heavily on the integrity of the corporation’s financial reports. No corporation can afford doubts about the quality of its financial reporting. The government and lenders need timely disclosures to assess the corporation’s financial and business soundness and risks. The reports should also adequately communicate any significant issues confronting the corporation and fairly present its financial condition and performance.

A parent Crown corporation is required to maintain financial accounts and records, as well as financial and management control and information systems, for itself and for any wholly-owned subsidiaries. The audit committee’s role is to provide the board of directors with reasonable assurance that:

  • The corporation’s assets are safeguarded and controlled;
  • Its transactions are in accordance with the law;
  • Its financial, human and physical resources are managed economically and efficiently; and
  • Its operations are carried out effectively. See footnote2

The audit committee is expected to provide the board of directors with reasonable assurance that the corporation’s financial statements are fairly presented in accordance with the underlying financial reporting framework in all material respects. This assurance should be based on the committee’s review and discussion of the corporation’s year-end financial statements with management and the auditors.

The audit committee’s assessment of the relevance and the reliability of the year-end financial statements is key because the board of directors depends on the committee’s advice to help it make informed decisions regarding the corporation’s financial condition and performance; its accounting policies, practices, and disclosures; and its approval of the corporation’s annual report.

In addition to the audited year-end financial statements, the annual report should include a management discussion and analysis (MD&A) section. The MD&A provides additional contextual information that helps readers, including the government and stakeholders, more fully understand the corporation’s business, performance and prospects. It also helps in evaluating the appropriateness of management’s business strategies and risk assessment. When relevant, this section also discusses how the accounting policies are applied and explains the basis for significant accounting estimates. Thorough MD&A therefore improves transparency and corporate governance.

The audit committee should review the annual report with management, the Auditor General and any other external auditor. Because of the timing of meetings, the audit committee may review a draft version of the annual report so that management and the auditors can continue working on the final version. The purpose of the audit committee’s review is to ensure that the annual report paints a balanced and complete portrait of the corporation’s financial situation and financial performance.

For more information, see Appendix A - “Questions to Consider - Financial Statements” and “Questions to Consider-External Auditor’s Report”.

Internal Audit

The audit committee oversees the corporation’s internal audits.

Internal audit is a key resource for the audit committee. The primary role of internal audit is to provide ongoing objective, substantiated assessments on the design and function of the organization’s risk management, control and governance processes and to make recommendations where warranted. Internal audit focuses on the corporation’s management systems, processes and practices and on the integrity of financial and non-financial information.

Although the internal auditors are independent of the activities they audit, they are integral to the corporation and provide assessments and monitoring of management systems, processes and practices on an ongoing basis. External auditors, however, are independent of the corporation. Their work focuses on providing an opinion on the financial statements every year and a special examination at least every 10 years. Although the work of a Crown corporation’s internal auditors and external auditors (the Auditor General and in some cases, the joint external auditor) has different focuses, it should be coordinated for maximum effectiveness and efficiency.

Internal audit adds value by assessing and making recommendations on the effectiveness of mechanisms in place to ensure that the organization achieves its objectives in a way that demonstrates informed, accountable decision-making with regard to ethics, compliance, risk, economy and efficiency. A best practice is to have the assessment take the form of an internal audit report that includes the key findings and why they are important, recommendations to address noted weaknesses, and a management response and action plan to address the key findings and recommendations.

The audit committee reviews internal audit reports and discusses them with the internal auditor and with management. To ensure the effective and timely implementation of any agreed-upon management actions, the audit committee should receive periodic follow-up reports from internal audit or management.

To help determine the areas of focus in a particular year, the internal audit function should prepare a risk‑based internal audit plan. The audit committee should play an active role in reviewing and discussing this plan to ensure that it focuses on the areas of highest risk and significance for the corporation. A best practice is to have the audit committee approve the plan.

The audit committee should also follow up on management’s implementation of actions required to address areas of weakness noted by internal audit.

For more information, see Appendix A - “Questions to Consider - Internal Audits”.

Annual External Auditor's Report

All federal Crown corporations are required to obtain an annual auditor’s report on the financial statements and any other quantitative financial information contained in the annual report. The Auditor General of Canada is appointed as the external auditor, or a joint auditor, of each Crown corporation, unless he or she waives the requirement, or unless it is otherwise dictated in the corporation’s legislation. See footnote3 To strengthen its independence from the corporation’s management, the external auditor reports directly to the audit committee, not to management.

The external audits of Crown corporations are similar to those done in the private sector, but they include two additional opinions:

  • Whether generally accepted accounting principles have been applied consistently; and
  • Whether the transactions examined conform to laws, regulations, the governing instruments by-laws of the corporation and any government directive given to it.

The external auditor can also report on any other matters that he or she thinks should be brought to the attention of the responsible Minister, after consulting with the board of directors, or to the attention of Parliament, after consulting with the board and the responsible Minister.

The audit committee reviews, and advises the board of directors on, the external auditor’s report. To ensure the effective and timely implementation of any agreed-upon management actions, the audit committee should receive periodic follow-up reports from internal audit and or management.

The audit committee should discuss with its external auditors the details of any practices or transactions they identified as being in possible violation of the legal authorities. This discussion should also cover the details of any other matters the auditors considered bringing to the attention of the board of directors, the responsible Minister, or Parliament.

Under paragraph 150(3)(b) of the FAA, the external auditor’s report is to be included in the corporation’s annual report.

For more information, see Appendix A - “Questions to Consider - External Auditor’s Report” and “Questions to Consider-Financial Statements”.

Special Examinations

Under subsections 138(1) and (2) of the FAA, a special examination of the financial and management control and information systems and management practices of each Crown corporation, including any wholly-owned subsidiaries, is carried out by the Auditor General solely or jointly with a private sector auditor, at least every 10 years. Special examinations can be carried out more frequently, if required by the Governor in Council, the appropriate minister, the board of directors of the corporation or the Auditor General. See footnote4 There are two exceptions to this requirement: the Bank of Canada and the Canada Pension Plan Investment Board, which have unique requirements. See footnote5

A special examination is an important accountability mechanism for Crown corporations. Its purpose, as set out in the FAA, is to provide an independent opinion on whether there is reasonable assurance that a Crown corporation has systems and practices in place to ensure that:

  • Assets are safeguarded and controlled;
  • Financial, human, and physical resources are managed economically and efficiently; and
  • The operations of the corporation and any wholly-owned subsidiaries are carried out effectively.

The audit committee plays a key role in these examinations by reviewing, and advising the board of directors on, the special examination plan and reports.

Under the FAA, before starting a special examination of a Crown corporation, the Office of the Auditor General of Canada is required to survey the systems and practices of the corporation and to submit to the audit committee a plan for the examination, including a statement of the criteria to be applied.

The examination team will then meet with the audit committee to discuss the following:

  • The objectives of the special examination;
  • The criteria against which the corporation’s systems and practices will be measured;
  • The expected timing of key communications and phases of the special examination; and
  • Any questions the audit committee may have concerning the draft special examination plan.

The audit committee typically makes a resolution to accept the plan. If there are subsequent changes to the special examination plan, the examination team will resubmit the plan or submit an addendum to the audit committee and will meet again with the committee, as appropriate. See footnote6

If the audit committee and the Auditor General disagree on the special examination plan, the responsible Minister can resolve issues related to the plan for a parent Crown corporation, and the board of directors can resolve issues related to the plan for its wholly-owned subsidiaries.

Present and former directors, officers, employees or agents of the corporation are required to provide the special examiner with any requested information, explanations and records related to the corporation and its subsidiaries. The special examiner can also rely on internal audits conducted by the corporation.

The Office of the Auditor General of Canada’s policy requires that the Auditor General give the Crown corporation an opportunity to review the draft special examination report in order to confirm and validate the facts it contains, and to make comments, before the report is finalized. The examination team will then seek management’s views on the validity and completeness of the observations, the conclusions, the recommendations, and the statement of opinion.

Once it receives management’s responses to its recommendations, the examination team will provide the draft report, including the responses, to the audit committee. The Office of the Auditor General of Canada encourages the audit committee to play an active role in reviewing and assessing the adequacy of management’s responses and in providing feedback.

After considering the feedback and making any changes it deems appropriate, the special examination team submits its final report to the corporation’s board of directors.

The board of directors then provides the Minister and the President of the Treasury Board with a copy of the special examination report within 30 days of receipt of the report and makes it available to the public within 60 days.

To ensure the effective and timely implementation of any agreed-upon management actions, the Audit Committee should receive periodic follow-up reports from internal audit or management.

For more information, see Appendix A - “Questions to Consider-Special Examination”.

3.4 Additional Important Oversight Functions

The audit committee, as a key committee of the board of directors, is often assigned additional responsibilities. The FAA recognizes this reality and specifically allows for the audit committee to “perform such other functions as are assigned to it by the board of directors or the charter or by-laws of the corporation.” See footnote7

It is a good governance practice for the board of directors to scan its environment periodically to identify potential governance issues that may require its oversight. The board should assess each issue and delegate it to the audit committee or to another board committee, as appropriate, so long as it does not impede the committee’s ability to deliver on its legal responsibilities and the committee has the requisite skills to assume these additional responsibilities.

Although the other duties delegated to the audit committee may change over time, they may include oversight of the following:

  • Standards of integrity and behaviour;
  • Risk management;
  • Management control practices;
  • Quarterly financial reports; and
  • The corporate plan and the operating and capital budgets.

The audit committee charter should explicitly state the responsibilities delegated to the committee by the board of directors. The segments that follow provide further insight and guidance to aid audit committee members in discharging their responsibilities in these areas.

Standards of Integrity and Behaviour

Crown corporations are expected to demonstrate a strong commitment to ethical and lawful behaviour. Through their actions and words, senior management and the board of directors are responsible for creating an environment of integrity-the cornerstone of effective corporate governance.

Some boards of directors retain responsibility for standards of integrity and behaviour directly for themselves, often with the understanding that the board’s main committees will include the oversight responsibility for standards of ethics and behaviour as a component of their other responsibilities.

Because audit committees play an oversight role in key aspects of the corporation, they are in a good position to assist their boards of directors in obtaining assurance that management is operating the corporation in an ethical manner.

An audit committee that has been delegated responsibility for overseeing standards of integrity and behaviour should request that management report periodically on how its processes encourage and maintain high ethical standards. The report could cover topics such as the following:

  • Employee relations, customer and supplier relations;
  • Compliance with laws and regulations;
  • Reports of examinations by regulatory agencies;
  • Current and pending litigation claims;
  • Security of company assets and records;
  • Sanctions imposed and planned changes; and
  • Sensitive information such as information on employment “perks,” expense accounts and out-of-pocket expenses for officers and directors.

Audit committees themselves can take steps to ensure their own integrity and behaviour, for example, they can establish practices for dealing with conflicts of interest, develop a code of conduct and create a process for members to make annual declarations related to the code. See footnote8

For more information, see Appendix A - “Questions to Consider - Corporation’s Standards of Integrity and Behaviour”.

Risk Management

Risk-the uncertainty that surrounds future events and outcomes-is an integral part of each Crown corporation’s business and operational reality. Identifying and assessing the likelihood of an event and its potential to impact the achievement of a corporation’s objectives is a key step in formulating a corporation’s plans and in developing its controls.

Because every Crown corporation has a unique set of risks, opportunities and challenges, boards of directors, audit committees, management and auditors all need to understand the principal risks facing the corporation.

Management must identify and assess the corporation’s risks in order to manage them and to ensure that they are considered in decision making, strategic planning, and designing the corporation’s information and control systems. Since business risk is inextricably linked to the understanding of financial reporting risk, risk assessment procedures are included in the generally accepted bases for planning audits.

In addition to acquiring an understanding of the major risks facing the corporation, the audit committee often plays a key role in ensuring that management monitors and controls those risks. The audit committee should therefore review the nature and frequency of the risk reports that management provides, paying particular attention to how financial risks and the risk of unethical behaviour, including fraud, are controlled.

Managing financial risk means striking a balance that accepts a reasonable level of risk and contains financial exposure within the levels established by the government.

For more information, see Appendix A - “Questions to Consider-Risk Management”.

Management Control Practices

Management control frameworks include a broad array of policies, practices, internal control systems, processes and structures. These frameworks support the management team in:

  • Formulating and achieving the corporation to the committee by the Learning and adapting to change;
  • Managing risks; and
  • Recognizing and acting on opportunities.

Management must establish and maintain adequate control systems and practices. To do that, it must periodically assess the effectiveness of the internal control structure and procedures.

The audit committee should review these control systems and practices to ensure that they are functioning effectively. A poorly functioning framework can have a negative effect on the corporation’s performance, its financial reports, and its standards of integrity and ethical behaviour. The committee should seek the views of the auditors (internal, external and special examiner) on the adequacy of the control systems and on management’s assessment of their effectiveness. It should discuss with management and the auditors ways to improve the effectiveness of the internal controls, including the corporation’s system for monitoring and managing business and financial risk, as well as legal and ethical compliance.

For more information, see Appendix A - “Questions to Consider-Management Control Practices”.

Quarterly Financial Reports

Under section 131.1 of the FAA, most Crown corporations must prepare a quarterly financial report for each of the first three quarters of the fiscal year and to make them public within 60 days after the end of the quarter to which they relate. See footnote9 These reports do not have to be audited.

In addition to a financial statement for the quarter and for the period from the start of the fiscal year to the end of that quarter and comparative financial information for the preceding fiscal year, the quarterly financial report must include the following:

  • A discussion of financial results and cash flow for the reporting period and for the year to date, as well as the financial position at the end of the period;
  • An explanation of significant differences between the actual financial results and those anticipated in the corporation’s corporate plan; and
  • If changes are made to the goals, objectives or financial results, the rationale for the changes, as well as actual performance relative to the revised goals, objectives or targets for the remainder of the year.

The audit committee’s approach to overseeing quarterly financial reports will depend on the unique circumstances of the corporation. In determining the extent and nature of their due diligence in relation to these reports, the board and audit committee may want to consider the following:

  • The impact of the information;
  • The time required to review it within the 60-day window; and
  • Their assessment of management’s processes to produce and review this information before its release.

For more information, see the Appendix A - “Questions to Consider - Quarterly Financial Reports”.

Corporate Plans, Operating and Capital Budgets

Under sections 122 to 124 of the FAA, most Crown corporations are required to submit an annual corporate plan, operating budget and capital budget to the responsible Minister, for Treasury Board approval. See footnote10 These documents must encompass all of the businesses and activities of the Crown corporation and its wholly-owned subsidiaries. The board of directors must approve the corporate plans and budgets before they are submitted for approval by the Governor in Council (in the case of the corporate plan) or by the Treasury Board (in the case of the capital and operating budgets).

The audit committee is often asked to undertake a more thorough review of the financial forecasts and the risks associated with the proposed plan, as well as the viability and practicality of the proposed operating and capital budgets before they are submitted to the board for review and approval.

For more information, see Appendix A - “Questions to Consider-Corporate Plans and Operating and Capital Budgets”.

4. Functioning of the Audit Committee

The value of an audit committee’s contribution to the board of directors depends on the level of assurances that the committee is able to provide regarding matters delegated to it by the board.

The suggested practices outlined in this section may assist audit committees in meeting the board’s expectations. Each audit committee should develop its own plan and practices for performing its work effectively.

4.1 Formal Charter

To help it understand and focus on its priorities, the audit committee should set itself a clear charter that fits the corporation’s circumstances. The charter should explicitly state the responsibilities the board of directors has delegated to the audit committee; identify the planned processes for performing its work; and describe how and when it is to report to the board on its activities, findings and recommendations. The charter should be approved and reviewed regularly by the board of directors. A best practice in the private sector is to make the charter publicly available on the corporation’s website.

Appendix C presents examples of key elements that the audit committee could consider when preparing or reviewing its charter.

4.2 Audit Committee Work Plan

A work plan aids the audit committee in developing an annual or multi-year outlook to help ensure that the committee carries out all of its responsibilities and duties, as outlined in its charter. The plan may also incorporate the ongoing development of the board and other committee business. When drafting the plan, the audit committee chairperson, in consultation with management, internal audit and the external auditor, should assign the responsibilities and committee business to specific meeting agendas and dates.

4.3 Selecting Members

Crown corporations have a legislative requirement to establish an audit committee made up of at least three members selected from the board of directors. See footnote11

Given the important role the audit committee plays in the corporation’s governance and oversight, the board of directors must emphasize independence, qualifications and competencies when selecting committee members to ensure that the committee is credible.

The audit committee requires expertise in the following areas:

  • The business of the corporation;
  • The issues confronting the corporation; and
  • The history of the corporation.

Audit committee members must be able to ask tough questions, and they must be prepared to spend the time necessary to address complex issues. They must also show tolerance and respect for different opinions, even when there is a potential for conflict. Discussions and other processes to resolve differences of opinion enrich the committee’s work.

4.4 Financial Literacy

Understanding fundamental accounting and financial issues is essential for audit committees because part of their role is to question the corporation’s financial and accounting experts and to consider the views of and assurances provided by the internal and external auditor.

Audit committee members must therefore be at least financially literate, and the committee chairperson should be a financial expert-hold a recognized accounting designation. In some circumstances, however, it may be preferable for the chairperson to be an experienced board member who is financially literate but not a financial expert, rather than a new member who is a financial expert.

As a best practice, at least one committee member should be a financial expert. A recognized accounting designation is a hallmark of a financial expert.

The following criteria should be used to assess the financial literacy of each audit committee member. A member is financially literate if he or she is:

  • Able to read and understand financial statements, including the notes;
  • Able to understand accounting policies, judgments and estimates when explained by management or auditors; and
  • Is familiar with the fundamentals of private or public sector financial reporting.

Audit committees should assess their financial literacy relative to those criteria and to the particular needs of their corporation.

Although not all audit committee members require a sophisticated level of financial expertise, the committee, as a whole, should have significant experience. Committee members should take the necessary steps to become financially literate if they are not already so at the time of their appointment.

The audit committee should continually strengthen its financial oversight capacity and capability through learning opportunities such as briefings by the corporation’s financial managers and auditors and participation in financial literacy training.

If an audit committee judges that it does not possess sufficient knowledge in an area to effectively fulfill a responsibility, the committee chairperson should discuss the matter first with the board chairperson and then with the chief executive officer to find a solution. Possible solutions include recommending that the board of directors engage outside expertise, or providing training to fill the identified knowledge gap.

4.5 Orientation and Professional Development

The audit committee should ensure that new members receive the necessary preparation and support. New members should receive an orientation to help them understand the committee’s relationship with management and with internal audit and external auditors, as well as recent or recurring issues of interest to the committee, including high-risk audit areas.

Similarly, new members should ensure that they have a sound knowledge of the corporation and of its operations in general. Meeting with key members of management and with the senior financial team will aid them in this regard.

Knowledge of the board of directors’ role in governance and of the corporation’s public policy role, its overall strategy, and its performance is essential for audit committee members. Special attention should be paid to knowledge of auditors’ role in the governance structure, the corporation’s business risks, and financial and other information used to manage and demonstrate accountability.

Audit committee members should be encouraged to pursue training or professional development in areas relating to the corporation’s business and activities; current accounting, auditing, financial reporting developments; and current business and industry issues. They should also try to participate in training or development programs that would strengthen the committee’s financial and other required expertise and knowledge.

All orientation and professional development activities should be considered in concert with these activities at the board of directors’ level.

4.6 Independence

The FAA requires that all Crown corporation audit committee members be independent of management.

Committee members must value objectivity and must have the degree of independence required to challenge both management and the auditors, when necessary. Each member must ensure that he or she does not become beholden to management or to the corporation and must not accept special favors or paid consulting work from the corporation, and must not be involved in day-to-day management.

A free and objective perspective is essential to the capacity to challenge and evaluate effectively. Audit committees should regularly remind themselves of the difference between their oversight function, management’s decision-making function, and the auditors’ functions of conducting audits and formulating opinions. Understanding and respecting that difference will help audit committees hold both management and the auditors accountable for fulfilling their responsibilities.

4.7 Audit Committee Meetings

Meetings are the main working forum for the committee, and members should participate in them actively. The meetings provide an opportunity to review information, gain an understanding of important issues, and develop informed judgments.

The chief financial officer, the chief executive officer and the chief audit executive normally attend each audit committee meeting. The corporation’s general counsel and chief risk officer should attend meetings when legal or risk issues are being discussed, or as required. The external auditor is entitled to be notified of and to be heard at each committee meeting, and is required to attend meetings when asked to do so by a committee member. See footnote12 In addition, the committee should request the participation of other senior managers and members of the audit team as needed.

The usefulness of meetings and the audit committee’s overall effectiveness depend on members’ thorough preparation for meetings and on their willingness to discuss key issues at the meetings. The minutes of the previous meeting, the draft agenda, the relevant background information for the agenda items, and any other material requiring the committee’s attention are usually circulated before each meeting.

The number of audit committee meetings depends largely on the extent and nature of the committee’s work but tends to average four meetings a year. Generally, these meetings occur before those of the board of directors so that the committee has time to carry out its duties and to follow up on issues before board meetings. In addition, audit committee members, the internal or external auditor, and management should have the power to call a meeting of the committee through the committee chairperson.

In‑camera meetings should be an integral and regular part of each audit committee meeting to allow the committee to meet without the presence of management representatives such as the chief executive officer, the chief financial officer, the chief risk officer, and legal counsel. The committee should also meet in camera with the internal auditor and, separately, with the external auditor, when those individuals are in attendance. It should also meet regularly in-camera with both the internal auditor and the external auditor. In-camera meetings provide an excellent opportunity for private and candid communication.

4.8 Duties of the Chairperson

The chairperson of the audit committee provides leadership and presides over the committee’s activities. He or she works closely with the board of directors, the chairperson of the board, the chief internal auditor, the chief executive officer, the chief financial officer, the corporate secretary, the general counsel and the lead members of the external audit team, acting as the formal link between them and the audit committee.

In guiding the audit committee’s work, the chair should do the following:

  • Develop the committee’s annual work plan, in consultation with management and the auditors, and have it approved by the full committee;
  • Set the agenda for each meeting, in consultation with management and the auditors;
  • Include in-camera discussions in every audit committee meeting agenda and ensure that sufficient time is set aside for them;
  • Chair each meeting, including:
    • Facilitating discussion among the audit committee members and between committee members and corporation management;
    • Encouraging meaningful participation by audit committee members;
    • Ensuring that all audit committee members who want to address a matter are given the opportunity to do so;
    • Attempting to achieve consensus when members express conflicting positions, views or advice; and
    • Ensuring that the committee holds any scheduled in-camera meetings.
  • Ensure that the committee carries out its delegated responsibilities and reports the results of its work to the board of directors;
  • Ensure that all members are financially literate and, if necessary, ensure that members take appropriate steps to become financially literate;
  • Ensure that adequate orientation and professional development is available for audit committee members;
  • Develop and maintain a relationship with the external auditor;
  • Lead the audit committee’s self-assessment process; and
  • Ensure the independence of committee members and that they declare any conflicts of interest.

4.9 Expectations of Audit Committee Members

Under the FAA, like all members of the board of directors, members of the audit committee owe a fiduciary duty See footnote13 and a duty of care See footnote14 to the corporation.

The fiduciary duty requires directors and officers to “act honestly and in good faith with a view to the best interests of the corporation.”

The duty of care expected of directors and officers is to perform their duties with “the care, diligence and skill that a reasonably prudent person would exercise in comparable circumstances.” They are expected to make reasonably informed decisions, based on an understanding and monitoring of the corporation’s business.

In discharging their responsibilities, audit committee members are expected to do the following:

  • Ensure that they have adequate knowledge and training to fulfill their responsibilities as committee members;
  • Disclose any conflicts of interest or potential conflicts of interest;
  • Prepare for audit committee meetings by, for example, reviewing information, reports and background material provided in advance of the meeting;
  • Attend committee meetings;
  • Encourage a culture of open, candid and direct communication between management, the auditors and the committee;
  • Ask probing questions and ensure that reasonable answers are provided;
  • Rely on financial statements and reports of experts engaged by the corporation to the extent that it is reasonable to do so, and challenge assumptions and information that appear unfounded or inconsistent;
  • Notify forthwith the auditors and the other members of the audit committee of any error or omission in a financial statement of which the member becomes aware; and
  • Ensure that any relevant financial statement or report is corrected if the auditors consider an error or omission to be material.

For more information, see Directors of Crown Corporations: An Introductory Guide to Their Roles and Responsibilities.

4.10 Support from Corporation Management

To perform its work effectively, an audit committee requires the full support and cooperation of management.

This support and cooperation can come in different ways and can cover a wide range of activities, including providing basic administrative service, identifying issues, preparing reports researching particular topics, and providing insight into the corporation’s practices.

Some committees receive this support through a well-qualified and experienced corporate secretary. Some receive administrative support combined with other services on an as-needed basis. Others are supported by a dedicated resource person who is selected from among the managers or from the internal audit staff on a part-time basis.

Occasionally, to ensure its independence, an audit committee may need advice and assistance from outside legal, accounting or other advisors. On such occasions, the committee should discuss its needs with management and ask its chairperson to seek the support of the board of directors to retain consultants who would report directly to the audit committee or to the board.

Appendix D describes examples of the kinds of support and assistance that audit committees could receive to help them work more effectively.

In all cases, audit committees and management should discuss how management can meet the committee’s needs in a helpful and cost-effective manner.

4.11 Evaluating the Committee's Performance

The audit committee is accountable to the board of directors for the responsibilities delegated to it by the board. The committee should review its charter at least every two years to ensure that it is adequate. The committee should also assess its own effectiveness in carrying out its responsibilities, performing its duties and meeting the needs of the board of directors. The committee should also decide how best to periodically review and discuss the performance of individual committee members.

Appendix D presents a sample self-assessment tool that the audit committee may find useful in evaluating its performance.

Appendix A: Questions to Consider

How to Use These Questions

This section contains a series of questions to consider in relation to oversight responsibilities that typically fall within the mandate of the audit committee of a Crown corporation. The questions cover the following topics:

  1. Financial statements
  2. Internal audits
  3. Annual external auditor’s report
  4. Special examinations
  5. Corporation’s standards of integrity and behaviour
  6. Risk management
  7. Management control practices
  8. Quarterly financial reports
  9. Corporate plans, operating and capital budgets

The questions are designed to aid audit committees in performing their due diligence by asking the necessary probing questions of management and by considering the reasonableness of responses in light of members’ knowledge and understanding. Audit committees can use these questions to stimulate discussion on each of their key areas of responsibility.

The questions are intended as general guidance to support audit committee members in their discussions. They should be tailored to the particular circumstances of each Crown corporation or other public enterprise.

Each set of questions is accompanied by a list of resources relating to the particular subject matter. Audit committee members should ask the Crown corporation to make those resources available to them, as applicable.

Questions to Consider - Financial Statements

These questions are designed to assist the audit committee in its consideration of the corporation's financial statements as included in the annual report.

Audit Committee Responsibility

The responsibilities of a Crown corporation’s audit committee in relation to financial statements are outlined in paragraph 148(3)(a) of the Financial Administration Act (FAA):

148(3)(a) review, and advise the board of directors with respect to, the financial statements that are to be included in the annual report of the corporation

Subsections 131(1) and (2) of the FAA require Crown corporations to keep accounts and records and to maintain financial and management control and information systems in a manner that provides reasonable assurance that assets are safeguarded and controlled; transactions are carried out properly; resources are managed economically and efficiently; and operations are carried out effectively.

Resources

  1. Canadian Institute of Chartered Accountants (CICA), CPA Canada Public Sector Accounting Handbook (the bible for public sector financial statements)
  2. CICA, 20 Questions Directors Should Ask About Management Discussion and Analysis
  3. International Accounting Standards Board, International Financial Reporting Standards
  4. Public Sector Accounting Board (PSAB), Public Performance Reporting Assessment Guide (February 2007)
  5. PSAB, Statement of Recommended Practice SORP-2, Public Performance Reporting

Accounting Policies, Standards and Practices

  • Are the corporation's accounting policies and practices consistent with generally accepted accounting principles? If not, why not?
  • In migrating to a new accounting standard:
    • Is there a clear project plan that includes key timelines and that is approved by senior management?
    • How is the implementation of this plan being monitored?
    • What process is in place to identify and resolve any negative impacts that the migration to the new accounting standard might have on the financial statements?
    • What other impacts are envisioned as a result of adopting the new standard (e.g., information technology, non-financial performance)?
  • What is the process for obtaining advice on the appropriate accounting treatment when significant accounting issues arise (e.g., consultation with the Treasury Board of Canada Secretariat, the Auditor General or other external auditor)?
  • Do the financial statements disclose the corporation's significant accounting policies, and do they include changes in the accounting policies from the previous year?
  • Does the audit committee understand management's processes for controlling fraud and error? Does management keep the committee up to date on cases of fraud and error?

Capacity and Resources

  • Does the team responsible for financial reporting have sufficient resources (personnel and funds) to carry out its responsibilities?
  • Does the team have the necessary complement of skills and experience? If not, what is the plan to acquire them?
  • Is the corporation's finance unit able to access specialist skills where and when required?

Presentation of Financial Statements

  • Do the financial statements comply with generally accepted accounting principles? If not, why not?
  • Are there significant legal matters, contingencies, claims or assessments that could have a material impact on the corporation's financial statements? If so, how have they been reflected in the financial statements?
  • What are the significant accounting accruals, reserves and other estimated liabilities in the financial statements? What processes are in place to properly account for these items in the corporation's financial statements?
  • What analysis supports any significant valuations, assumptions or judgments that are reflected in the financial statements?
  • How have financial instruments been accounted for in the financial statements, including the notes?
  • Do the financial statements reflect any significant, unusual transactions that occurred during the year? Are they adequately explained and fairly presented?
  • What risk factors, if any, has management, the internal auditor or the Auditor General identified and assessed with respect to potential fraudulent financial reporting?
  • Have significant variances from the budget and from the previous year's financial statements been satisfactorily explained?

Review and Sign-off

  • Although it is not mandatory, is there a process in place for a timely review of the financial statements by the chief financial officer and management?
  • What is the process for informing senior management and the audit committee throughout the year of significant issues that could impact the corporation's financial statements?
  • If there is a certification regime in place, has the chief financial officer signed-off on the financial statements, including on certification of the internal controls over financial reporting?
    • If not, why not?
    • If so, what procedures, systems, resources and tasks are in place to allow management and users of financial statements to have reasonable assurance that:
      • Records that fairly reflect all financial transactions are maintained;
      • The recording of financial transactions permits the preparation of internal and external financial information, reports and statements in accordance with policies, directives and standards; and
      • Revenues received and expenditures made are in accordance with delegated authorities, and unauthorized transactions that could have a material effect on financial information and financial statements are prevented or are detected in a timely manner. This includes providing reasonable assurance that financial resources are safeguarded against material loss due to waste, abuse, mismanagement, errors, fraud, omissions and other irregularities.

Annual Report

  • Does the annual report include the following, as required under subsection 150(3) of the FAA:
    • The financial statements;
    • The auditor's report;
    • A statement of the extent to which the corporation has met its financial objectives for the year;
    • Relevant quantitative information with respect to the financial performance of the corporation in relation to its objectives; and
    • Any other information that is required under the FAA or under another Act of Parliament, or by the responsible Minister, the President of the Treasury Board or the Minister of Finance.
  • How have all the material facts necessary for understanding the corporation's financial performance been reflected in the management discussion and analysis (MD&A)?
  • What processes and procedures are in place for ensuring that the financial information reflected in the MD&A is complete, accurate and consistent with the financial statements?
  • What processes and procedures are in place for ensuring the completeness and accuracy of other quantitative information related to financial matters reflected in the annual report?
  • Has the Auditor General (and, if applicable, another external auditor) reviewed the corporation's annual report? If so, to what extent? If not, why not?

Questions to Consider - Internal Audits

These questions are designed to assist the audit committee in its consideration of the corporation's internal audits.

Audit Committee Responsibility

The responsibilities of a Crown corporation’s audit committee in relation to internal audits are outlined in paragraph 148(3)(b) of the Financial Administration Act (FAA):

148(3)(b) oversee any internal audit of the corporation that is conducted pursuant to subsection 131(3)

Subsection 131(3) of the FAA requires that Crown corporations conduct internal audits:

131(3) Each parent Crown corporation shall cause internal audits to be conducted, in respect of itself and each of its wholly-owned subsidiaries, if any, to assess compliance with subsections (1) and (2), unless the Governor in Council is of the opinion that the benefits to be derived from those audits do not justify their cost.

Resources

Institute of Internal Auditors, International Professional Practices Framework

Internal Audit Policy or Charter

Does the corporation have an internal audit policy or charter? If so:

  • Does it reflect the purpose, authority and responsibility of the internal audit activity?
  • Has it been reviewed and approved by the audit committee or by the president and chief executive officer?
  • Is it periodically reviewed and revised?

Independence and Objectivity

  • Is the internal audit function free from interference in determining the scope of its work, in performing the work and in communicating the results?
  • Does the internal audit function have unencumbered access to all of the corporation's information, records and locations as required?

Internal Audit Planning

  • Does the internal audit function have sufficient resources to carry out its mandate?
  • Does the corporation have an internal audit plan? If not, why not? If so:
    • What is the process for developing the annual internal audit plan?
    • How does it link with the corporation’s areas of highest risk, including financial risks?
    • How were the proposed internal audit projects determined and prioritized?
    • Does the plan outline the scope, timing and resource requirements for the proposed internal audit projects?
    • Have there been any disagreements between management and internal audit in developing this plan? If so, have they been appropriately resolved or addressed?
  • Is a method in place for measuring the efficiency and effectiveness of the internal audit function?

Internal Audit Delivery

  • What is the corporation's internal audit service delivery model (e.g., centralized, decentralized, outsourced, co-sourced), and does it meet the corporation's needs?
  • If internal audit service delivery is outsourced, what process is in place to ensure compliance with the universally accepted internal audit standards outlined in the Institute of Internal Auditors' International Professional Practices Framework?
  • In carrying out internal audits, did the auditors have unencumbered access to the required records and management of the corporation?
  • To what extent has the internal auditor assessed the corporation's legal and ethics compliance program or practices? What were the findings of these assessments?
  • To what extent has the internal auditor assessed the risk of fraud?

Internal Audit Reports

  • Are the internal audit reports clear and concise and do they satisfactorily address the audit objectives?
  • Are the internal audit reports issued on a timely basis (i.e., How much time is there between the start of the engagement and the issuing of the final report)?
  • Are the recommendations relevant and practical?
  • Do audit reports include management's response and an action plan to address all agreed upon actions? If not, why not? If so,
    • Do these responses or plans appear to effectively respond to the problems and issues outlined in the report?
    • Is a senior manager assigned responsibility for the implementation of the required management actions?

Internal Audit Follow-up on Management Responses and Action Plans

  • What process and procedures are in place for monitoring the implementation of management action plans?
  • What methodology and process is in place to follow up on whether the actions taken by management have been effective?
  • How is management follow-up reported to the audit committee (i.e., verbal, written report)? Does the report:
    • Reflect the extent to which management action plans are being implemented within the specified time frame? Are delays explained effectively?
    • Indicate the extent to which implemented actions effectively address the problems outlined in the report? If not, why not?

Questions to Consider - External Auditor's Report

These questions are designed to assist the audit committee in its consideration of the annual external auditor’s report.

Audit Committee Responsibility

The responsibilities of a Crown corporation’s audit committee in relation to the annual auditor’s report are outlined in paragraph 148(3)(c) of the Financial Administration Act (FAA):

148(3)(c) review, and advise the board of directors with respect to, the annual auditor’s report of the corporation…

Resources

  • Canadian Institute of Chartered Accountants, Public Sector Accounting Handbook
  • International Accounting Standards Board, International Financial Reporting Standards
  • Office of the Auditor General of Canada, Annual Audit Manual, June 2010

Planning

  • Has the audit committee arranged for the external auditor to attend a meeting of the committee to discuss the auditor’s plan for the audit of the financial statements?
  • Has the audit committee received a copy of the external auditor’s plan? If so, does this plan outline the approach to be applied in this audit?
  • What questions or concerns, if any, does management have with the plan for the audit of the financial statements?

Review and Certification

Has the Management Representation Letter, which is required as part of the external auditor’s audit of the financial statements, been signed by the president / chief executive officer and the chief financial officer?

  • If not, why not?
  • If so, what is the underlying process or support for this sign‑off (to ensure that the representations made do not contain any material misstatements)?

Auditor’s Opinion

  • What is the audit’s materiality level?
  • Did the corporation receive a clean audit opinion (i.e., not a qualified or an adverse opinion, and not a denial of opinion)? If not, what action is being taken to address, in a timely manner, the reasons for the qualified opinion or the denial of opinion?
  • Does the external auditor’s report include an opinion as to whether:
    • The financial statements are presented fairly, are in accordance with generally accepted accounting principles, and are applied on a basis consistent with that of the preceding year;
    • The quantitative information is accurate in all material respects and, if applicable, was prepared on a basis consistent with that of the preceding year; and
    • The transactions of the corporation and of each subsidiary that have come to the external auditor’s notice in the course of the examination for the report were properly recorded.
  • What, if any, adjustments to the financial statements were required as a result of the external audit?
  • What is the nature of any unadjusted differences noted by the external auditors (i.e., differences that did not require a change to the financial statements)?
  • What, if any, breakdowns in management systems, processes or practices were noted in the audit of the corporation’s financial statements?
  • What was the nature of any significant disagreements between management and the external auditor? Were those disagreements satisfactorily resolved?
  • To what extent has the external auditor assessed the risk of fraud?

Audit General Management Letter

Did the external auditor issue a management letter as part of its audit of the financial statements? If so:

  • What is the nature of the issues noted?
  • What steps is management taking to address those issues?

Questions to Consider - Special Examination

These questions are designed to assist the audit committee in its consideration of the special examination plan and report.

Audit Committee Responsibility

The responsibilities of a Crown corporation’s audit committee in relation to the special examination are outlined in paragraph 148(3)(d) of the Financial Administration Act (FAA):

148(3)(d) in the case of a corporation undergoing a special examination, review, and advise the board of directors with respect to, the plan and reports referred to in sections 138 to 141;

Sections 138 to 141 of the FAA establish the procedural and reporting requirements for special examinations.

Resources

Office of the Auditor General of Canada, What to Expect-A Crown Corporation’s Guide to a Special Examination

Leadership and Support

  • How does the corporation ensure effective coordination and support for the special examination?
  • When was the last special examination carried out? What is the status of any required management actions stemming from that examination?
  • When is the next special examination expected to take place?
  • What steps has management taken, or does it plan to take, to prepare for this examination?
  • What work has the internal audit function undertaken, or does it plan to undertake, to support the Auditor General in this examination?

Planning

  • Has the audit committee discussed the special examination plan with the special examiner?
  • Has the audit committee received a copy of the special examination plan? If so, does the plan outline the criteria to be applied in the examination?
  • What questions or concerns does management have about the planned criteria for the special examination?
  • What questions or concerns does the board have about the planned criteria for the special examination?

Delivery

In carrying out the special examination, did the Auditor General have unencumbered access to the required records and management of the corporation? If so, to what extent? If not, why not?

Special Examination Report

  • Will the audit committee have an opportunity to discuss the draft report with the special examiner?
  • Does the report contain a statement as to whether, in the examiner’s opinion, with respect to the established criteria for the special examination, there is reasonable assurance that there are no significant deficiencies in the systems and practices examined?
  • Does the report contain a statement of the extent to which the examiner relied on internal audits?
  • Does the report indicate any significant deficiencies?
  • Does the Auditor General intend to inform the Minister of the report as required under section 140 of the FAA?
  • Does the report include management’s response and action plan to address all agreed-upon recommendations? If so,
    • Do these responses and plans appear to respond effectively to the problems and issues outlined in the report?
    • Is a senior manager assigned responsibility for the implementation of the required management actions?
  • Was there an opportunity to discuss the draft report with the special examination team?
  • What process is in place to ensure that a copy of the special examination report is provided to the Minister and to the President of the Treasury Board within 30 days of the board of directors receiving the report?
  • What process is in place to ensure that the report is made available to the public within 60 days of the board receiving the report? The normal practice would be to post it on the corporation’s website.

Special Examination-Follow-up on Management Responses and Action Plans

  • What process is in place for monitoring the implementation of management action plans?
  • What process is in place to follow up on whether the actions taken by management have been effective?
  • How is management follow-up reported to the audit committee (e.g., verbally, in a written report)? Does the reporting:
    • Reflect the extent to which management action plans are being implemented within the specified time frame? Are delays explained effectively?
    • Indicate the extent to which actions implemented are effective? If not, why not?

Questions to Consider - Crown Corporation's Standards of Integrity and Behaviour

These questions are designed to assist the audit committee in its consideration of the oversight of the corporation’s standards of integrity and behaviour, if the responsibility has been assigned to it by the board of directors.

Audit Committee Responsibility

The responsibilities of a Crown corporation’s audit committee in relation to other duties are outlined in paragraph 148(3)(e) of the Financial Administration Act (FAA):

148(3)(e) perform other such functions as are assigned to it by the board of directors or the charter or by-laws of the corporation.

Resources

  1. Criminal Code, Part IV, Offences Against the Administration of Law and Justice
  2. Public Servants Disclosure Protection Act
  3. Values and Ethics Code for the Public Sector

Leadership

What support does the president / chief executive officer provide to set the tone for integrity and ethical behaviour throughout the corporation?

Policies and Guidelines

  • Does the corporation have a code of conduct or an ethics policy that covers employees as well as members of the board of directors?
    • If so, is the code of conduct or the ethics policy at least as stringent as the Values and Ethics Code for the Public Sector? Does it clearly state acceptable and unacceptable behaviour, particularly in areas of significant ethical risk (e.g., executives’ and officers’ expenses, use of corporate assets)? Is it tailored to the specific risks the corporation faces?
    • If not, what mechanisms are in place to ensure that there are clear expectations and standards for integrity and ethical behaviour, as well as for legal compliance?
  • What protection mechanisms does the corporation have in place to manage disclosures (whistle-blowing) by employees, in accordance with the requirements of the Public Servants Disclosure Protection Act? Does the corporation’s code of conduct or ethics policy reflect the provisions of the Act regarding the management of disclosures?

Monitoring and Reporting

  • How does the corporation identify, assess and manage ethical risks?
  • Are there any significant legal or regulatory matters that could affect compliance with laws and financial viability? If so, what are they?
  • What procedures does management have in place to monitor compliance with the law and with the corporation’s code of conduct and ethics policy? For example, do employees know to whom to report suspected cases of wrongdoing? How are such cases reported to senior management? Are they reported in a consistent and timely manner?
  • Do employees periodically attest to their understanding of and adherence to the corporation’s code of conduct?
  • To what extent have the internal or external auditors assessed the risk of fraud?
  • How does management report the indication or detection of fraud, as well as the corrective action to be taken, to the president / chief executive officer? What were the circumstances under which fraud was suspected or reported?
  • Have regulatory agencies, including tax authorities, conducted assessments of the corporation? If so, to what extent and what were the results of the assessments?
  • How are potentially unlawful activities reported in the corporation and to whom?

Questions to Consider - Risk Management

These questions are designed to assist the audit committee in its consideration of the oversight of risk management in the corporation, if the responsibility has been assigned to it by the board of directors.

Audit Committee Responsibility

The responsibilities of a Crown corporation’s audit committee in relation to other duties are outlined in paragraph 148(3)(e) of the Financial Administration Act (FAA):

148(3)(e) perform other such functions as are assigned to it by the board of directors or the charter or by-laws of the corporation.

Resources

Department of Finance Canada, Financial Risk Management Guidelines for Crown Corporations

Risk Management Leadership

  • Does the corporation have a risk champion and if so, is this individual a member of the corporation’s executive team?
  • How is the risk champion held to account for his or her risk management responsibilities?
  • How are the corporation’s executives held to account for managing and mitigating risks in their programs, functions or areas?

Risk Management Policy or Framework

  • Does the corporation have a risk management policy or framework?
  • If so, does the policy or framework:
    • Have the approval of the board of directors?
    • Outline the process for identifying, measuring, monitoring, controlling and reporting all risks to which the corporation is exposed?
    • Establish an approach for integrating risk management into the corporation’s decision-making processes?
    • Tie in with the corporation’s strategic documents (e.g., corporate plan, annual report)?
    • Tie in with the corporation’s internal and/or external audit plans?
    • Reflect key roles and responsibilities for identifying, measuring, monitoring, controlling and reporting risks?
    • Outline the process by which management informs the audit committee in writing of its adherence to the corporation’s risk management policy or framework?
  • What are the key elements of the corporation’s approach to risk management (e.g., annual risk assessment; business continuity planning; disaster recovery planning; risk assessment for all significant corporate changes, projects, programs, etc.)? How are these elements coordinated?

Integrated Risk Management

  • How are risk management practices integrated into the management of programs and activities across the corporation? For example, have risk management plans been developed and implemented?
  • How is risk management integrated into the corporation’s key business planning and decision-making processes?
  • How is it ascertained that the corporation is functioning in accordance with its approved business plan and within the established risk tolerance limits?

Risk Management Reporting and Monitoring

  • Are risks or control failures followed up on in the corporation (e.g., risk and incident reporting and tracking)? If so, to whom, through what mechanisms and how quickly? If not, why not?
  • What risk management reports or information does the president / chief executive officer receive from management throughout the year?
  • Does management provide the audit committee with timely and accurate reports on risks, the procedures and controls in place to manage these risks, and the overall effectiveness of risk management policies?
  • What role does internal audit play in providing assurance on risk management practices, on key risks and on controls for mitigating the highest inherent risks?
  • Does the corporation report publicly, at least once a year, the existence of its risk management guidelines, including those for financial risks (e.g., through the annual report)?
  • What reports does the corporation’s finance team provide to management to aid in the monitoring of operating and capital budgets throughout the year? For example, does it provide budget variance reports and do those reports describe the reasons for any significant variances between budgeted and actual expenditures, as well as any resulting changes in forecasted expenditures to year end?
  • What processes are in place to ensure that the corporation does not exceed its approved operating or capital budget for the year?
  • What reports or information does the audit committee receive from management throughout the year to aid in its oversight of the operating and capital budgets?

Questions to Consider - Management Control Practices

These questions are designed to assist the audit committee in its consideration of the oversight of management control practices

Audit Committee Responsibility

The responsibilities of a Crown corporation’s audit committee in relation to other duties are outlined in paragraph 148(3)(e) of the Financial Administration Act (FAA):

148(3)(e) perform other such functions as are assigned to it by the board of directors or the charter or by-laws of the corporation.

Subsections 131(3) and 132(2) of the FAA set out the responsibilities of the corporation’s president / chief executive officer in relation to control of allotments and records of commitments:

131(3) … shall ensure by an adequate system of internal control and audit that [allotments] are not exceeded

132(2) … shall … establish procedures and maintain records respecting the control of financial commitments chargeable to each appropriation or item

Resources

  1. Committee of Sponsoring Organizations of the Treadway Commission (COSO) Financial Controls Framework
  2. Treasury Board of Canada Secretariat, Certification and Internal Control Regime for Crown Corporations

Management Controls—Roles and Responsibilities

  • Is it clearly articulated and understood that the president / chief executive officer has overall responsibility for the corporation’s systems of internal control?
  • Are delegations of authority and responsibility documented, properly approved, communicated and kept up to date?

Control Framework and Departmental Systems

  • Does the corporation have a control framework that does the following:
    • Outlines the corporation’s key controls to ensure sound management and reporting practices?
    • Identifies other controls that help mitigate the corporation’s major strategic and business risks?
    • Identifies roles and responsibilities for developing, reviewing, implementing and sustaining key controls?
    • Includes reporting and monitoring requirements to ensure compliance with the framework?
  • If not, what is the corporation’s strategy for developing one?
  • How does management identify and implement controls required to mitigate or manage new or emerging risks?

Control Certifications

  • Although it is not mandatory that they do so, do the chief executive officer and the chief financial officer provide an annual certification for financial controls and internal controls over financial reporting?
  • If so, what evidence underpins this certification?
  • What other internal control certifications are provided and what evidence underpins them?

Reporting and Monitoring of Controls

  • Are risks or control failures followed up on in the corporation?
  • How are required changes to the design or implementation of key controls identified and implemented and are they implemented in a timely manner?
  • What performance information (i.e., actual performance vs. budget and performance targets), does each level of management receive? How often does management receive that information?
  • In addition to the control certifications, what arrangements are in place to periodically assess the effectiveness of the corporation’s control framework (e.g., internal audits, management review and sign offs)?
  • How does management ensure that internal or external audit findings on control weaknesses are addressed in a timely manner?

Questions to Consider - Quarterly Financial Reports

These questions are designed to assist the audit committee in its oversight of the development of the corporation’s quarterly financial reports, if the responsibility has been assigned to it by the board of directors.

Audit Committee Responsibility

The responsibilities of a Crown corporation’s audit committee in relation to other duties are outlined in paragraph 148(3)(e) of the Financial Administration Act (FAA):

148(3)(e) perform other such functions as are assigned to it by the board of directors or the charter or by-laws of the corporation.

Section 131.1 of the FAA sets out the corporation’s responsibilities in relation to quarterly reports:

131.1(1) Each parent Crown corporation shall, in respect of itself and its wholly-owned subsidiaries, if any, cause to be prepared, in the form and manner provided for by the Treasury Board, a quarterly financial report for each of the first three quarters of each financial year of the parent Crown corporation.

(2) The report shall contain

(a) a financial statement for the quarter and for the period from the start of the financial year to the end of that quarter;

(b) comparative financial information for the preceding financial year; and

(c) a statement outlining the results, risks and significant changes in relation to operations, personnel and programs.

(3) The parent Crown corporation shall cause the report to be made public within 60 days after the end of the quarter to which the report relates.

(4) The Treasury Board may, by regulation, exempt a parent Crown corporation from the requirement set out in subsection (1) or provide that any of the content referred to in subsection (2) be excluded from its report.

Resources

  1. Canadian Institute of Chartered Accountants, Public Sector Accounting Handbook
  2. International Accounting Standards Board, International Financial Reporting Standards
  3. Treasury Board of Canada Secretariat, Standard on Quarterly Financial Reports for Crown Corporations

Accounting Policies, Standards and Practice

Have any changes in the accounting policies been implemented since the most recently audited annual financial statements? How have these been disclosed in this report to ensure that the corporation’s significant accounting policies are consistent with the previous annual report?

Presentation of Quarterly Financial Reports

  • Are there any significant legal matters, contingencies, claims or assessments that could have a material impact on the corporation’s quarterly financial report? If so, have they been reflected in this report and how?
  • What are the significant accounting accruals, reserves and other estimated liabilities in the quarterly financial report? What processes are in place to properly account for these items in the report?
  • Is there support for significant assumptions or judgments? If so, is it reflected in the report?
  • Does the quarterly financial report reflect any significant, unusual transactions that occurred during the quarter? If so, how have they been accounted for?
  • Have significant variances from the budget and from the corresponding quarter in the preceding year been satisfactorily explained?
  • Does the report explain any significant changes to goals, objectives or financial targets set out in the corporate plan that may impact the current and future quarters?

Review and Sign off

  • Have the chief financial officer and president / chief executive officer signed-off on the statement of management responsibility for the quarterly financial report?
  • What processes are in place to ensure that:
    • The quarterly financial reports fairly present, in all material respects, the financial results as of the date and for the periods presented;
    • Internal controls, as management determines are necessary, enable the preparation of (consolidated) quarterly financial statements that contain no material misstatements, whether due to fraud or to error; and
    • Significant variances in total revenues and expenses from the same period (quarter and year-to-date) in the previous fiscal year have been identified and explained?

Production and Distribution

  • What issues, if any, have been identified that may impede the timely production of quarterly financial report? Are these being managed effectively? If so, how? If not, what needs to be improved?
  • What process has management put in place to ensure that the quarterly financial report will be made available to the public, to the Minister and to the Comptroller General of Canada within 60 days of the end of the quarter?

Questions to Consider - Corporate Plans and Operating and Capital Budgets

These questions are designed to assist the audit committee in its oversight of the corporate plan and operating and capital budgets, if the responsibility has been assigned to it by the board of directors.

Audit Committee Responsibility

The responsibilities of a Crown corporation’s audit committee in relation to other duties are outlined in paragraph148(3)(e) of the Financial Administration Act (FAA):

148(3)(e) perform other such functions as are assigned to it by the board of directors or the charter or by-laws of the corporation.

Resources

Treasury Board of Canada Secretariat, Guidelines for the Preparation of Summaries of Corporate Plans and Capital and Operating Budgets

Leadership

Who has the lead role for developing and overseeing the corporation’s operating and capital budgets?

Process and Timing

  • What process is in place for preparing the operating and capital budgets?
  • How can the audit committee assist the board of directors in the processes leading up to the board’s approval of the corporate plan and, where applicable, the preparation and submission of the summaries of the approved corporate plan and budgets for tabling in Parliament?
  • How does management ensure that the budgets are consistent with the goals and objectives set out in the corporate plan?

Presentation

  • Are the operating and capital budgets presented in compliance with the most recent accounting standard?
  • Do the operating and capital budgets encompass all of the corporation’s major businesses or activities?
  • How has historical data been used in the development of the operating and capital budgets?
  • Do the operating and capital budgets reflect the resources available to the corporation?

Review and Sign off

Did the chief financial officer and the president / chief executive officer review and sign-off on these budgets before they were submitted to the audit committee?

Appendix B: Financial Administration Act, Provisions Related to Crown Corporation Auditors and Audit Committees

Current to October 1, 2013

Financial Management

Auditors

Special Examination

Consultation with Auditor General

Section 143 Consultation with Auditor General

Right to Information

Appendix C: Audit Committee Charter

An audit committee charter serves as the committee’s terms of reference and as a guide for its operations.

Development and Approval of the Charter

An audit committee charter can exist as a stand-alone document, but it is usually developed in conjunction with the charter of the board of directors.

The audit committee charter should be approved by the board of directors.

Elements of the Charter

The audit committee charter should outline the following elements:

  • The purpose of the committee;
  • The legislative requirements;
  • The authorities of the committee;
  • The roles and responsibilities of various parties, including audit committee members and other key players such as members of the board of directors, the chief executive officer, and auditors);
  • The committee’s relationship with the board of directors, including reporting requirements;
  • The organization of the committee (e.g., size, composition, appointment of chair);
  • The committee’s working practices and procedures (e.g., frequency and timing of meetings, evaluation); and
  • The timing and procedures for reviewing and updating the charter.

The charter can provide clarity regarding quorum, the number of directors on the committee and their degree of independence from management. It can also identify how the members’ terms of appointment provide for both continuity and fresh perspectives.

The charter can provide clarity as to whether outside parties (e.g., external auditors) have the right to attend committee meetings. The charter can also confirm reporting relationships, for example, the external auditor and the special examiner are accountable to the board of directors, normally, through the audit committee.

The charter should also indicate the qualifications needed to sit on the committee. A certain degree of financial literacy is required, and members should be required to confirm their financial literacy, or to state how they will become financially literate within a reasonable period of time after being appointed to the committee.

Annual Review

The audit committee charter should be reviewed annually for appropriateness. The committee should present any recommended changes to the board of directors for discussion and approval.

Appendix D: Examples of Support for the Audit Committee

The nature and form of the support given to an audit committee depends on its needs. Examples of support include logistical support; and assistance with planning the committee’s work agenda, identifying issues, performing research, preparing reports, and liaising with management.

Support from Senior Management

The effectiveness of the audit committee depends heavily on how it manages a complex set of relationships with the board of directors, the auditors and management.

The audit committee, under the leadership of its chairperson, should build a strong, open and positive working relationship with the chief executive officer (CEO), the chief financial officer (CFO), and the chief internal auditor. The support of these senior managers for the audit committee’s work will help it earn the confidence and cooperation of the corporation’s full management team. The CEO, the CFO, and the chief internal auditor can also help the chairperson develop an in-depth understanding of the corporation’s business and the challenges facing it.

Assistance to the Chairperson of the Audit Committee

Some committees have the help of an experienced corporate secretary; others have the support of a dedicated resource person selected from among the managers or the internal audit staff on a part-time basis. Many committees also have administrative support on an as-needed basis.

The following are examples of how a qualified individual can support and assist an audit committee to enhance its effectiveness.

General duties

  • Act as an advisor and support person to the chairperson, as requested by the chairperson.
  • Become familiar with the work of the board of directors and with that of the audit committee, as well as with its mandate, objectives and issues.
  • Assist the audit committee, particularly the chairperson, in developing its annual work plan.
  • Help identify relevant issues for the committee through discussions with the chairperson, the senior managers involved and others.
  • Assist the committee in its formal review of its committee charter, the review of the charter by the corporate governance committee (if applicable) and its annual approval by the board of directors.
  • Help document the progress in implementing the committee’s work plan.
  • Help the committee perform its annual self-assessment.

Introducing new committee members

  • Prepare an introductory briefing package for new audit committee members that includes items such as the following:
    • The audit committee’s charter;
    • The Guidelines for Audit Committees in Crown Corporations and Other Public Enterprises
    • The names of the committee members;
    • The relevant legislation to which the corporation is subject;
    • The minutes from the two previous committee meetings;
    • The approved corporate plan and budgets; and
    • Background reading material on any current committee business.
  • Offer an opportunity for a personal briefing to ask any questions.
  • Arrange meetings for the new member with selected members of the management team and representatives of the auditors.

Audit committee meetings

  • Prepare draft meeting agendas, in consultation with the chairperson.
  • Prepare and collect meeting materials.
  • Prepare a briefing note outlining the issues to be discussed at the upcoming meeting.
  • Take notes during meetings.
  • Prepare a summary of the discussion immediately after meetings for the use of the committee chairperson at the subsequent meeting of the board of directors.
  • Prepare meeting minutes for consideration by the committee’s chairperson.
  • Initiate follow-up, where appropriate, by seeking relevant information and by preparing any subsequent studies, reviews or business for the chairperson.
  • Liaise with senior management.
  • With the approval of the chairperson, inform management, at appropriate times, about the issues the audit committee is considering and about its views and preferences in relation to those issues.
  • Seek advice from senior managers about issues that should be, or are being, addressed by the committee.

Appendix E: Sample Self-Assessment Tool See footnote15

Purpose of This Tool

The audit committee, under the direction of the chairperson, should conduct a self-assessment periodically. The assessment can be done in a number of ways (e.g., using outside evaluators or using a 360-degree evaluation).

The questions included in sample self-assessment tool below are suggestions and are intended to provide a starting point for assessing the performance and effectiveness of the audit committee. Follow-up questions are encouraged, and the committee should plan for further discussions and action, as appropriate.

Using this tool: Under the chairperson’s leadership, the committee should determine how it can best ensure that the questions prompt a forthright exchange of ideas and opinions among committee members. The committee itself can determine how the process will be completed. For examples of assessment approaches, please see the guidance document Assessing Board Effectiveness.

The following sample questions could be completed anonymously before attending an assessment discussion meeting, or during a committee meeting.

Audit Committee Self-Evaluation Tool (sample)
Question Yes No Not Sure Comments
1. Does the audit committee have the necessary knowledge, skills and expertise? If not, what additional knowledge, skills or expertise are required?

 

 

 

 

 

2. Are all audit committee members financially literate? If not, what steps need to be put in place to support members in becoming financially literate?

 

 

 

 

 

3. Do audit committee members participate in continuing education to stay abreast of changes in those areas they are responsible to oversee?

 

 

 

 

4. Are all audit committee members still independent from management? Do committee members demonstrate their objectivity during meetings, through behaviours such as driving agendas, rigorous probing of issues, consulting with other parties and hiring experts, as necessary?

 

 

 

 

 

5. Do audit committee members understand the difference between their oversight role and management’s decision-making role, and do they endeavour to respect that difference?

 

 

 

 

6. Are differences of opinion on issues resolved to the satisfaction of the committee?

 

 

 

 

7. Are the audit committee’s charter and the accompanying work plan used to guide the committee’s agenda and work?

 

 

 

 

8. Does the audit committee commit sufficient time to reviewing, discussing and considering matters brought before it?

 

 

 

 

9. Does the audit committee conduct in camera sessions in a way that encourages candid and forthright expression of views, conclusions and recommendations but at the same time allows the asking of tough questions, the evaluation of the answers to them and the pursuit of issues in order to arrive at a satisfactory resolution?

 

 

 

 

10. Does the committee engage outside experts when appropriate?

 

 

 

 

11. Are the corporation’s management controls, including controls over financial reporting, stronger as a result of management’s interactions with the audit committee?

 

 

 

 

12. Does the audit committee do its part to ensure the objectivity of the internal audit function?

 

 

 

 

13. If the corporation has engaged a joint, private sector auditor, does the audit committee evaluate that person’s work?

 

 

 

 

Footnotes

Date modified: