Archived - Directive on Departmental Audit Committees

4.1.1 Departmental audit committees are advisory to the deputy head. The audit committee provides objective advice and recommendations to the deputy head regarding the sufficiency, quality and results of assurance on the adequacy and functioning of the department's risk management, control and governance frameworks and processes (including accountability and auditing systems).  In order to give this support to the deputy head, the audit committee should exercise oversight of core areas of departmental management, control and accountability, including reporting. This should be done in an integrated, risk-focused and systematic way.

4.1.2  The audit committee as a strategic resource to the deputy head, also provides such advice and recommendations as may be requested by the deputy head on specific emerging priorities, concerns, risks, opportunities and/or accountability reporting.

4.2.1 The key areas of responsibility that will normally fall within the scope of concern of the departmental audit committee are presented below.  However, the particular emphasis and priorities for the committee will be set by the deputy head in consultation with the committee and in consideration of the particular departmental mandate, objectives and priorities, as well as the corresponding risks affecting the department and the government.  Accordingly, the deputy head is responsible for ensuring that each of the following key areas is reviewed with an appropriate risk-guided focus and cycle:

• Values and Ethics: The arrangements established by management to exemplify and promote public service values and to ensure compliance with laws, regulations, policies and standards of ethical conduct;
• Risk Management: The corporate risk profile and departmental risk management arrangements; and
• Management Control Framework: The departmental internal control arrangements, including audits that may be initiated by managers (e.g. audits of transfer payment recipients).

4.2.2 Internal Audit Function

The audit committee shall:

• Recommend, and periodically review, a departmental internal audit charter or internal audit policy requiring the approval of the deputy head;
• Monitor the adequacy of resources of the internal audit function;
• Review and recommend for approval the annual risk assessment and the multi-year internal audit plan prepared by the chief audit executive;
• Monitor and assess the performance of the internal audit function;
• Provide advice to the deputy head on the recruitment and appointment, as well on the performance, of the chief audit executive;
• Receive and recommend for approval internal auditing reports and corresponding management action plans to address recommendations;
• Receive and review regular reports on progress against the internal audit plan, including an annual status report from the chief audit executive on such progress;
• Receive and review regular reports on the status of management action relative to prior internal audit recommendations;
• Receive and recommend for approval an annual assurance overview report prepared by the chief audit executive; and
• Be made aware of audit engagements or tasks that do not result in a report to the committee, and be informed of all matters of significance arising from such work.

4.2.3 Office of the Auditor General and Central Agencies

The audit committee shall:

• Advise the deputy head on the  adequacy of arrangements to support the Office of the Auditor General (OAG), other agents of Parliament and central agencies in doing audit work in the department;
• Be briefed on all audit work relating to the department to be undertaken by the OAG, other agents of Parliament or central agencies;
• Review draft audit reports of the OAG, other agents of Parliament and central agencies, as may be referred by the deputy head, and as may be requested by the deputy head, recommend for approval corresponding departmental responses and action plans;
• Periodically meet with the OAG and seek its comments and advice on matters of departmental risk, control, and governance;
• Be briefed on audit-related issues and priorities raised by central agencies and, as may be requested by the deputy head, make recommendations  on required action; and
• Be briefed, and advise the deputy head on, the impact of government-wide initiatives to improve management practices.

4.2.4 Follow-up on Management Action Plans

4.2.5 Financial Statements and Public Accounts Reporting

4.2.6 Risk and Accountability Reporting

The audit committee will review the departmental Corporate Risk Profile and provide any related advice to the deputy head.

The audit committee will also receive copies of the Departmental Report on Plans and Priorities, the Departmental Performance Report and other significant accountability reports.  These reports provide context for the audit committees' deliberations and advice to the deputy head.  Over time, and in the course of successively reviewing these documents, the audit committee will be attentive to, and provide advice on, any material misstatements or omissions that may come to their attention.

The audit committee may also receive, as information, copies of plans and reports prepared by the departmental evaluation function.  The committee may invite the head of evaluation to provide briefings on this material.

4.3.1 Deputy heads are responsible for establishing an independent departmental audit committee that includes a majority of external members who have been recruited from outside of the federal public administration. These audit committee members shall be jointly selected by deputy heads and the Comptroller General for approval by the Treasury Board.

4.3.2 By September 30, 2009, all audit committees are to have a majority of external members who have been recruited from outside of the federal public administration.  Members from the federal public administration are to be limited to deputy heads and associate deputy ministers, from within the department or otherwise.

4.3.3 The Comptroller General is responsible for establishing competency profiles for external audit committee members and for establishing or proposing other requirements related to terms of service.

4.3.4 Members of an audit committee are to be selected so that their collective skills, knowledge, and experience will allow the committee to competently and efficiently undertake its duties. Members of the audit committee should be free of any conflict of interest, real or perceived.

4.3.5 The audit committee shall have three to five members. External members are to be engaged by the deputy head for a term of four years.

4.3.6 A member shall serve no more than two terms. To ensure adequate continuity, engagements for the first members of the committee may be staggered and terms for these individuals may be for less than four years.

4.3.7 All external members of the audit committee are to be reasonably familiar with private or public sector financial reporting, or undertake to become familiar within the first year after appointment. At least one external member is to be a financial expert who possesses:

• An understanding of generally accepted accounting principles and financial statements;
• Experience preparing, auditing, analyzing or evaluating financial statements that present a breadth and level of complexity of accounting issues that are generally comparable to the breadth and complexity of issues that can reasonably be expected to be raised by the department's financial statements, or experience actively supervising one or more persons engaged in such activities;
• An understanding of internal controls and procedures for financial reporting; and
• An understanding of audit committee functions.

4.3.8 The deputy head or an external member will chair the audit committee. If the deputy head is chair, an external member will be vice-chair.  Particularly as the committees mature in their functioning, the preferred model is for the chair to be an external member.

4.3.9 The quorum for the committee shall be a majority of the members. No alternates shall be permitted.

4.3.10 The chief financial officer and the chief audit executive shall be expected to attend all meetings of the audit committee. The chair may request the attendance of other departmental officials.

4.3.11 A senior representative of the OAG shall be invited, as may be necessary, to attend the audit committee meeting to discuss the OAG's plans, findings and concerns.

4.3.12 The chair may, as necessary, invite Treasury Board Secretariat officials to attend the audit committee meeting.

4.3.13 External members of audit committees shall receive formal orientation and training on the committee's responsibilities and objectives, and on the business of the department.

4.4.1 The role, responsibilities, and operations of the audit committee are to be documented in an audit committee terms of reference or charter, approved by the deputy head. The document shall be reviewed periodically by the audit committee and reaffirmed by the deputy head.

4.4.2 The chair of the audit committee is to prepare a plan to ensure that the annual and ongoing responsibilities are scheduled and fully addressed. The plan will be presented to the committee for its endorsement and recommendation to the deputy head.

4.4.3 The audit committee shall meet at least four times a year. Audit committees are encouraged to schedule their meetings at least six months in advance so that departmental management and auditors can prepare the information and reports required to support the committee's work. Rescheduling of audit committee meetings should be by exception only.  Committee agendas will be finalized in consultation with the deputy head.

4.4.4 As part of each meeting of the audit committee, the committee will normally meet individually in camera with the departmental senior financial officer, the chief audit executive, the representative of the OAG when in attendance, and any other officials the committee may determine.  The deputy head will have the option of meeting with the committee at any time to be briefed on the results of its deliberations and to take advice as the deputy head may request.

4.4.5 The audit committee shall prepare an annual report to the deputy head that will:

• Summarize the committee's activities undertaken and the results of its reviews;
• Provide the committee's assessment of the department's system of internal control;
• Document any significant concerns the committee may have in relation to the department's risk management, control and governance framework and processes;
• Provide the committee's assessment of the capacity and performance of the internal audit function; and
• Provide, as needed, recommendations for the improvement of risk management, controls and accountability processes, including recommendations for the improvement of the audit function.

4.4.6 The deputy head will be fully briefed in advance of the finalization of the annual report of the audit committee.