ARCHIVED - Treasury Board of Canada Secretariat - 2011-12 Departmental Performance Report

This page has been archived.

Annex to the Statement of Management Responsibility Including Internal Control Over Financial Reporting
Treasury Board of Canada Secretariat
Fiscal Year 2011–12

Note to the reader

The Treasury Board Policy on Internal Control, effective April 1, 2009, requires departments to demonstrate the measures they are taking to maintain effective systems of internal control over financial reporting (ICFR).

As part of this policy, departments are expected to conduct annual assessments of their system of ICFR, establish action plan(s) to address any necessary adjustments, and attach to their Statements of Management Responsibility a summary of their assessment results and action plan.

Effective systems of ICFR aim to achieve reliable financial statements and to provide assurances that:

• Transactions are appropriately authorized;
• Financial records are properly maintained;
• Assets are safeguarded;
• Applicable laws, regulations and policies are followed.

It is important to note that the system of ICFR is not designed to eliminate all risks, rather to mitigate risk to a reasonable level with controls that are balanced with and proportionate to the risks they aim to mitigate.

The system of ICFR is designed to mitigate risks to a reasonable level based on an ongoing process to identify key risks, to assess the effectiveness of associated key controls, to adjust them as required, and to monitor the system in support of continuous improvement. As a result, the scope, pace and status of those departmental assessments of the effectiveness of their system of ICFR will vary from one organization to the other based on risks and on taking into account their unique circumstances.

Table of Contents

• 1. Introduction
  • 1.1 Authority, mandate, and programs
  • 1.2 Financial highlights
  • 1.3 Service arrangements relevant to financial statements
  • 1.4 Material changes in fiscal year 2011–12
• 2. Control environment of the Treasury Board of Canada Secretariat relevant to ICFR
  • 2.1 Key positions, roles and responsibilities
  • 2.2 Key organization-wide controls in the Treasury Board of Canada Secretariat
• 3. Assessment of the Treasury Board of Canada Secretariat system of ICFR
  • 3.1 Assessment approach
  • 3.2 Assessment scope
• 4. Assessment results
  • 4.1 Design effectiveness of key controls
  • 4.2 Operating effectiveness of key controls
• 5. Action plan
  • 5.1 Progress in 2011–12
  • 5.2 Future years

1. Introduction

This document is the annex to the Treasury Board of Canada Secretariat's (the Secretariat's) Statement of Management Responsibility Including Internal Control Over Financial Reporting for the fiscal year 2011–12. It is the third annex prepared by the Secretariat following on those prepared in 2010–11 and 2009–10. As required by the Treasury Board Policy on Internal Control, effective April 1, 2009, this document provides summary information on the measures taken by the Secretariat to maintain an effective system of internal control over financial reporting (ICFR). In particular, it provides summary information on the internal control assessments conducted by the Secretariat as at March 31, 2012, including progress, results and related action plans along with some financial highlights pertinent to understanding the control environment unique to the Secretariat.

1.1 Authority, mandate and programs

The Secretariat is the administrative arm of the Treasury Board. The Treasury Board is a Cabinet committee of ministers invested with a broad range of responsibilities for management excellence, policy development, and budget and human resources oversight. The Secretariat supports Treasury Board ministers and strengthens the way government is managed to better serve Canadians and ensure value for money in government spending. The Secretariat achieves these objectives by:

1. Fulfilling its responsibilities as a department and central agency of the federal government; and
2. Making central payments and receiving revenues as the employer for government-wide public service pensions and benefits.

While both of these roles are important, the overwhelming majority of the expenditures, in these financial statements, relate to the central payments for pensions and benefits.

Detailed information on the Secretariat's authority, mandate and programs can be found in its Departmental Performance Report and in its Report on Plans and Priorities.

1.2 Financial highlights

Financial statements (unaudited) of the Secretariat for fiscal year 2011–12 can be found on the Secretariat's website. Information can also be found in the Public Accounts of Canada website.

Financial highlights of the Secretariat:

• Government-wide funds and public service employer payments accounted for 86 per cent or $2.127 billion of total expenses ($2.469 billion). Public service employer payments relate to the Secretariat's role as employer of the core public administration. These funds are used for the public service pension, benefits, and insurance payments, including payment of the employer's share of health, dental, income maintenance, and life insurance premiums as well as payments to, or in respect of, provincial health insurance and other related costs. The Pension and Benefits Sector within the Secretariat manages most of these expenditures.
• Parking fee revenue was $7.5 million or 61 per cent of total revenues ($12.4 million). These fees are paid by public servants across government for renting parking spaces in government-owned or -leased facilities. Public Works and Government Services Canada (PWGSC) revised its Custodial Parking Policy in February 2010, which requires public servants to arrange for their own parking and to pay parking fees directly to the parking lot operator. The change to the policy is being implemented on a site-by-site basis, and so the parking fee revenue recorded by the Secretariat will continue to decline over the next several years. The Secretariat continues to fulfill a central accounting function by recording all parking fees deposited by other government departments. These fees are deposited directly to the Consolidated Revenue Fund and are not available for re-spending by the Secretariat.
• Accounts receivable related to other departments' shares of employee benefit costs account for 48 per cent or $164 million of total gross assets ($344 million). Also, accounts payable, which relate to adjustments for other departments' share of employee benefit costs, comprise 56 per cent or $262 million of total liabilities ($471 million). In addition, 25 per cent or $117 million of total liabilities ($471 million) are for end-year payables set up for the Public Service Health Care Plan (PSHCP), the Public Service Dental Care Plan (PSDCP) and the Pensioners' Dental Services Plan (PDSP). These significant payables and receivables result from the requirement for year-end adjustments to ensure the appropriate distribution of employee benefit costs to government departments.

1.3 Service arrangements relevant to financial statements

1.3.1 Secretariat reliance on other government service providers:

The Secretariat relies on other organizations for the processing of certain transactions that are recorded in its financial statements. These arrangements include but are not limited to:

Common Arrangements:

• PWGSC centrally administers the payments of salaries and benefits, the procurement of some goods and services, as well as the provision of accommodations on behalf of the Secretariat.
• The Department of Justice Canada provides legal services to the Secretariat.

Specific Arrangements:

• PWGSC performs the day-to-day administration of the Public Service Pension Plan (PSPP).
• The Office of The Chief Actuary within the Office of the Superintendent of Financial Institutions prepares a triennial actuarial valuation of the PSPP.
• PWGSC performs the day-to-day administration of some centrally funded expenses such as the employer's share of Canada/Québec Pension Plan contributions, Employment Insurance premiums and provincial payroll taxes. These types of expenses are recorded on the Secretariat's financial statements as government-wide funds and are representative of the Secretariat's role as the employer of the public service.

1.3.2 Secretariat reliance on non-governmental service providers:

The Secretariat relies on the internal controls of a number of companies that provide specific services such as medical plan administration, dental plan administration, and insurance services.

1.3.3 Secretariat services upon which other departments rely:

Other government departments rely on the Secretariat for the processing of certain transactions or the provision of information that impacts their financial statements:

Common Arrangements:

• The Office of the Comptroller General within the Secretariat provides all departments with a percentage ratio to be used when calculating their severance pay liability for purposes of their departmental financial statements.
• The Secretariat provides all departments with a percentage amount that allows them to calculate an annual dollar figure for the services they receive without charge for the insurance benefit plans that are funded centrally.
• The Secretariat provides all departments with details regarding the required calculation to determine the employer's share of Employee Benefit Plans (EBP). EBP include costs to the government for the employer's matching contributions and payments to the Public Service Superannuation Plan, the Canada and Québec Pension Plans (CPP/QPP), and the Death Benefit and Employment Insurance accounts.

Specific Arrangements:

• The Secretariat provides corporate services to several departments including the Department of Finance Canada, the Privy Council Office, the Office of the Commissioner of Lobbying and the Canada School of Public Service.

1.4 Material changes in fiscal year 2011–12

Effective November 15, 2011, the responsibility for email, data centre and network services, including associated resources, was transferred from the Secretariat to Shared Services Canada (SSC) including the stewardship responsibility of the assets related to these functions, which had a total net book value of $6.2 million. The administration and delivery of these services were shared during the 2011–12 transition period while SSC was being established.

Effective January 1, 2012, the Secretariat transferred funding in the amount of $70.2 million to Foreign Affairs and International Trade Canada and to National Defence for the management of pension, insurance, and social security programs for locally engaged staff. The impact of this change is $55.5 million, which represents the year-over-year reduction in recorded expenses (actual expenses of $106,000 for 2011–12).

Treasury Board Accounting Standard 1.2 was recently revised and is effective for the preparation of the 2011–12 departmental financial statements. It requires the presentation of the departmental Net Debt in the Statement of Financial Position and the preparation of a new Statement of Change in Departmental Net Debt and the integration of the elements formally presented in the Statement of Equity with the Statement of Operations and Departmental Net Financial Position.

2. Control environment of the Treasury Board of Canada Secretariat relevant to ICFR

The Secretariat recognizes the importance of senior management leadership in ensuring that staff at all levels understand their roles in maintaining effective systems of ICFR and are well equipped to exercise these responsibilities. The Secretariat's objective is to continually improve its internal control environment using a risk-based approach and targeted resource investment so that the required level of effectiveness is achieved at a manageable cost.

2.1 Key positions, roles and responsibilities

Below are the Secretariat's key positions and committees with responsibilities for maintaining and reviewing the effectiveness of its system of ICFR.

Secretary

The Secretariat's deputy head, as accounting officer, assumes overall responsibility and leadership for the measures taken to maintain an effective system of internal control. In this role, the Secretary chairs the Secretariat Executive Committee and is a member of the Departmental Audit Committee.

Chief Financial Officer (CFO)

The Secretariat's CFO reports directly to the Secretary and provides leadership for the coordination, coherence and focus on the design and maintenance of an effective and integrated system of ICFR, including its annual assessment.

Assistant Secretaries and other Senior Departmental Managers

The Secretariat's senior departmental managers in charge of program delivery are responsible for maintaining and reviewing the effectiveness of the system of ICFR falling within their mandate.

Chief Audit Executive(CAE)

The Secretariat's CAE reports directly to the Secretary and provides assurance through periodic internal audits, which are instrumental to the maintenance of an effective system of ICFR.

Government of Canada Audit Committee (GCAC)

The GCAC is an advisory committee to the Secretary that provides objective views on the Secretariat's financial statements, risk management, control and governance frameworks. It is comprised of three external members, a deputy minister external to the Secretariat, and the Secretary of the Treasury Board. As such, it reviews the Secretariat's Corporate Risk Profile, its internal audit reports, and its system of internal control, including the assessment and action plans relating to the system of ICFR.

2.2 Key organization-wide controls in the Treasury Board of Canada Secretariat

The Secretariat's control environment includes measures and tools to help raise awareness and to develop employees' internal control knowledge and skill sets. These include:

• A Secretariat Values and Ethics Office, which provides educational/awareness programs and which is currently drafting a departmental code of conduct;
• A Secretariat Corporate Risk Profile that is updated annually;
• A requirement for accounting designations in key financial management positions as well as a section within the Financial Management Directorate focused on ICFR;
• Financial management policies as well as the documentation of its main business processes and related key risk and control points to support the management and oversight of its system of ICFR;
• A risk-based internal audit plan;
• A draft risk-based internal control framework for financial management including a multi-year monitoring plan, which is being applied and is subject to further review;
• Training programs and regular communication to employees on core areas of financial and contracting management;
• A regularly updated delegated authorities matrix; and
• Secure financial and contracting IT processing systems to achieve enhanced security, data integrity, and efficiency and effectiveness of transactions.

3. Assessment of the Treasury Board of Canada Secretariat system of ICFR

3.1 Assessment approach

In support of the Policy on Internal Control, an effective system of ICFR has the objective to provide reasonable assurance that:

• Transactions are appropriately authorized;
• Financial records are properly maintained;
• Assets are safeguarded; and
• Applicable laws, regulations and policies are followed.

Over time, this includes assessment of the design and operating effectiveness of the departmental system of ICFR leading to ensuring the ongoing monitoring and continuous improvement of its departmental system of ICFR.

Design effectiveness

means to ensure that key control points are identified, documented and in place, and that they are aligned with the risks (i.e., controls are balanced with and proportionate to the risks they aim to mitigate) and that any remediation is addressed. This includes the mapping of key processes and IT systems to the main accounts.

Operating effectiveness

means that the application of key controls has been tested over a defined period and that any required remediation is addressed. Such testing covers all departmental control levels, which include corporate or entity, general computer and business process controls.

In the third fiscal year since the introduction of the Policy on Internal Control, the Secretariat continued to improve its approach to assessing internal controls. As the Secretariat follows a risk-based approach to assessing internal controls over financial reporting, it continued to look at the largest programs impacting the financial statements.

As part of its annual assessment, the Secretariat completed the following:

• Reviewed existing documentation from internal sources and external sources (e.g., other departments, insurance companies) as part of the ongoing assessment of evolving internal controls design;
• Conducted meetings internally with key program managers to discuss internal controls and also met with external stakeholders (e.g., other departments, insurance companies);
• Completed more detailed design effectiveness testing for the PSPP, the PSHCP, the Disability Insurance Plan (DI) and the CPP/QPP payments, and made recommendations to strengthen certain internal controls in these plans. The PSHCP (net of recoveries of $171.8 million) and DI plans represent $984.6 million or 46 per cent of the government-wide funds and public service employer payments ($2.127 billion). The PSPP and CPP/QPP payments are recovered from other departments and represent $3.4 billion on a gross expenditure basis (amounts are expensed and then recovered); and
• Continued the mapping of the key internal controls for the PSDCP.

The Secretariat also took into account information from relevant audits and assessments including the following internal audit reports (which are hyperlinked):

• Audit of the Management of the Public Service Disability Insurance Plan
• Internal Audit and Evaluation Bureau - Audit of Acquisition Cards
• Audit of the Treasury Board of Canada Secretariat's Management Control Framework of the Public Service Pension Plan

3.2 Assessment scope

The business processes within the Secretariat are grouped into two categories: 1) those that concern the Secretariat as a department and 2) those that concern the Secretariat in its role of managing government-wide funds and public service employer payments.

Business processes for the Secretariat as a department are as follows:

• Operating Expenses including Procurement
• Payroll and Benefits
• General Computer Controls
• Financial Reporting and Closing Cycle
• Budgeting and Forecasting

Business processes for the Secretariat as the manager for government-wide funds and public service employer payments are as follows:

• Pension Payments
• Insurance Benefit Plans
• Employee Benefit Plan Recoveries
• Parking Revenue

In 2010–11, the Secretariat focused on business processes associated with its role as the manager of government-wide funds and public service employer payments. The assessments of the design effectiveness of internal controls for the PSPP, the PSHCP and the DI began during 2010–11 and were completed during 2011–12. The design effectiveness assessment involved identifying the specific risks, the related internal controls as well as whether the controls were effective at mitigating the specified risks.

4. Assessment results

In assessing its key controls, the Secretariat assessed design effectiveness for its government-wide pension and employee benefit plans and conducted operational effectiveness testing for departmental business processes.

4.1 Design effectiveness of key controls

The Secretariat conducted in-depth design effectiveness testing on the PSPP, the PSHCP and the DI. The Secretariat identified those controls that were effectively designed and those that were missing or required improvement. The Secretariat began implementation of the corrections, and this will be continued into 2012–13. As a result of these assessments, the Secretariat identified the need for remediation in the following areas:

Governance and Oversight:

• Clarification of the governance structures and management oversight around the DI.
• Clarification of the role of the Secretariat in regards to its oversight and financial advisory roles as related to the PSPP.

Information and Communication:

• Enhanced communication and information sharing internal to the Secretariat between the Financial Management Directorate and the Pension and Benefits Sector to ensure a common understanding of roles and to improve financial management oversight.

Financial Analysis:

• Improved financial analysis as part of the quarterly review process for the DI.

Documentation of Controls and Evidence of Controls:

• Enhanced review of charges incurred through interdepartmental transfers from PWGSC.
• Improved verification of the accuracy of payments made to the plan administrator related to the DI.
• Improved implementation of recommendations arising from the internal audit report and also for external audits/reviews related to the DI.

Accounting:

• Review of accounting treatments for various elements of the PSHCP and the DI in the departmental financial statements.

4.2 Operating effectiveness of key controls

In 2011–12, the Secretariat conducted operating effectiveness testing on regular and priority payments for departmental goods and services transactions. The assessment covered a one-year period from November 1, 2010, to October 31, 2011. A representative sample of transactions was reviewed to determine if the key control activities were operating effectively. The assessment identified that the majority of controls were operating effectively. There were two controls that required remediation, and the responsible organizational unit made the required changes.

5. Action plan

Efforts in fiscal year 2012 focused on the various pension and insurance benefit programs operated and administered by the Secretariat. This emphasis will continue through 2012–13 and 2013–14 due to the complexity and number of insurance plans involved. In addition, the Secretariat will continue to expand the operating effectiveness testing of internal controls.

5.1 Progress in 2011–12

During 2011–12, the Secretariat continued to make significant progress in assessing and improving its controls. Below is a summary of the main progress made by the Secretariat:

Overall, the Secretariat completed the following activities that were planned in the 2010–11 Annex for ICFR:

• Initiated the planning for an internal audit of the process for settling interdepartmental charges, which will be completed in 2012–13.
• Introduced a draft of a comprehensive Risk-Based Internal Control Framework and a three-year internal control monitoring plan, which will be updated annually.
• Developed a draft Financial Management Framework, which seeks to formalize an approach that is, for the most part, already in place.
• Acquired Caseware IDEA software, which assisted the Secretariat to conduct testing of operating effectiveness and which will assist in monitoring activities scheduled in the multi-year monitoring plan.

In addition, the Secretariat completed the following activity, which had not been planned:

• Implemented corrective action to strengthen the information technology system controls based on observations made by the Office of the Auditor General during the 2010–11 Public Accounts audit.

As a department, the Secretariat completed the following as planned:

• Increased the level of business process mapping by detailing the procurement to payment process and the payroll and benefits process. These mapping processes will identify the key controls that will be tested as part of the multi-year monitoring program. In addition, the mapping provides opportunities for identifying areas to improve efficiencies.
• Created new general ledger expenditure object coding to provide more detailed information for departmental management and Parliament. In addition, completed work on the development of an expenditure code dictionary to assist users in selecting the proper code. A communication strategy has been launched to advise administrative assistants and fund centre managers about the dictionary.
• Developed draft acquisition card management procedures that will address roles and responsibilities around acquisition card management. The procedures will also form the basis for training sessions to employees and follow up monitoring.

As the manager of government-wide funds and public service employer payments, the Secretariat reviewed the processes and control activities for the following programs:

• As planned, the Secretariat completed the internal control assessments, developed recommendations for, and began the implementation of, corrective action for the PSPP, the PSHCP and the DI.
• As planned, the Secretariat completed an internal audit of the management control framework for the PSPP, and a management action plan was developed and actions were initiated to address the recommendations.
• As planned, the Secretariat advanced the mapping and assessment of the internal controls around the PSDCP and, as part of this process, implemented some additional internal controls.
• Completed the mapping and internal controls assessment around the CPP and QPP contributions, and initiated the mapping of the internal controls for the provincial payroll taxes and Employment Insurance premiums.
• Developed a framework for the insurance benefit plans that highlights forecast assumptions, sensitivity analyses and roles and responsibilities of various stakeholders in developing the framework. The framework supports the funding requirements for the insurance benefit plans and will be provided to the Expenditure Management Sector and the Department of Finance Canada.

5.2. Future years

In 2011–12, the Secretariat's focus was on the various government-wide pension and insurance benefit plans operated by the Secretariat. This will remain its primary focus over the next three years as the internal controls are assessed, strengthened and tested for operational effectiveness.

By end of 2012–13:

Overall, the Secretariat plans to:

• Complete the internal audit of the interdepartmental settlements process.
• Finalize the comprehensive risk-based internal control framework and three-year internal control monitoring plan and promulgate them throughout the Secretariat.
• Finalize the Financial Management Framework and promulgate it throughout the Secretariat.
• Expand its internal control monitoring by increasing the use of its data analysis software.

As a department, the Secretariat plans to:

• Complete a test of operating effectiveness on travel, hospitality and acquisition card charges.
• Complete the final validation of the Procure to Pay business process and the Payroll and Benefits process in preparation for operational effectiveness testing in 2013–14.

As the manager of government-wide funds and public service employer payments, the Secretariat plans to:

• Complete the mapping and assessment of the internal controls around provincial payroll taxes, Employment Insurance processes and the PSDCP.
• Continue with the implementation of the design effectiveness recommendations around the PSPP and the DI.
• Validate observations and related recommendations concerning the design effectiveness testing of the PSHCP with key stakeholders.
• Initiate the mapping and assessment of internal controls around the PDSP and the Service Income Security Insurance Plan.
• Initiate the mapping and assessment of internal controls around asset management including the capitalization, depreciation and amortization of assets.
• Initiate the internal audit of the Secretariat's Management Control Framework of the PSHCP.

By end of 2013–14

Overall, the Secretariat plans to:

• Complete the audit of the Secretariat's Management Control Framework of the PSHCP.
• Initiate an internal audit of IT Security, which will be completed in 2014–15.

As a department, the Secretariat plans to:

• Conduct operational effectiveness testing on the Procure to Pay and Payroll and Benefits processes.

As the manager of government-wide funds and public service employer payments, the Secretariat plans to:

• Complete the mapping and assessment of internal controls around the PDSP and the Service Income Security Insurance Plan.
• Complete the mapping and assessment of the internal controls around the Québec Parental Insurance Plan and the provincial health plans.
• Initiate the mapping and assessment of the internal controls around the Public Service Management Insurance Plan.
• Initiate the mapping and assessment of the internal controls around the Supplementary Death Benefit Plan.