Annex to the Statement of Management Responsibility Including Internal Control Over Financial Management — Fiscal year 2022-23
Financial Policies and Internal Controls
Chief Financial Officer Branch
August 2023
On this page
- 1.Introduction
- 2. Departmental system of internal control over financial management
- 3. Departmental assessment results during the 2022-23 fiscal year
- 4. Departmental action plan for the next fiscal year and subsequent fiscal years
1.Introduction
This annex provides summary information on the measures taken by Canadian Heritage (PCH) to maintain an effective system of Internal Controls over Financial Management (ICFM), particularly with respect to Internal Controls over Financial Reporting (ICFR), assessment results and related action plans.
Detailed information on PCH’s authority, mandate and program activities can be found in the Departmental Plan and the Departmental Results Report.
2. Departmental system of internal control over financial management
The Policy on Financial Management requires the establishment and maintenance of a risk-based system of ICFM.
In this context, PCH must perform the ongoing monitoring of the design and operation of its internal controls and remediate identified deficiencies. This also provides reasonable assurance that public resources are used prudently, and that financial legislation, regulations and policies are being complied with.
2.1 Internal control governance
PCH has a well-established governance and accountability structure to support departmental assessment efforts and oversight of its system of internal control. A departmental internal control management framework, approved by the Deputy Minister (DM) and the Chief Financial Officer (CFO), is in place and includes:
- Organizational accountability structures as they relate to internal control management to support sound financial management, including roles and responsibilities of senior managers in their areas of responsibility for internal control management;
- References to values and ethics, including responsibilities of the Office of Values and Ethics, which provides educational and awareness programs and has developed a departmental code of conduct;
- Ongoing communication and training on the legislative and policy requirements for sound financial management and control; and
- Regular monitoring of, and regular updates on, internal control management, as well as provision of related assessment results and action plans to the deputy head and departmental senior management and, as applicable, the Departmental Audit Committee (DAC).
The DAC is an independent and objective committee that provides advice to the Deputy Minister on the adequacy and functioning of the department’s governance, risk management and control frameworks and processes.
2.2 Service arrangements relevant to financial statements
PCH relies on other organizations for the processing of certain transactions that are recorded in its financial statements.
2.2.1 Common Arrangements
- Public Services and Procurement Canada centrally administers the payments of salaries, the procurement of goods and services and provides accommodation services;
- Treasury Board of Canada Secretariat provides information on public service insurance and centrally administers payment of the employer’s share of contributions toward statutory employee benefit plans;
- Department of Justice Canada, which provides legal services; and
- Shared Services Canada provides Information Technology (IT) infrastructure services to the Department, including in the areas of data centre, security and network services.
Readers of this annex may refer to the annexes of the above-noted departments for a greater understanding of the systems of ICFM related to these specific services.
2.2.2 Specific Arrangements
- Parks Canada Agency provides PCH with a PeopleSoft system platform to capture and report on human resource data;
- Agriculture and Agri-Food Canada provides hosting services to PCH for the SAP financial system servers.
3. Departmental assessment results during the 2022-23 fiscal year
Ongoing monitoring is intended to ensure that ICFM, including ICFR, continue to operate effectively and as designed, following the guidance received from the Office of the Comptroller General.
The following table summarizes the status of the ongoing monitoring activities according to this fiscal year’s rotational plan.
| Ongoing monitoring plan for current fiscal year | Status |
|---|---|
| Purchases and Payables (Travel) | Completed as planned; remedial actions to start |
| Purchases and Payables (Hospitality) | Completed as planned; no remedial actions required |
| Joint Agreements | Completed as planned; remedial actions started. |
| Financial Reporting, IT Application Controls | Deferred to future fiscal year |
The key findings from the current fiscal year’s assessment activities are summarized in the subsections below.
3.1 New or significantly amended controls
In the current year, there were no significantly amended key controls in existing processes that required a reassessment.
3.2 Ongoing monitoring program
In accordance with its rotational ongoing monitoring plan, the Department completed the reassessment of the key control areas presented in Table 1.
The majority of key controls that were tested performed as intended and no high-risk observations were made. Lower risk areas for control improvements are as follows:
| Key control areas | Areas for improvement |
|---|---|
| Purchases and Payables (Travel) | An opportunity exists to standardize the roles and responsibilities related to the financial management of travel expenses. |
| Joint Agreements | An opportunity exists to realign roles and responsibilities to ensure appropriate financial management oversight related to Joint Agreements. |
Business process owners have developed management action plans where applicable, addressing the recommendations above.
There were no remediation plans required for the Purchases and Payables related to hospitality or for the Fraud Risk Management key control areas.
4. Departmental action plan for the next fiscal year and subsequent fiscal years
PCH’s rotational ongoing monitoring plan over the next 3 fiscal years is shown in the following table. The ongoing monitoring plan is based on:
- an annual validation of high-risk processes and controls
- related adjustments to the ongoing monitoring plan as required
| Key Business Processes | 2022-23 | 2023-24 | 2024-25 | 2025-26 |
|---|---|---|---|---|
| Investment Planning | - | X | - | To be determined based on the results of the risk assessment |
| Fraud Management | - | - | - | |
| G&Cs fraud risk assessment | - | X | - | |
| Purchases and Payables | X | - | - | |
| Financial Reporting | Delayed | - | - | |
| IT General Controls | - | X | - | |
| Salaries | - | - | X | |
| Grants and Contributions | - | - | X | |
| IT Application Controls | Delayed | - | - | |
| Entity-Level Controls | - | Delayed | - | |
| Capital Assets | - | - | X | |
| Accounts Receivables | - | - | X | |
| Joint Agreements | X | - | - |
The internal control monitoring of the Financial Reporting business process and IT Applications was not performed in 2022-23 due to a temporary realignment of departmental resources, based on departmental priorities.
The Entity Level Control monitoring originally planned in 2023-24 in collaboration with the Office of the Chief Audit Executive will be delayed to a future fiscal year. Historically, Entity Level Controls present a low risk to the department’s control environment.
A detailed financial management risk assessment will be performed in 2023-24 to update key business process risk ratings and to set priorities for the next three-year ongoing monitoring plan.
© His Majesty the King in Right of Canada, as represented by the Minister of Canadian Heritage, 2023
Catalogue No. CH1-48E-PDF
ISSN 2817-2353
Page details
- Date modified: