2017-2018 Chief Audit Executive Annual Report
November 2, 2017
Chief Audit Executive – Richard Rizok
- Hired October 24, 2016
- Secretary of Audit and Evaluation Committee (AEC) for four quarterly meetings
- November 9, 2016
- January 19, 2017
- May 18, 2017
- August 17, 2017
- Appointed Chief Audit Executive (CAE) August 17, 2017
- CPA/CMA Graduate 2013
New Policy on Internal Audit
As per the new Policy on Internal Audit, the CAE confirms the following:
- He has not assigned any management or operational responsibilities that may compromise his independence and objectivity with respect to his or her internal audit responsibilities;
- He has unrestricted access to the AEC;
- He has unrestricted access to all records, databases, workplaces and employees to carry out the risk-based audit plan
- He has unimpaired ability to carry out his responsibilities, including reporting issues to the Commissioner, to the AEC and, as appropriate, to the Comptroller General of Canada.
Chief Audit Executive Report
Provides assurance of:
- Proper oversight of public resources
- Oversight informed by a professional and objective internal audit function
- Guidance that is independent of management
- Responsible stewardship to Canadians
Completed Audits
Information Technology (IT) and Information Management (IM) Security
- Samson & Associates
- Report completed in September 2016
- Recommendations completed
Security Program Diagnostic Assessment
- RHEA Group
- Report completed in April 2017
- Recommendations still pending
Financial Statements
- Office of the Auditor General (OAG)
- Completed and approved in August 2017
Important Items Reviewed by the AEC
- Phoenix Pay Issues
- Budgets & Financial Results
- Investigations
- Legal Cases
- Parliamentary Activities
- Results Framework
- TBS Policy Suite Renewal
- Government-Wide Audit Results
- OIC Strategic Priorities
- Departmental Plan (DP) and Departmental Results Report (DRR)
- Governance Structure
- Values & Ethics
| Year | Audit Project Name | Primary OIC Entity | Estimated Budget |
|---|---|---|---|
| 2017-18 | Threat Risk Assessment (TRA) and Threat Vulnerability Assessment (TVA) | Information Technology (IT) | $24,000 Complete |
| 2018-19 | Performance and Talent Management Review | Human Resources (HR) | $30,000 |
| 2018-19 | Audit of Contracting and Procurement | Canadian Human Rights Commission (CHRC) and OIC - Finance | $35,000 |
| 2019-20 | Audit of Information Management and Physical Security | Corporate Services | $25,000 |
| 2019-20 | Evaluation of Investigations | Senior Management and Complaints Resolution | $35,000 |
Notes
Major risks identified:
- Bill C-58
- Human Resources
- Contracting and Procurement
- IT & IM Security
- Phoenix Pay Issues
- Ongoing increase of ATI requests and complaints
- Inadequate funding
- Slow shift to Open Government
Additional considerations:
- Transition to new commissioner
- Succession planning for external members
- TBS policy suite renewal