Common menu bar links
Breadcrumb Trail
ARCHIVED - Horizontal Internal Audit of High Risk Expenditure Controls in Large Departments and Agencies
This page has been archived.
Archived Content
Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.
Appendix 3: Risk Ranking of Recommendations
The following table presents the recommendations and assigns risk rankings of high, medium or low. Risk rankings were determined based on the relative priorities of the recommendations and the extent to which the recommendations indicate non-compliance with Treasury Board policies.
| Recommendations | Overall Risk Ranking |
|---|---|
| 1. LDAs should have policies and procedures in place to guide risk-based account verification processes. These should include the identification of high-risk types of payments to ensure those responsible for account verification are aware of the risk tolerance of their department or agency. | High |
| 2. LDAs should ensure that management is adequately represented in the governance process that determines or defines the risk level and the policies and procedures related to risk-based account verification. Management representatives should include individuals with functional responsibility over account verification, those with an awareness of pertinent risks to the operations, and those with appropriate decision-making authority. | Medium |
| 3. LDAs should develop guidance or checklists to assist project authorities responsible for section 34 account verification in carrying out their duties and to provide proof of performance related to their account verification procedures. This would be particularly helpful in instances where payment types have specific and unique terms and conditions and are otherwise not straightforward. | Medium |
| 4. LDAs should ensure that high- versus low-risk types of payments are identified and determine whether the verification procedures applied are aligned with their risk principles. | Medium |
| 5. LDAs should develop clear risk identification guidance to assist those who provide quality assurance over account verification to characterize high- versus low-risk types of payments. LDAs should consider using checklists that outline verification procedures based on risk type or other measures. | Medium |
| 6. LDAs need to develop rigorous sampling plans to monitor the verification process used for low-risk payments. These should be national in scope and allow for monitoring of appropriate risk identification and for the collection of results, which could indicate systemic errors or point to best practices. | Low |
| 7. LDAs should establish reporting requirements that enable the governance function over expenditure management to discharge its responsibilities in a robust, timely and comprehensive manner. Those responsible for quality assurance need to develop reports to meet this need and to prepare and present them in a timely manner. | Medium |