Office of the Commissioner of Lobbying of Canada

Language selection

Multi-year audit plan — 2014–15 to 2016–17

Table of contents

Introduction

Background

Internal auditing in the federal public service is a professional, independent appraisal function that provides objective assessments regarding risk management, control and governance. In the context of the federal public service, internal audit does not include program evaluation, which is focussed on the assessment of program relevance, performance and alternative methods of program delivery. As such, evaluation priorities are not in-scope for the update of the Multi-Year Audit Plan of the Office of the Commissioner of Lobbying of Canada (the OCL).

Internal audit planning involves the analysis of "auditable units", also referred to as "audit universe components". These units / components are typically defined in relation to the various management activities, processes, systems or initiatives that are carried out or planned within programs and administrative functions. Audit priorities are proposed by the Chief Audit Executive, discussed with senior management, and presented to the OCL Audit and Evaluation Committee for review and comment. The Commissioner approves the Audit Plan on the advice and recommendation of the Audit and Evaluation Committee.

OCL's Multi-Year Audit Plan was updated taking into account the planned audit coverage by central agencies, wherever such audit coverage applies to the OCL. The Audit Plan was developed taking into account OCL's business priorities, Corporate Risk Profile and other relevant documents. In addition, interviews were conducted with members of the OCL Executive Management Committee and leaders of enabling functions to obtain comments regarding audit universe components and audit priorities.

Purpose of this document

This document outlines the audit universe components applicable to the OCL, and provides an assessment of these components in order to identify audit priorities. Three audit universe components are identified as high priorities for the three-year period of the plan. Descriptions are provided for all audit priorities in relation to potential audit objectives and scope. These descriptions are preliminary and may be revisited upon development of tendering documents (for selecting an external audit firm to conduct the audit), or upon review and approval of the terms of reference documents (developed by the external audit firm based on results of the planning phase of the audit).

Accordingly, it is understood that the audit objectives and scope descriptions included in this document are provided mainly for reference purposes, and are simply intended to explain the nature and extent of the audit work that may be carried out. Therefore, the estimates of time that are proposed are also preliminary and may vary depending on planning and scoping decisions. It should be noted that the OCL re-examines its Audit Plan priorities annually at the start of every fiscal year. Audit priorities may be postponed or revised based on important developments, resource constraints or other emerging priorities. Changes to the Audit Plan are discussed by senior management and proposed to the Audit and Evaluation Committee, who in turn recommends the changes for approval by the Commissioner.

Organizational context

Mandate

The Commissioner of Lobbying is an independent Agent of Parliament, appointed by resolution of both Houses of Parliament under the Lobbying Act (the Act) for a term of seven years. The purpose of the Act is to ensure transparency and accountability in the lobbying of public office holders, in order to contribute to confidence in the integrity of government decision-making. The Commissioner administers the Act by:

  • maintaining the Registry of Lobbyists, which contains and makes public the registration information disclosed by lobbyists;
  • developing and implementing educational programs to foster public awareness of the requirements of the Act; and
  • conducting reviews and investigations to ensure compliance with the Act and the Lobbyists' Code of Conduct (the Code).

Organization

The Commissioner is supported by the OCL, which was established in 2008. The Commissioner reports annually to Parliament on the administration of the Act and the Code, and is required to table reports about any investigation conducted in relation to the Code. The OCL, when fully staffed, has 28 full-time employees and an overall budget of about $4.4 million. It is divided into four groups.

  • The Office of the Commissioner includes the Commissioner, a Senior Legal Counsel, a Senior Advisor, and an Administrative Assistant. The Commissioner has the rank and authority of a Deputy Head of a federal organization.
  • The Office of the Deputy Commissioner and Chief Financial Officer is responsible for all corporate services, including: integrated strategic and operational planning; financial and human resource management; information technology; strategic policy; internal and external communications advice; security; facilities management; and workplace safety. The Deputy Commissioner and Chief Financial Officer is also responsible for the coordination and delivery of all outreach activities.
  • The Registration and Client Services Directorate is responsible for developing and maintaining the Lobbyists Registration System (LRS). The LRS allows lobbyists to register their lobbying activities and perform amendments, renewals and terminations of their registrations. This group provides assistance to registrants, public office holders and the general public in using the LRS and in searching the Registry.
  • The Investigations Directorate is responsible for supporting the Commissioner in her mandate to ensure compliance with the Lobbying Act and the Lobbyists' Code of Conduct. The directorate monitors lobbying activities, verifies the accuracy of monthly communication reports submitted by lobbyists, and reviews and investigates allegations of non-compliance. It also reviews applications for exemptions to the five-year prohibition on lobbying for former designated public office holders.

Activities

The OCL aims to achieve transparency and accountability in the lobbying of public office holders, thereby contributing to the confidence in the integrity of government decision-making. Its programs involve the following activities:

  • Maintain the Registry of Lobbyists: The OCL works to ensure that the Lobbyists Registration System is an easy-to-use tool for lobbyists to register their lobbying activities. To this end, the system is refined on an ongoing basis. In addition, systems and processes are in place to ensure that interruptions and downtime are kept to a minimum. This allows Canadians access to the Registry 24 hours a day, seven days a week.
  • Deliver Education and Awareness Programs: The OCL undertakes a range of activities to ensure that public office holders, lobbyists, their clients and Canadians are aware of the requirements of the Act. Efforts are focused on key activities to reach stakeholders in the most cost-effective way possible.
  • Conduct Reviews and Investigations: The Office strives to ensure that all lobbyists are compliant with the Lobbying Act and the Lobbyists' Code of Conduct. Administrative reviews and investigations are conducted to examine every alleged breach of the Act or the Code. Rigorous monitoring and verification processes also contribute to compliance.

Governance

The OCL's governance structure includes an Executive Management Committee (EMC) chaired by the Commissioner and responsible to establish and oversee strategic policy and management direction. It provides a forum to consider decisions on policy, administrative practices and management issues, and ensures that the Commissioner is strategically prepared to provide direction on the key activities of the OCL. The EMC supports the Commissioner in making strategic decisions on key policy and operational planning issues, ensures integration of cross-cutting decisions and addresses items impacting OCL programs and operations.

A Corporate Services Committee (CSC) chaired by the Deputy Commissioner and Chief Financial Officer is also established to oversee resources management, accommodation management, human resources, information management, information technology, procurement and other corporate services. The CSC involves discussions about setting priorities, investing resources, and managing administrative services to improve OCL operations. The CSC makes recommendations to the EMC for consideration and approval.

A Policy and Practices Committee (PPC) is also chaired by the Deputy Commissioner and Chief Financial Officer, which provides a senior corporate forum for discussion of the existing, emerging or anticipated policies and practices about the Act and the Code. The purpose of the PPC is to examine strategic issues and to consider them in the context of both their impact on specific directorates and across the OCL. The PPC provides both a challenge function and a gatekeeper role for policy, practices and strategic communication initiatives that are of immediate priority. The PPC makes recommendations to the Commissioner or the EMC for consideration and approval.

Finally, the OCL has an Audit and Evaluation Committee (AEC) which is composed of three members from outside the public service. The AEC provides the Commissioner with independent and objective advice, guidance and assurance on the adequacy of accountability processes. In order to provide sound advice to the Commissioner, the AEC exercises active oversight in core areas of control and accountability in an integrated and systematic way.

Risk-based planning approach

The OCL audit universe was developed based on a structured analysis of OCL programs and enabling functions, including a detailed review of key documents such as the Annual Report, business plans, performance reports and the Corporate Risk Profile. Interviews were conducted with members of the Executive Management Committee and leaders of enabling functions to discuss the audit universe components, and enquire about planned changes, key management practices and controls, risk issues or concerns, and areas where internal audit projects might provide value. A comparative analysis was also performed with the Three-Year Risk-Based Internal Audit Plan of the Office of the Comptroller General in order to identify audit universe component possibilities and horizontal priorities.

Once all of the audit universe components applicable to the OCL were identified, they were analysed and assessed in relation to inherent risks and significance factors in order to determine priorities from an audit perspective. The assessments were also compared with the ones completed as part of the previous OCL Multi-Year Audit Plan developed in 2010. The list of audit universe components and their priority assessment is presented in Appendix A.

It should be noted that the underlying principle of a risk-based approach for determining audit priorities rests on the premise that areas of higher inherent risksFootnote 1 require greater oversight, and therefore such areas usually benefit the most from audit assurance. Accordingly, a slightly greater weight has been attributed to the assessment of inherent risks when determining priorities consistent with the methodology of the Office of the Comptroller General for developing risk-based audit plans (previously examined and applied). Appendix B provides an overview of the methodology used for the assessment of audit priorities.

In order to assess whether priorities might be different if an equal weight is given to the risk and significance criteria, or if a slightly greater weight is given to significance, a sensitivity analysis is provided in Appendix C for reference. The importance of the significance criterion must not be overlooked, in particular with respect to matters of strategic importance for the achievement of results. By conducting a sensitivity analysis, the OCL is able to better confirm its audit priorities in relation to ratings applied judgmentally.

It should be noted that federal government policy states that audit priorities should be determined based on areas of high risk and significance, however no weightings are actually specified in policy or professional standards. The assignment of weightings is mostly a matter of professional judgement and management preference.

Audit plan summary

The OCL completed its first financial statement audit in 2012–13, and will continue to have its financial statements audited by the Office of the Auditor General on an annual basis. Accordingly, the audit of financial statements is determined to be "non-discretionary" and no assessment is provided for such components.

An Audit of Procurement and Contracting is planned for 2014–15, and an Audit of Financial Management is planned for 2015–16. For the third year of the Audit Plan, an Audit of Reviews and Investigations / Case Management System will be conducted if a case management system has been operationalized for a period of at least 12 to 18 months prior to the start of the audit. Otherwise, an Audit of Planning, Priority Setting, Follow-up and Status Reporting will be conducted during 2016–17 as an alternative project.

The following table provides an overview of the audit priorities. Details regarding each of these priorities are available in the Audit Plan Details section.

Overview of Audit Priorities
Audit Universe Components Priority Level Audit Year Comments
Financial Statements Non Discretionary Annual Financial statements are audited annually by the Office of the Auditor General.
Procurement and Contracting High 2014–15 This audit is first priority.
Financial Management High 2015–16 This audit is second priority.
Reviews and Investigations / Case Management System High First Option for 2016–17 This audit will be performed at least 12 to 18 months after a case management system has been operationalized.
Planning, Priority Setting, Follow-up and Status Reporting Medium Alternative Option for 2016–17 This audit will be performed if the Reviews and Investigations / Case Management System audit is postponed.

Annual review of priorities

It should be noted that the OCL re-examines its Audit Plan priorities annually at the start of every fiscal year. Audit priorities may be accelerated, postponed or revised based on important developments, resource considerations or other emerging priorities. Changes to the Audit Plan are discussed by senior management and proposed to the Audit and Evaluation Committee, who in turn recommends the changes for approval by the Commissioner.

Internal audit approach

The Deputy Commissioner and Chief Financial Officer assumes the role of Chief Audit Executive for the OCL. Internal audit projects are delivered by external audit firms on a contractual basis. The Deputy Commissioner and Chief Financial Officer coordinates the realization of audit projects, and provides support to the external audit firm responsible for conducting the audit. The Audit and Evaluation Committee provides advice and exercises oversight on the audit process, discusses findings with the auditors and management, and reviews internal audit reports and management action plans.

High level of assurance

It is understood that all audits will be planned and carried out in a manner to provide a high level of assurance, and in a manner consistent with the internal audit policies, guidelines and standards applicable to the federal public service.

Optional self-assessment period

At the option of management, a period of up to 6 months may separate the time when the planning / survey phase of an audit project is completed, from the time that the conduct / detailed examination phase begins. Management may wish to use such a period of time at its discretion in order to conduct its own self-assessment of practices and controls relevant to the audit criteria defined at the completion of the planning / survey phase. It is expected that such an approach may allow for better preparation for the audit to be conducted more effectively, and the findings to be identified and discussed proactively.

Analysis of audit coverage

OCL financial statements are audited on an annual basis, and an Audit of Internal Control Over Financial Reporting for selected expenditures was completed in March 2012. Accordingly, financial reporting is fully covered. With respect to programs, the OCL completed an Audit of Registration, Client Services, and the Lobbyists Registration System in October 2012. Assuming that an Audit of Reviews and Investigations / Case Management System is conducted in 2016–17 as planned, approximately 70% of expenditures directly related to programs will have been covered, leaving only the Education and Research program for future consideration.

In relation to total operating expenses by category, the Audit of Financial Management planned for 2015–16 will examine the overall management of all operating expenses. The Audit of Procurement and Contracting, planned for 2014–15, will examine approximately 25% of total operating expenses. The other major expense category is salaries and benefits, which represent approximately 59% of total operating expenses. The OCL is subject to audits / reviews by central agencies with respect staffing, classification, employment equity and official languages. In addition, the OCL is subject to implicit oversight on salaries and benefits processes and expenses by way of shared services obtained from Public Works and Government Services Canada – Shared Human Resources Services (human resources management) and the Canadian Human Rights Commission (payroll and benefits processing). The remainder of total operating expenses (approximately 16%) mostly relates to accommodations and the amortization of capital assets. The financial reporting of these two types of expenses is examined as part of the annual audit of financial statements. Internal audits of Asset Management and Information Technology Management are not considered to be high priorities for the OCL at this time, but these components may be examined in the future.

Audit plan details

The following tables outline preliminary audit objectives and scope for each audit universe component identified as a high priority for the Multi-year Audit Plan. It is understood that these audit objectives and scope may be revisited upon development of tendering documents (for selecting an external audit firm to conduct the audit) or terms of reference documents (developed by auditors at the end of the planning phase of an audit).

Procurement and Contracting High Priority Planned for 2014–15

Preliminary audit objectives:

To determine whether management practices, systems and controls result in goods and services being acquired in accordance with stated requirements, compliance with delegated authorities, policies and guidelines, and value for money obtained. The audit will also determine whether management practices, systems and controls meet requirements of the Financial Administration Act, the proactive disclosure of contracts, and the Federal Framework for Aboriginal Economic Development.

Preliminary audit scope:

The scope will include the procurement of goods and services, and the contracting for professional services using various methods such as acquisition cards, purchase orders, contracts, standing offers and supply arrangements. The scope will include planning, expenditure initiation, tendering, vendor selection, contract award, contract administration, the receipt of goods and services, the approval and recording of expenditures, and the approval and processing of payments. However, the scope will exclude expenditures relating to travel, hospitality, conferences, memberships and training which are covered as part of a separate audit universe component. The period of reference for the audit will be determined upon completion of the planning phase of the audit.

Estimated effort:

The level of audit effort required is estimated to be approximately 20 to 30 person-days.

The level of management support required for the audit is estimated to be 5 to 8 person-days.
Financial Management High Priority Planned for 2015–16

Preliminary audit objectives:

To determine whether the expenditure management practices, systems and controls result in accurate budgeting and forecasting, reliable internal financial reporting, the active monitoring of expenditures, and the timely reallocation of resources. The audit will also determine if management practices and controls achieve compliance with legal and policy requirements applicable to financial management, and compliance with delegated financial authorities.

Preliminary audit scope:

The scope will include budgeting, monthly financial reporting, quarterly and mid-year review processes, as well as the implementation of reallocation decisions. In addition, the scope will include the processing of financial transactions, accruals and reconciliation procedures taking into account shared service arrangements for financial services. The scope will also include examination of financial information reported in statutory reports such as the Report on Plans and Priorities, and the Departmental Performance Report. However, the scope will exclude public accounts and financial statements which are audited annually by the Office of the Auditor General. The period of reference for the audit will be determined upon completion of the planning phase of the audit.

Estimated effort:

The level of audit effort required is estimated to be approximately 20 to 30 person-days.

The level of management support required for the audit is estimated to be 5 to 8 person-days.
Reviews and Investigations / Case Management System High Priority First option for 2016–17

Preliminary audit objectives:

To determine whether the management practices and controls relating to the review and investigation processes and related to the case management system ensure that:

  • lobbying activity is monitored;
  • reviews and investigations are conducted in accordance with applicable legislative and policy frameworks;
  • review and investigation results are documented satisfactorily;
  • recommendations and decisions are based on reliable information, analysis and advice; and
  • resources are managed economically and efficiently, and operations are effective.

The audit will also determine whether management practices and controls ensure that investigation information is safeguarded, and ensure that the case management system is protected.

Preliminary audit scope:

The scope will include processes relating to the monitoring of lobbying activity, the management of advisory letters and responses, the review and investigation processes, the legal advice sought and provided, and the use of the case management system. The scope will also include the confirmation of monthly communication returns, the update of registration information based on results of the confirmations, and the management of outstanding confirmation requests and related issues. Finally, the scope will include the mechanisms in place for controlling access to investigation information, and for ensuring that the case management system is adequately protected. The period of reference for the audit will be determined upon completion of the planning phase of the audit.

Estimated effort:

The level of audit effort required is estimated to be approximately 30 to 40 person-days.

The level of management support required for the audit is estimated to be 8 to 10 person-days.
Planning, Priority Setting, Follow-up and Status Reporting Medium Priority Alternative option for 2016–17

Preliminary audit objectives:

To determine whether management practices, systems and controls ensure that planning and priority setting activities are conducted strategically, in a manner that:

  • supports the OCL Organizational Framework;
  • facilitates the participation of key contributors;
  • leverages risk and performance information;
  • identifies and addresses improvement opportunities holistically;
  • defines clear deliverables, timelines and responsibilities; and
  • ensures effective communication, follow-up and status reporting.

The audit will determine whether management practices ensure the integration of plans and priorities across programs and enabling functions. The audit will also determine whether management practices ensure that priorities are updated based on important developments that may occur as the fiscal year progresses, and ensure that such changes are communicated effectively.

Preliminary audit scope:

The scope will include all activities normally associated with strategic and operational planning cycles. These activities include contextual analysis, developing objectives, and setting priorities. These activities also include translating priorities into manageable initiatives or projects, monitoring progress, reporting status, analysing results and disseminating lessons learned. The period of reference for the audit will be determined upon completion of the planning phase of the audit. The period of reference for the audit will be determined upon completion of the planning phase of the audit.

Estimated effort:

The level of audit effort required is estimated to be approximately 30 to 40 person-days.

The level of management support required for the audit is estimated to be 8 to 10 person-days.

Footnotes

Appendix A - Audit universe components

The Audit Universe Components were inventoried and prioritized based on inherent risks and significance factors. The assessment of priorities for 2013 was completed using the criteria and rating scales outlined in Appendix B, and by applying a slightly greater weight to the inherent risk criteria in order to maintain consistency with the 2010 priority assessment (also reflected below). A sensitivity analysis using alternative weightings is provided in Appendix C.

2010 and 2013 Priority Assessment
Audit Universe Components
(Numbered for reference)		 Priority Assessment
2010		 Priority Assessment
2013
Non Discretionary Audits
  1. Financial statements
 Non-discretionary An audit of financial statements is performed annually by the Office of the Auditor General.
  1. Internal control over financial reporting for selected expenditures
 Non-discretionary An audit of this component was completed in March 2012.
Horizontal Audits
  1. Governance
 Medium Medium
  1. Planning, priority setting,
    follow-up and status reporting
 Medium Medium
An audit will be performed if the Reviews and Investigations / Case Management System audit is postponed beyond 2016-17.
  1. Statutory operational reporting - New
    (e.g. Annual Report information)
 Not previously assessed Medium
  1. Shared services agreements - New
 Not previously assessed Medium
  1. Values and ethics
 Part of Governance #3 Part of Governance #3
  1. Risk management
 Part of Governance #3 Part of Governance #3
  1. Performance management
 Part of Governance #3 Part of Governance #3
  1. Project management - New
 Part of Governance #3 Part of Governance #3
Program Audits
  1. Registration of lobbyists / Lobbyists Registration System
 High An audit of this component was completed in October 2012.
  1. Education and research including communications and media relations. Footnote 2
 This component is initially better
suited for an evaluation project.		 This component is initially better
suited for an evaluation project.
  1. Reviews and investigation /
    Case management system
 High High
An audit will be performed at least 12 to 18 months after a case management system has been operationalized.
  1. Exemptions - New
 Not previously assessed Low
Internal Services Audits
  1. Legal services
 Medium Medium
  1. Human resources management
 Medium Medium
  1. Salary and benefits
 Low Low
  1. Financial management
 High High
An audit of this component is planned for 2015–16.
  1. Travel, hospitality, conferences, training, memberships and other selected expenditures
 Low These expenditures were audited as part of the Audit of Internal Control over Financial Reporting.
  1. Procurement and contracting
 High High
An audit of this component is planned for 2014–15.
  1. Asset management
    and facilities management
 Low Low
  1. Information management,
    privacy and access
 Medium Medium
  1. Information technology management
 Medium Medium
  1. Information technology security
 Medium Medium
  1. Program policy and research
 Medium Medium
  1. Workplace health and safety
 Low Low
  1. Business continuity
 Low Low

Footnotes

Appendix B — Assessment methodology

The audit universe components were analysed and assessed in relation to the criteria and rating scales outlined below. The overall assessment score obtained was used to determine the priority levels outlined in Appendix A.

Inherent Risk - (60% of total weight)
Rating Description
  1. Very High
  • Exposure involves many risks that will remain or get worse.
  • Consequences of the risks would be very high.
  • Impacts of the risks would be very widespread.
  • Component is routinely subject to public scrutiny.
  1. High
  • Exposure involves many risks that are expected to remain.
  • Consequences of the risks would be high.
  • Impacts of the risks would be widespread.
  • Component is often subject to public scrutiny.
  1. Moderate
  • Exposure involves some risks that are expected to remain.
  • Consequences of the risks would be moderate.
  • Impacts of the risks would be moderately widespread.
  • Component has some public profile or visibility.
  1. Low
  • Exposure involves a few risks that may diminish over time.
  • Consequences of the risks would be low.
  • Impacts of the risks would be narrow / limited.
  • Component has limited visibility outside of the organization
  1. Very Low
  • Exposure involves a few risks that are expected to diminish over time.
  • Consequences of the risks could be managed easily.
  • Impacts of the risks would be very narrow / negligible.
  • Component has no visibility outside of the organization.
Significance - (40% of total weight)
Rating Description
  1. Very significant
  • Critical to the achievement of objectives.
  • Dollar value / materiality is very high.
  • Scope or reach of the component is very broad.
  • Implications on stakeholders are very significant.
  1. Significant
  • Important to the achievement of objectives.
  • Dollar value / materiality is high.
  • Scope or reach of the component is broad.
  • Implications on stakeholders are significant.
  1. Moderately significant
  • Moderately important to the achievement of objectives.
  • Dollar value / materiality is moderate.
  • Scope or reach of the component is moderate.
  • Implications on stakeholders are moderate.
  1. Somewhat significant
  • Somewhat important to the achievement of objectives.
  • Dollar value / materiality is low.
  • Scope or reach of the component is low.
  • Implications on stakeholders are low.
  1. Not significant
  • Not very important to the achievement of objectives.
  • Dollar value / materiality is negligible.
  • Scope or reach of the component is very limited.
  • Implications on stakeholders are negligible.
Overall Assessment
Score Priority
≥ 4 High
≥ 3 but < 4 Medium
<  3 Low

Appendix C - Sensitivity analysis

A sensitivity analysis is provided to help determine how audit priorities are impacted if an equal weight is given to risk and significance, or if a slightly greater weight is given to significance. By conducting such a sensitivity analysis, the OCL is able to better confirm its audit priorities in relation to ratings applied judgmentally.  The sensitivity analysis below confirms the priorities identified in the Audit Plan Summary.

Sensitivity Analysis
Audit Universe Components
(Numbered for reference)		 Sensitivity Analysis
(Based on variations of weighting factors)
Risk = 60%
Significance = 40%		 Risk = 50%
Significance = 50%		 Risk = 40%
Significance = 60%
Non-discretionary Audits
  1. Financial statements
 Non-discretionary
  1. Internal control over financial reporting for selected expenditures
 Non-discretionary
Horizontal Audits
  1. Governance
 Medium Medium Medium
  1. Planning, priority setting,
    follow-up and status reporting
 Medium High High
  1. Statutory operational reporting - New
    (e.g. Annual Report information)
 Medium Medium Medium
  1. Shared services agreements - New
 Medium Medium Medium
  1. Values and ethics
 Part of Governance #3
  1. Risk management
 Part of Governance #3
  1. Performance management
 Part of Governance #3
  1. Project management - New
 Part of Governance #3
Program Audits
  1. Registration of lobbyists /
    Lobbyists Registration System
 An audit of this component was completed in October 2012.
  1. Education and research including communications and media relations Footnote 3
 This component is initially better suited for an evaluation project.
  1. Reviews and investigation /
    Case management system
 High High High
  1. Exemptions - New
 Low Low Low
Internal Services Audits
  1. Legal services
 Medium Medium Medium
  1. Human resources management Footnote 4
 Medium High High
  1. Salary and benefits
 Low Medium Medium
  1. Financial management
 High High High
  1. Travel, hospitality, conferences, training, memberships and other selected expenditures
 These expenditures were audited as part of the Audit of Internal Control over Financial Reporting.
  1. Procurement and contracting
 High High High
  1. Asset management
    and facilities management
 Low Low Low
  1. Information management,
    privacy and access
 Medium Medium Medium
  1. Information technology management
 Medium Medium Medium
  1. Information technology security
 Medium Medium Medium
  1. Program policy and research
 Medium Medium Medium
  1. Workplace health and safety
 Low Low Low
  1. Business continuity
 Low Low Low

Footnotes

Report a problem on this page
Please select all that apply:
Date modified: