Multi-Year Risk-Based Audit Plan
2011-12 to 2013-14

Project Number 6B218
Final Audit Report
March 18, 2011

Foreword

This document contains the three-year Risk-based Audit Plan from 2011-12 to 2013-14 for Fisheries and Oceans Canada. It was approved by the Deputy Minister for the Department upon recommendation from the Departmental Audit Committee on March 18, 2011. The Plan is updated annually based on an assessment of current risks and therefore, the timing or scope of some internal audit projects in future years may change.

Table of Contents

List of Acronyms

CAE
Chief Audit Executive
CCG
Canadian Coast Guard
CRP
Corporate Risk Profile
CFO
Chief Financial Officer
DAC
Departmental Audit Committee
DFO
Department of Fisheries and Oceans Canada
EAP
Economic Action Plan
IAD
Internal Audit Directorate
IIA
Institute of Internal Auditors
IPPF
International Professional Practices Framework
OAG
Office of the Auditor General
OCG
Office of the Comptroller General
PAA
Program Activity Architecture
QAIP
Quality Assurance and Improvement Program
RBAP
Risk-based Audit Plan
TB
Treasury Board

Top of page

1.0 Introduction

1.1  Purpose

This document, developed by the Internal Audit Directorate (IAD), outlines the Risk-based Audit Plan (RBAP) for the Department of Fisheries and Oceans Canada (DFO). The RBAP has been designed with the objective of:

  • identifying the priorities of the internal audit activity based on an assessment of risk and potential exposure that may affect DFO entities’ ability to accomplish their objectives;
  • coordinating activities with external assurance services providers to ensure proper coverage and minimize duplication of efforts;
  • allocating internal audit resources to those areas that represent the highest risk and materiality and to ensure that sufficient work is completed to support an overall assurance statement; and
  • considering recent Management Accountability Framework assessment requirements.

1.2 Department of Fisheries and Oceans Canada

DFO is responsible for developing and implementing policies and programs in support of Canada’s scientific, ecological, social and economic interests in oceans and freshwaters. The Canadian Coast Guard (CCG), a Special Operating Agency within DFO, is responsible for services and programs that contribute to the safety, security and accessibility of Canada’s waterways. The CCG also contributes to the objectives of other government organizations through the provision of a civilian fleet and a broadly distributed shore-based infrastructure.

DFO is a national and international leader in marine safety and in the management of oceans and freshwater resources. Departmental activities and presence on Canadian waters help to ensure the safe movement of people and goods. As an economic and sustainable development department, DFO will integrate environment, economic and social perspectives to ensure Canada’s oceans and freshwater resources benefit this generation and those to come.

The Department’s guiding legislation includes the Fisheries Act, which confers responsibility to the Minister for the management of fisheries, habitat and aquaculture and the Oceans Act, which charges the Minister with leading oceans management and providing CCG and hydrographic services on behalf of the Government of Canada. The Department also shares, with Environment Canada and Parks Canada, responsibility for the Species at Risk Act, which charges the Minister with the responsibilities associated with the management of aquatic species at risk in Canada.

2.  Internal Audit Directorate Organization

2.1  Organization

Internal audit in the Government of Canada is a professional, independent assurance function that provides objective, substantiated conclusions as to how well the organization's risk management, controls and governance processes are designed and working.  The focus of internal audit is on all management systems, processes and practices, including the integrity of financial and non-financial information. Internal audit adds value by assessing and making recommendations on the effectiveness of control mechanisms in place to ensure that the organization achieves its objectives and in a way that demonstrates informed, accountable decision making with regard to ethics, compliance, risk, economy and efficiency.

At DFO, the mission of IAD is to help improve departmental performance by identifying opportunities through assurance and advisory services. The IAD operates in accordance with respective Treasury Board policies and guidelines.  Internal audits are conducted within the standards of the Institute of Internal Auditors (IIA) International Professional Practices Framework (IPPF) and IAD’s Internal Audit Engagement Process Manual.

The Department’s internal audit activity is led by the Chief Audit Executive (CAE) who reports directly to the Deputy Head. The CAE is responsible for establishing a RBAP consistent with the Department’s objectives and maintaining a quality assurance and improvement program to monitor the IAD effectiveness. The CAE is also responsible for ensuring internal audit resources are professionally qualified and appropriately trained. In addition, the CAE communicates relevant information, including internal audit findings, to the Departmental Audit Committee (DAC), the Deputy Minister and, as appropriate, to the Office of the Comptroller General (OCG).

The IAD consists of Internal Audit Services and Professional Practices function, both led by Directors reporting to the CAE. The Internal Audit Services is responsible for providing assurance and advisory services while the Professional Practices function supports the internal audit activity by providing a quality assurance and improvement program, external liaison services and DAC secretariat.

2.2  Departmental Audit Committee

The DAC provides the Deputy Minister with independent, objective advice, guidance and assurance on the adequacy of the Department’s risk management, controls, governance processes and audit capacity. 

The DAC is composed of four members: the Deputy Minister and three external members.  The Deputy Minister chairs the meetings and an external member is vice-chair.  The Associate Deputy Minister, the CCG Commissioner, the Chief Financial Officer (CFO), the Senior General Counsel and the CAE are permanent observers of the DAC.

2.3  Resources

The total budget (salary, operations and maintenance funding) of the IAD in fiscal year 2011/12 will be $2.5M. The IAD consists of two distinct but complementary functions, namely Internal Audit and Professional Practices.  IAD has an approved count of 29.21 FTEs.  In 2011/12, the internal audit function will be delivered through 28.88 FTEs (FTE utilization).  A breakdown by function follows:

Assurance Work

Audit engagements

20.23

Risk-based Audit Plan 

1.35

Quality Assurance and Improvement Program

1
External Liaison 1.4
Support to DAC 1.2

Other Work

 

Administrative Services (Finance, HR and Strategic Planning)

1.9

Support Services

1.8

TOTAL

28.88 FTEs

*Data has been extracted from the 2011/12 Internal Audit Directorate HR Plan.

2.3.1  Challenges

Greater competition in the public and private sectors for qualified and experienced internal audit professionals, combined with labor market demographic issues, has exacerbated auditor shortages and has made the recruitment and retention of experienced professionals particularly challenging. 

The high demand for qualified auditors both inside and outside the public service has made it a challenge for IAD to retain qualified auditors. However, from a turnover of approximately 45% for 2009-10 representing 13 departures, IAD’s attrition was reduced to 11% (3 departures of which 2 are permanent) in 2010/11.

With the exception of three staff taking maternity/parental leave in early 2011-12, the IAD expects to be fully staffed at April 1, 2011; normal turnover throughout the year is expected. Replacing temporary departures of six month to one year is not an easy task given the shortage of auditors in the public service.

2.4  Internal Audit Services

2.4.1  Assurance and Advisory Services

Internal audit takes a disciplined, evidence-based approach to determining whether or not assurance can be provided, that key systems and processes are appropriately designed and are functioning as intended. Principally as a complement to the assurance role, and within its sphere of expertise, the IAD will provide advisory services to the Deputy Minister and the Departmental Management Board.  

2.4.2  Follow-up on Audit Recommendations

IAD actively and vigorously monitors and reports on the implementation of approved Management Action Plans to address recommendations from IAD, the Office of the Auditor General (OAG) and other external assurance providers. As part of the follow-up process, IAD requests updates from management, assesses and validates corrective measures that have been taken and determines whether the actions carried out are appropriate. The results of these follow-up activities are reported to and approved by the DAC on a semi-annual basis and annually for OAG audits.

When there is a high risk that the corrective actions may not be completed as reported by the client, IAD will conduct a more comprehensive follow-up audit. Follow- up audit reports are tabled and approved at the DAC and posted on the Directorate Intranet site and provided to TBS/OCG as for regular internal audit engagements. For a complete list of internal audits with recommendations to be implemented, see Appendix 1.

2.4.3  Liaison with the Office of Auditor General and other Assurance Providers

IAD’s management of liaison activities with the OAG, the OCG, and other assurance providers ensures that the activities of the Department are represented accurately, fairly and in a balanced manner. Various activities are carried out to ensure positive working relationships and effective coordination of all external audit work. Specifically, this includes providing assistance to departmental officials throughout the conduct of audits, negotiating acceptable timeframes for providing requested material, as well as collaborating with others when validating the factual content of audit reports and preparing departmental responses.

2.4.4  Support to the Comptroller General

As outlined in the Treasury Board (TB) Policy on Internal Audit, the IAD must address risks and internal audits identified by the OCG as part of government-wide coverage.  Horizontal audits planned by the OCG were taken into account and those involving IAD were included in the 2011-12 to 2013-14 RBAP, refer to Appendix 2A.

Recently, the OCG has adopted a new method of conducting horizontal internal audits. Horizontal audits are now being conducted as a collaborative approach by sharing the work between the OCG and the Internal Audit groups in departments. When conducting a horizontal audit in large departments and agencies, the OCG will perform the planning of the audit and prepare the audit work programs including the steps to take for documentation review and interview questionnaires. The OCG then requires the IAD to provide 2 auditors (a supervisor and someone to do the work) to complete the examination phase and provide fact sheets to the OCG within a 12 week window. The OCG will join the IAD in the field to ensure consistency in the way the work is being carried out across large departments and agencies.

We believe that resources required to perform the OCG work has been planned appropriately in the RBAP. However, as the RBAP was being prepared, the OCG was still in the process of finalizing its audit plan for 2011-12 to 2013-14.  Once it is finalized, the IAD may need to make adjustments to portions of its RBAP to avoid duplication and ensure efficient use of resources.  The IAD will seek the DAC approval for any such substantive changes1.

The TB Policy on Internal Audit also requires that Deputy heads ensure that, on a timely basis, the OCG is provided: copies of internal audit plans as approved by the deputy head; copies of any management letters resulting from the audits of the OAG; electronic copies of reports on all completed internal audits before they are posted on the departmental web site; a copy of the annual assurance overview report by the CAE; access to internal auditing staff and their working papers; the annual report of the DAC including the Committee's assessment of the departmental internal audit function; and external professional practice inspection reports.

2.5  Other Services

2.5.1  Support to the DAC

The IAD provides support to the DAC members in order to coordinate and organize the quarterly meetings. This includes the preparation of material into binders two weeks before the date of the meeting. The IAD reimburses the DAC external members for the cost of travel and salary for hours worked. The IAD also provides support for the preparation of the DAC Annual Report and the DAC Annual Work Plan.

2.5.2  Quality Assurance Activities

Pursuant to the TB Policy on Internal Audit, the Government of Canada adopted the IIA International Professional Practices Framework and the International Standards for the Professional Practice of Internal Audit as part of the Government of Canada Internal Audit Standards. The implementation of the Policy was to be phased in by the effective date of July 1, 2009.  As part of the Standards, the CAE is responsible to develop and maintain a Quality Assurance and Improvement Program (QAIP). 

In 2009/2010, IAD signed a Memorandum of Understanding (MOU) with Audit Services Canada for a pilot quality assurance program. In that year, 13 of 17 phases of audits were reviewed, including projects led by all four managers. A report was prepared by Audit Services Canada including strengths and opportunities for improvement. 

In 2010/2011, the program was transferred in house under the direction of the Director, Professional Practices. The QAIP manager established a program, approved by the Director and CAE, to ensure that all phases of all audits would be submitted to Quality Assurance prior to the audit reports going to DAC for recommendation and approval by the Deputy Minister.

Furthermore, IAD has volunteered to undergo an external pilot professional practice inspection conducted by the OCG that will satisfy the requirement of the TB Policy on Internal Audit to have an external review done at least once every four years.

3.  Approach/Methodology

3.1  Universe

The Department activities are organized under three strategic objectives: Economically Prosperous Maritime Sectors and Fisheries, Sustainable Aquatic Ecosystems, and Safe and Secure Waters. Supported by scientific excellence, modern and efficient corporate functions and a versatile Coast Guard fleet, these strategic objectives form the basis for organizing, planning and reporting on the Department's programs and services.

These strategic objectives form the basis of the Department’s PAA for 2011-12 referred to in Appendix 3.  The PAA is an inventory of all the programs and activities undertaken by the Department.  The PAA was a major input into the definition of the audit universe. The audit universe, which forms the basis for selecting areas to audit, defines the potential scope of the internal audit activity and is comprised of major auditable units that may be subject to audit. It is the starting point of the RBAP.

3.2  Corporate Risk Profile

The internal audit plan of engagements takes into consideration the Corporate Risk Profile (CRP) for DFO.  The CRP consists of: key corporate risk identification, assessment and prioritization; assignment of senior management accountabilities for mitigation; and, identification of additional mitigation strategies.  As well, the CRP contains sections on: the context and drivers for Integrated Risk Management; the governance of Integrated Risk Management; communications; the methodology to derive the CRP; and a detailed analysis of each of the corporate risks.  A summary of DFO’s Corporate Risks can be found in Appendix 4.

3.3  Planning Process

This Plan represents an update of the 2010-11 to 2012-13 RBAP that was approved by the Deputy Head in March 2010. 

The procedures taken to develop the 2011-12 to 2013-14 RBAP were based on the OCG practice guidebook entitled Internal Audit Planning for Departments and Agencies as well as best practices/areas of improvement found during last year’s update. The audit universe was DFO’s new 2011-12 PAA which represents the inventory of auditable entities in the department organized by strategic objective. This audit universe was then prioritized and assessed for risk based on interviews with senior management and risk factors including materiality, complexity, degree of change, previous assurance work, legislative or other compliance requirements, and degree of dependencies. The results of the risk prioritization are summarized in Appendix 3.

The RBAP for 2011-12 to 2013-14 was developed from the list of prioritized internal audit projects. The three-year summarized internal audit plan is provided in Appendix 2A. Additional information on planned audits for 2011-12 is provided in Appendix 2B. The RBAP includes carry-over audit projects from 2010-11, OCG horizontal audits and proposed audit projects.  Appendix 5 provides, as contextual information, a summary of projects planned by other assurance providers.

3.3.1  Document Review

In order to update the 2010-11 to 2012-13 RBAP, the audit team undertook a review of relevant documents to validate the current list of proposed audit projects and identify potential changes and additions.  The following documents were consulted:

  • DFO’s Program Activity Architecture;
  • DFO’s Corporate Risk Profile;
  • DFO sector risk profiles;
  • DFO’s Management Accountability Framework assessment;
  • DFO Department Performance Report;
  • DFO Report on Plans and Priorities; 
  • DFO Internal Audit and Evaluation Reports;
  • Reports of external assurance providers; and
  • DFO’s departmental priorities.

3.3.2  Identification of Areas with High Risk

Consultations were held with Senior Management as an opportunity to engage them in the risk-based audit planning process.  Management was asked to validate the audits identified in the previous RBAP for 2011-12 and 2012-13 and to provide input for the planning of audit projects for 2013-14.  They were also asked to discuss any particular sources of risk to which their organizations were exposed. A separate consultation was held with the DAC members. The IAD considered the information provided during these consultations when preparing the DFO’s 2011-12 to 2013-14 RBAP. 

3.4  Approval of the Risk-based Audit Plan

The Risk-based Audit Plan is formally updated by the IAD on an annual basis, reviewed by the DAC and recommended for approval to the Deputy Head. 2

When changes to the RBAP are necessary, IAD will ensure that the principles of the audit planning process are observed and that all resulting decisions are well documented and approved by the DAC2. By following a rigorous process, the Department can ensure that new decisions are being made in a consistent and timely manner. 

3.5  Monitoring of the Risk-based Audit Plan

The implementation of the RBAP will be monitored on a regular basis throughout the year and proposed changes will be presented to DAC for approval, when required.

4. Summary of Audit Coverage

4.1   Coverage of PAA

Appendix 3 summarizes coverage of the audit universe by assurance providers and the DFO 2011-12 to 2013-14 RBAP. The audits selected in the 2011-12 to 2013-14 RBAP provide coverage of 56% ($1B / $1.8B) of DFO’s spending estimates for 2011-12. Furthermore, 2 OCG and 3 DFO multi-sector audits will be conducted providing further coverage. The DFO 2011-12 to 2013-14 RBAP covers 66% (12/18) of high audit priorities, with coverage on the balance provided by previous assurance work or other assurance providers when possible. The only exception is “Fisheries Strategies and Governance” which is an approved new PAA element as of April 2011. Inclusion of this PAA element into the 2012-13 to 2014-15 RBAP will be made when associated risks and controls can be assessed.

4.2  Coverage of Departmental Priorities

Appendix 6 summarizes audit coverage of Departmental Priorities as approved at the September 2010 DMC meeting. These priorities were then used in developing the priorities found in DFO’s 2011-12 Report on Plans and Priorities. There is either recently completed or planned assurance projects listed for every auditable priority. Several management priorities target specific initiatives that are not auditable. For example, the IAD cannot audit the tabling of the new Fisheries Act and passage through parliament.

4.3  Coverage of Corporate Risks

Appendix 7 summarizes the 2011-12 to 2013-14 RBAP coverage of corporate risks. All 13 corporate risks from Appendix 4 are addressed except for Communications. Risks associated to Communications were ranked moderate (see Appendix 3). As such, it was not prioritized above other audits for inclusion in the 2011-12 to 2013-14 RBAP.

4.4  Coverage of Risk Management, Controls and Governance

Each audit contained in the 2011-12 to 2013-14 RBAP was selected for its high potential to add value to DFO’s operations through the improvement of risk management, controls, and governance processes. Furthermore, this RBAP contains several multi-sector audits on DFO initiatives such as the Northern Strategy, the Governance Structure, and the Policy on Internal Control which will directly address the areas of risk management, controls, and governance across several sectors and strategic objectives.

Appendix 8 summarizes the 2011-12 to 2013-14 RBAP coverage of DFO sectors and risks.

5.  Audit Resources

5.1   Summary of Resource Availability and Capacity Use

In preparation of the RBAP, an estimate of total resource capacity available was determined and used for scheduling of the audits. Taking into account the budget available for internal and external resources, a total of approximately 2,535 person-days of capacity for 15 full-time auditors was estimated for 2011-12. This is direct audit time. The FTE utilization of 20.23 referred to in section 2.3 includes work associated with first level quality assurance, leave provisions and time for administration, professional development and other training which decreases available auditor work time.

Appendix 9 summarizes estimated resource allocation and timelines for audits in each fiscal year: 2011-12, 2012-13, and 2013-14.

5.2  Statement on the Adequacy of Resources

Appendix 2B  Detailed Project Descriptions for Fiscal-Year 2011-12, summarizes the estimated salary, contractor and travel costs required for each audit in 2011-12. The resource needs are adequately covered by the IAD budget $2.5M while allowance is made for MAP follow-up activities, liaison with the OAG and other central agencies, support to the DAC, professional practices, administrative support, leave and training. Should the IAD budget in future years remain comparable, it is expected that resources will be adequate for 2012-13 and 2013-14.

Although resource needs are slightly higher for 2012-13 (refer to Appendix 9), audit project realignment based on a DFO updated risk assessment is expected at the next RBAP update.

6.  2010-11 in Review

6.1  Adjustments to the Audit Plan for 2010-11

As per the 2010-11 to 2012-13 RBAP, 11 audits were scheduled for completion in 2010-11. During fiscal year 2010-11, adjustments were required to the RBAP due to new requirements on IAD identified by DFO senior management. IAD proposed the following adjustments to the plan for which approval was received at the September 2010 meeting of the DAC.

6.1.1  Atlantic Lobster Sustainability Measures Program

In 2009-10, the Department implemented two lobster-related programs, the Short Term Transitional Measures and the Atlantic Lobster Sustainability Measures, to provide short term assistance to lobster harvesters affected by the global economy and to address sustainability of the fishery over the longer term.  The Deputy Minister requested that the IAD assess the adequacy of the management control framework put in place for these programs.  The audit report was approved at the December 2010 DAC meeting.

6.1.2  BC Aquaculture Program

In February 2009, the B.C. Supreme Court ruled that marine finfish aquaculture on the coast of B.C. is a fishery and a matter of exclusively federal jurisdiction. DFO became responsible for the BC Aquaculture program as of December 18, 2010. Prior to this transition, IAD was requested to conduct a limited scope review of the program. This work was agreed upon by the Deputy Minister, and conducted during the 2010-11 fiscal year. The report was approved by DAC at their September 2010 meeting.

6.1.3  Internal Service Business Management

In the context of strategic review, the IAD was requested to undertake a preliminary study, and subsequently oversee the independent review, including a benchmarking analysis of the program planning and coordination (PPC) function at DFO.  The reports of these studies reached findings and made recommendations that helped management make informed decisions regarding the department’s business model for the delivery of internal services. These recommendations have been accepted by the Deputy Minister and an implementation committee has been struck.

6.1.4  Coast Guard Mid-shore Vessel Procurement Review

The CCG, in partnership with Public Works and Government Services Canada, is overseeing a $218.9 million contract for the building of 9 Mid-shore Patrol Vessels for the CCG. An audit was requested by the CCG. As a result, IAD engaged Audit Services Canada to undertake a limited scope review. The findings and recommendations of this review were presented to the DAC in December 2010.

6.1.5  Economic Action Plan Scope Change

During the Audit of the Implementation of Economic Action Plan (EAP), instances were observed where there was non-compliance to Government procurement and financial policies and regulations, including the Financial Administration Act and the Government Contracting Regulations. As a result, further audit work was undertaken which resulted in further evidence of non-compliance. The audit report was tabled at the December 2010 DAC meeting.

6.1.6  Projects Delayed

Over 2010-2011, IAD was faced with resource challenges. These challenges included the implementation of new quality assurance processes, delays in software upgrades, and a total of 5 persons taking leave for assignments or parental leave.

As a result of the addition of the above noted audit and review projects and resourcing challenges, the completion of the audits of Aquaculture Management, Fleet Operational Readiness, Accounts Verification and the CCG College was deferred until the 2011-12 fiscal year. This change was approved by the DAC in September, 2010.

The 2011-12 to 2013-14 RBAP has been structured to minimize carry-overs in future years.

6.2  Follow-up on Recommendations to be Implemented

At the DAC on December 17, 2010, IAD reported on the semi-annual follow-up on recommendations to be implemented.  At that time, it was reported that of the 126 recommendations resulting from internal audits approved between February 2004 and June 2010, 108 (85%) of the recommendations had been implemented or closed leaving 18 (15%) to be fully implemented.  Please refer to Appendix 1 for a complete list of internal audits with recommendations to be implemented.

6.3  Changes to the 2010-11 to 2012-13 Risk-based Audit Plan

Changes in Audit Priorities

Some audits from the 2010-11 to 2012-13 RBAP were no longer deemed to be a priority. This was determined when the residual risks were too low to warrant an audit, work in progress required a change in timing, materiality was low, or when the inherent risks were not significant. A total of nine audits are no longer deemed to warrant assurance work. These audits are:

  • Canadian Coast Guard College (2010-11)
  • Small Craft Harbours (2011-12)
  • Information Management (2011-12)
  • The Aboriginal Policy and Governance Organization (2011-12)
  • Inventory Management (2011-12)
  • Search and Rescue Services (2012-13)
  • Diversity Employment Equity, Planning and Recruitment Strategy (2012-13)
  • Pacific Salmon Treaty Program (2012-13)
  • Federal Contaminated Sites Action Plan (2012-13)

Furthermore, the title, scope and objective for three audits were changed. The audit of Life-Cycle Asset Management Services (2011-12) was changed to the audit of Shore-based Asset Readiness (2012-13) as a result of the preliminary survey phase for the audit of Fleet Operational Readiness. The audit of Legal Risk Management was changed to the audit of the Legal Risk Management Control Framework. Finally, the audit of Support for Marine Security (2012-13) was changed to the audit of Maritime Security (2012-13).

Horizontal Audits of the Office of the Comptroller General (2011-12 and 2012-13)

As a large department, DFO was asked by the OCG to identify two horizontal audits in which to participate. As described in section 2.4.4, IAD will be required to provide resources for the conduct phase of these audits and as such has made provisions for them in the 2011-12 to 2013-14 RBAP. Note that the OCG has not given final confirmation of DFO’s inclusion in these audits.

7.  Emerging Issues

There are a number of emerging DFO or government wide priorities or issues that may have implications for IAD.  Some issues which may affect the RBAP that the IAD is currently monitoring include the following:

7.1  Economic Action Plan

The IAD conducted a Readiness Assessment of the EAP initiatives in 2009-10 to ensure that appropriate governance, risk and control frameworks are in place to manage the EAP funding.  Gaps were identified and managers responsible for EAP developed a Management Action Plan to address these gaps for corrective action.  An audit of EAP was included in the 2010-11 RBAP and was conducted accordingly. While there is no specific EAP project included in the RBAP, the OAG is expected to conduct audit work in this area which may require IAD involvement in the Fall of 2011.

7.2   Cohen Inquiry

A Commission of Inquiry into the Decline of Sockeye Salmon in the Fraser River has been established.  The purpose of the inquiry is to investigate and report on reasons for the decline in the Fraser River sockeye salmon returns and make recommendations for the long-term viability of this fishery.  As part of the examination, the policies and practices of the Department are being examined. 

There is currently no project on the RBAP specific to the inquiry into the decline of sockeye salmon; however, the IAD should be prepared to react should its assistance be required during the course of the inquiry.

  Appendix 1: Internal Audits with Recommendations to be Implemented

  Internal Audit Project Recommendations to be Implemented Risk Assessment
1

Follow-up Audit of the Experimental Lakes Area

1 Low
2

Audit of the Contribution Agreement with the Shubenacadie First Nation

1 Low
3

Audit of the Conservation and Protection Program

2 Low
4

Audit of Departmental Succession Planning

2 Moderate
5

Audit of the Management Control Framework Supporting Senior Management Committee Information for Decision Making

2 Moderate
6

Review of BC Aquaculture

6 Moderate
7

At-Sea Mentoring Initiative and First Nations Fisheries Operations Management Initiative (ASMI/FOMI)

4 Moderate

Note: the above status was reported at the December 2010 DAC Semi-annual Follow-up of Recommendations to be Implemented.

Appendix 2A: Audit Plan Summary – Three Years at a Glance


FY

Potential Audit Area Identified

Preliminary Audit Objective

Strategic Objective

Lead
Sector/
Branch

Risk Ranking

Rationale

Estimated Resources Needed (Person- days)

Carry-Over and Planned Projects for 2011-12 (1890 days)
Carry-Over Projects from 2010-11 (640 days) ; Planned projects for 2011-12 (1250 days)

Carry-Over

Fleet Operational Readiness Part 1: Fleet Asset Management

The objective of this audit is to provide assurance that the Fleet’s asset base is being adequately managed to ensure its sustainability into the future to efficiently and effectively deliver the Fleet Operational Readiness Program.

Note: The audit of Fleet Operational Readiness has been phased into two projects. This will be the first phase. The second phase will be addressed subsequently in 2011-12.

Safe and Secure Waters

CCG

High

Fleet and infrastructure renewal is listed as one of the DFO priorities for 2011-12 in order to address aging equipment and anticipate needs of the future.

The 2007 OAG follow-up audit found that some deficiencies still existed.

High materiality.

A new organization has recently been established for Vessel Procurement under a new Deputy Commissioner resulting in new roles, responsi-
bilities, and accounta-
bilities that have not yet been examined.

400
(50%  remaining) = 200

Carry-Over

Accounts Verification

The objective of this audit is to provide assurance that DFO's management control framework for the implemen-
tation of the new risk based account verification process is in place and is adequate to ensure effective internal controls, compliance with legislation, regulations and policies, and accurate financial information.

Internal Services

CFO

High

Strengthe-
ning internal control is stated as a DFO priority under “Managing for Results”.

The Readiness Assessment for Financial Statements found that the accounts verification processes had significant internal control weaknesses.

400
(30% remaining) = 120

Carry-Over

Real Property

The objective of this audit is to provide assurance that Real Property, Safety and Security (RPSS) management of real property is adequate and supports timely, informed real property management decisions.

Internal Services

HRCS / RPSS

High

For three consecutive years, the effectiveness of asset management has been identified as an ‘Opportunity for Improvement’ in the Management Accountability Framework assessments.  Areas of weakness identified therein include departmental real property policies and the real property information system.

Identified by Senior Management as a high risk. 

400 (20% remaining) = 80

Carry-Over

Aquaculture Management

The objective of this audit is to provide assurance on the adequacy of the Management Control Framework for Aquaculture Management taking into consideration the contributions of Aquaculture Science within the overall program activity.
   

Sustainable Aquatic Ecosystems

Program Policy

High

The program has received increased funding in recent years.

This program has received increased attention resulting in high visibility.

400
(60% remaining) = 240


FY

Potential Audit Area Identified

Preliminary
Audit
Objective

Strategic Objective

Lead
Sector/
Branch

Risk
Ranking

Rationale

Estima-
ted Resour-
ces Needed (Person- days)

Planned Projects for 2011-12 (1,250 days)

2011-12

OCG Audit - Horizon-
tal Internal Audit of Perfor-
mance Manage-
ment

The audit will assess compliance with the Policy on Management, Resources, and Results Structures (2008). It will also assess the following:

  • whether the Treasury Board Secretariat is improving its ability to provide effective and efficient government-wide reporting and decision making; and

  • whether departments and agencies have established Manage-
    ment, Resources, and Results Structures that include a common framework linking financial and non-financial information across government.

Internal Services

CFO

OCG Commit-
ment

Effective performance management enables a large department or agency to ensure accountability, good governance, value for money, and overall effectiveness of operations and service delivery.

Program management underpins management decision making at all levels of government.

Performance management should also support more effective planning when results are integrated into future business plans.

150

2011-12

Fleet Opera-
tional Readi-
ness Part 2: Fleet Opera-
tional Capa-
bility

The objective of this audit is to provide assurance that the Fleet Operational Capability program is adequately managed to ensure that certificated professionals safely, effectively and efficiently operate vessels, air cushion vehicles, helicopters and small crafts that are ready to respond to the Government of Canada's on-water and marine related needs.

Note: The audit of Fleet Operational Readiness has been phased into two projects. This will be the second phase.

Safe and Secure Waters

CCG

High

There is high materiality in the area of Fleet Operational Capability.

The preliminary survey for the 2010-11 audit of Fleet Asset Management also identified areas such as costing methodology and fulfilling client needs as being areas of risk.

2007 OAG follow-up audit found that some deficiencies still existed. There has been no additional follow-up work since 2007.

400

2011-12

Commer-
cial Fisheries

The objective of this audit is to provide assurance that controls for the commercial fisheries program related to licensing, quota monitoring, and the implemen-
tation of management measures are adequate to meet the objectives of DFO.

Economically Prosperous Maritime Sectors and Fisheries

Ecosys-
tems and Fisheries Manage-
ment

High

DFO priority “Fisheries Renewal”.

Senior Management identified 7 different licensing systems, a need for moderni-
zation, and regional inconsis-
tencies

400

2011-12

Integra-
ted Oceans Manage-
ment

The objective of this audit is to assess the adequacy of the management control framework in place to deliver DFO's mandated responsi-
bilities under the Oceans Act.

Sustainable Aquatic Ecosystems

Oceans and Science

Moderate

Identified as a DFO priority under “Healthy Ecosystems”.

Senior Management identified this audit as timely.

High visibility and lack of previous audit coverage.

Moderate materiality.

300


FY

Potential Audit Area Identified

Preliminary Audit Objective

Strategic Objective

Lead
Sector/
Branch

Risk
Ranking

Rationale

Estima-
ted Resour-
ces Needed (Person-  days)

Planned Projects for 2012-13 (2,450 days)

2012-13

OCG – Horizontal Internal Audit of the Grants and Contri-
butions Manage-
ment Control Framework -Phase 2

This audit will build on the Horizontal Internal Audit of the Grants and Contributions Management Control Framework – Phase 1.
Given the first-year audit will only examine the role of the Treasury Board Secretariat in enabling some of the expected results of the new policy, this second audit will examine progress. These expected results include simplifying administration of, and strengthening accountability in, the government-wide operations of grants and contributions.

Internal Services

EFM/
CFO

OCG Commit-
ment

The significance and public visibility associated with grants and contribu-
tions contribute to its priority as a horizontal internal audit.

150

2012-13

DFO Governance Structure

The objective of this audit is to provide assurance that management has an appropriate governance framework in place to set DFO strategic directions, operational plans, objectives and priorities.

All

Exe-
cutive Secre-
tariat

High

A new governance structure has been put in place in January 2011 and a need for an audit has been identified by senior management for 2012-13.

400

2012-13

International Affairs

The objective of this audit is to determine whether the controls are adequate for the International Affairs program to ensure it contributes to a stable international trade regime for Canadian fish and seafood products.

Economically Prosperous Maritime Sectors and Fisheries

Interna-
tional Affairs Direc-
torate

High

This is a DFO priority under “Inter-
national” with a focus on the need to develop governance and a framework to define and assess where inter-
national effort is best placed to benefit the overall DFO/CCG agenda.

Senior Management indicated the need for assurance on the controls of the Inter-
national Affairs Directorate.

200

2012-13

Policy on Internal Controls

The objective of this audit is to provide assurance that risks relating to the stewardship of public resources are adequately managed through effective internal controls, including internal controls over financial reporting. (e.g., Directives on Accountable Advances, Acquisition Cards, Delegation of Financial Authorities, Departmental Bank Accounts, Expenditure Initiation and Commitment Control, Pay Administration)

Internal Services

CFO

High

New TB Policy on Internal Control effective April 1st 2009.

DFO priority “Managing for Results” has a focus on strengthe-
ning internal controls.

The importance of internal controls has been stated by Senior Management and DAC external members.

Issues identified with uniformity and standar-
dization across regions

400

2012-13

Northern Strategy

The objective of this audit is to determine the adequacy of the management control framework in place to ensure that the short-run and long-run objectives related to the government northern strategy are met and to provide assurance on the integration of DFO’s efforts both internally among programs and externally with other departments.

All

Ecosys-
tem and Fisheries Mana-
gement

Note: CCG, Science and Central and Arctic region are involved

High

The North is identified as a
DFO priority under “Cross Cutting Priorities”. Report on Plans and Priorities mentions the develop-
ment of a Northern Strategy.

DFO is a key department in the Prime Minister’s multi-depart-
mental Northern Strategy.

High materiality.

400

2012-13

Shore-based Asset Readiness

The objective of this audit is to assess the life-cycle management of the $1.6B CCG’s non-fleet assets to ensure they are available and reliable to support CCG’s programs.

Safe and Secure Waters

CCG

High

High Risk and high materiality ($1.6B asset value).

No recent assurance has been performed.

This audit follows audits on Real Property, Small Craft Harbours, and Fleet Assets and will provide additional assurance on the state of CCG’s non-fleet asset base. 

200  

2012-13

Legal Risk Management Control Framework

The objective of this audit is to assess the adequacy of the management control framework in place for managing legal risks facing the Department.  Management control framework is understood as the suite of controls that management has put in place to manage the risk and increase the likelihood that established organizational objectives will be achieved.

Internal Services

Legal

High

Senior Management indicated that Legal risk is high and that demands for legal services are increasing along with associated costs to DFO.

No recent audit of the activity.

A new legal risk governance framework is being developed.

300

2012-13

Maritime Security

The objective of this audit is to assess the extent to which DFO and CCG are fulfilling their identified roles, responsibilities and accountabilities for maritime security.

Safe and Secure Waters

CCG

Mode-
rate

It is identified as a DFO priority under “CCG” and ties into the Northern Strategy (DFO is a key department in the Prime Minister’s multi-depart-
mental Northern Strategy.)

CCG provides a crucial support function in the delivery on the multi-depart-
mental Canadian maritime security agenda. 

There is a lack of recent assurance work.

Significant amount of coordination is required with other departments (e.g., RCMP).

400


FY

Potential Audit Area Identified

Preliminary Audit Objective

Strategic Objective

Lead Sector/
Branch

Risk Ran-
king

Rationale

Estima-
ted Resour-
ces Needed (Person-  days)

Planned Projects for 2013-14 (1900 days)

2013-14

Contract Manage-
ment

The objectives of this audit are to provide assurance on compliance with Treasury Board Secretariat and DFO policy and guidelines for contracting; to ensure that contract management is effectively enabling program management in an efficient and responsive way, to provide assurance on the economy of procurement and on the cost savings.

Internal Services

CFO

High

High materiality.

Follow-up audit was done in 08-09 by DFO identified only partial completion on several recommen-
dations.

Use of Advance Contract Award Notice (ACAN) in the regions was mentioned in interviews as an area of higher risk.

300

2013-14

BC Aquaculture Program

The objective of this audit is to provide assurance that the management control framework is efficient and effective to ensure that the BC Aquaculture program meets its objective.

Economically Prosperous Maritime Sectors and Fisheries

Ecosys-
tems and Fisheries Mana-
gement

Mode-
rate

New program transferred from the province of BC; high visibility; need to ensure the MCF is in place.

Senior Management indicated that this audit would be of benefit.

300

2013-14

Aids to Navigation

The objective of this audit is to assess the adequacy of the management control framework in place to support safe and efficient marine navigation; and to assess the extent of the progress made on recommendations to be implemented since the 2007 Status Report of the Office of the Auditor General.

Economically Prosperous Maritime Sectors and Fisheries

CCG

Mode-
rate

It is identified as a DFO priority under “North” and ties into the Northern Strategy

The 2007 Status Report of the Office of the Auditor General deemed progress unsatis-
factory in the implemen-
tation of a number of recommen-
dations to be implemen-
ted relating to aids to navigation.

Moderate materiality.

300

2013-14

Species at Risk Manage-
ment

The objectives of this audit are to assess:

  • the management control framework in place for the management of species at risk; and

  • whether DFO can meet its obligations under the Species at Risk Act; and

  • compliance with applicable legislation and policies.

Sustainable Aquatic Ecosystems

Oceans and Science / Oceans Habitat and Species at Risk

Mode-
rate

Senior Management expressed interest in this audit.

The OAG follow-up audit in 2008 identified areas of concern that had not been fully addressed.

Lack of recent assurance work.

Moderate materiality.

300

2013-14

Atlantic Lobster Sustai-
nability Measures

The objective of this audit is to assess the management control framework in the implementation and administration of the Program.

Economically Prosperous Maritime Sectors and Fisheries

Ecosys-
tem and Fisheries Mana-
gement

Mode-
rate

New program identified in management interviews as an area of concern.
 
Moderate materiality.

200

2013-14

Travel and Hospitality

The objective of this audit is to provide assurance that DFO is in compliance with Government of Canada Travel and Hospitality directives; to provide assurance that economies are being realized with the implementation of the new DFO travel and hospitality system (cost and process).

Internal Services

CFO

Mode-
rate

New Treasury Board Directive on the Management of Expenditures on Travel, Hospitality and Conferences that took effect on January 1, 2011.

Travel and Hospitality spending was capped at $63 million for 2009-10.  

Risk is slightly increased because of the new automated travel system put in place in the Fall of 2010.

The overall rating for this audit is still considered moderate because of the degree of control already in place.

300

2013-14

Aquatic Invasive Species

The objective of this audit is to assess the adequacy of the management control framework in place for the Program and to assess the status of the extent of the progress made on  recommendations to be implemented since the 2008 Status Report of the Commissioner of the Environment and Sustainable Development.  

Sustainable Aquatic Ecosystems

Oceans and Science

Mode-
rate

Considered a source of risk and high visibility in some parts of the country only.

Identified as a risk by senior management.

Lack of recent assurance work.

The overall risk is deemed to be moderate due to lower materiality.

200

  Appendix 2B: Detailed Project Description for Fiscal Year 2011-12

Project Risk Ranking High

Project Title:

Fleet Operational Readiness Part 1: Fleet Asset Management (Carry-over)

Major Auditable Unit:

Canadian Coast Guard

Link to Corporate Risk:

Physical Infrastructure, Strategic Alignment, Higher Input Costs, Hazard-type or Crisis-type Risks ; Climate

Link to Management Accountability Framework:

Stewardship, Citizen-focused Service

Background and Engagement Specific Risks:
Fleet and infrastructure renewal is listed as one of the DFO priorities for 2011-12 in order to address aging equipment and anticipate needs of the future.  There is "High Materiality" in the areas of vessel maintenance and procurement.  A new organization has recently been established for Vessel Procurement under a new Deputy Commissioner resulting in new roles, responsibilities and accountabilities that have not yet been examined.  In addition, in 2007 the Office of the Auditor General conducted a follow-up audit on recommendations that had been made in previous reports and found that some deficiencies still existed.  There has been no additional follow-up work since 2007. 

Audit Objective (Assurance Audit):
The objective of this audit is to provide assurance that the Fleet’s asset base is being adequately managed to ensure its sustainability into the future to efficiently and effectively deliver the Fleet Operational Readiness Program.

Audit Scope:
This audit will focus on the management of the Fleet’s assets through the asset life cycle focusing primarily on procurement, maintenance and disposal of vessels, Air-Cushion Vehicles and helicopters. Although shore-based and program infrastructure assets are important to the delivery of the Fleet Operational Readiness program, they are excluded for the purpose of this audit as they are not part of the Fleet Operational Readiness program. The audit will focus on the management of Fleet’s assets during the period of fiscal years 2009-10 and 2010-11.  In order to understand the evolution of some activities, review of information dating back earlier may be required to provide sufficient context to the area being examined. The audit will be carried out in National Headquarters and in selected regions to be determined.

Estimated Project Costs:

Resource Days:

400 (50% remaining) = 200

Resource Dollars:

$80,160

Timing:

Q1-Q2

Contractor Costs:

$30,000

Travel Costs:

$0


Project Risk Ranking High

Project Title:

Accounts Verification (Carry-over)

Major Auditable Unit:

Chief Financial Officer

Link to Corporate Risk:

Information for Decision Making, Strategic Alignment

Link to Management Accountability Framework:

Stewardship

Background and Engagement Specific Risks:
Since 1998, numerous Auditor General, DFO Internal Audit and management reviews have concluded that DFO’s Internal Controls need to be strengthened.  The latest assessment conducted by an external consulting firm to determine DFO’s readiness for an independent, controls-based audit of its financial statement identified weaknesses in the accounts verification processes.  In response to the assessment, the Chief Financial Officer developed an internal control remediation plan to address these issues which included developing national standardized processes and procedures.  The account verification project began in April 2008 with a new account verification business process being rolled-out nationally in October 2009.  With this, DFO expects to achieve increased compliance to legislation, regulation and policies, more accurate financial information and significant improvement in internal financial control. 

Audit Objective (Assurance Audit):
The objective of this audit is to provide assurance that DFO's management control framework for the implementation of the new risk based account verification process is in place and is adequate to ensure effective internal controls, compliance with legislation, regulations and policies, and accurate financial information.

Audit Scope:
The audit will focus on the new risk-based account verification process within the Department, to determine if management controls are in place, functioning effectively and comply with relevant TB and DFO policies and directives.
The effectiveness and consistency in the application of the Quality Assurance and Sampling Plan within the National Capital, Pacific and Maritime Regions will be examined for the period April 1, 2010 to October 31, 2010 by selecting a random sample of transactions to determine if they comply with the DFO Policy and Directive. The sample will cover Vote 1 O&M expenditures, Vote 5 Capital expenditures and Vote 10 Grants and Contribution expenditures as well as PAYE settlements, set up in March 2010.

Estimated Project Costs:

Resource Days:

400 (30% remaining) = 120

Resource Dollars:

$48,096

Timing:

Q1

Contractor Costs:

$0

Travel Costs:

$0


Project Risk Ranking High

Project Title:

Real Property (Carry-over)

Major Auditable Unit:

Human Resources and Corporate Services / Real Property, Safety and Security

Link to Corporate Risk:

Physical Infrastructure, Legal

Link to Management Accountability Framework:

Stewardship

Background and Engagement Specific Risks:
In recent Management Accountability Framework assessments, areas of weakness were identified in departmental real property policies and the real property information system.  Internally, the risk that real property infrastructure will deteriorate to a point that sudden and large capital investments will be required could compromise DFO program delivery.

Audit Objective (Assurance Audit):
The objective of this audit is to provide assurance that Real Property, Safety and Security (RPSS) management of real property is adequate and supports timely, informed real property management decisions.
.

Audit Scope:
It is important to note that the audit of real property will only focus on the real property function of RPSS.  Therefore, the Safety and Security branch as well as the Office of Environmental Coordination operating under RPSS will be both excluded from the audit scope.
As per the Risk-based Audit Plan and our subsequent analysis, the audit will only focus on properties that are under the custodianship or the management of RPSS.  Hence, the audit scope will also include properties that are leased by RPSS. 
Properties that are under the custodianship of Small Craft Harbours and Canadian Coast Guard will be excluded from the audit scope with the exception of Canadian Coast Guard properties that have been identified as divestitures the reason being, once assets have been identified for divestiture by Canadian Coast Guard, the management of the properties is reassigned to RPSS.  Consequently, those properties will also be included in the audit scope. 
As the scope includes real property management both in the RPSS organization and in DFO regional offices, the audit team will visit the Pacific and Central and Arctic regions.  Both regions were selected based on a comprehensive analysis performed during the preliminary survey phase and discussion with RPSS management.

Estimated Project Costs:

Resource Days:

400 (20% remaining) = 80

Resource Dollars:

$32,064

Timing:

Q1

Contractor Costs:

$0

Travel Costs:

$0


Project Risk Ranking High

Project Title:

Aquaculture Management (Carry-over)

Major Auditable Unit:

Program Policy

Link to Corporate Risk:

Third Party Reliance, Legal

Link to Management Accountability Framework:

Citizen-focused Service

Background and Engagement Specific Risks:
The Government of Canada announced a $70 million investment over five years in Budget 2008. This funding will help to create the conditions for a successful and sustainable aquaculture industry across Canada.  This investment will streamline the regulatory process, strengthen science to create performance-based environmental standards, spur innovation to enhance the sector’s competitiveness and productivity, and develop a certification scheme to meet rigorous quality standards in international markets.

Audit Objective (Assurance Audit):
The objective of this audit is to provide assurance on the adequacy of the Management Control Framework for Aquaculture Management taking into consideration the contributions of Aquaculture Science within the overall program activity.

Audit Scope:
In accordance with the approved RBAP, the IAD is conducting an Audit of Aquaculture Management which will also consider the integration of Science within the overall activity.   The scope of the audit will include various sectors within the department including Program Policy, Oceans and Science, and Ecosystems and Fisheries Management. The preliminary scope of the audit will include National Headquarters and the regions.  During the preliminary survey phase the scope and objective of the audit will be further defined by March 31st, 2011.

Estimated Remaining Project Costs:

Resource Days:

400 (60% remaining) = 240

Resource Dollars:

$96,192

Timing:

Q1-Q2

Contractor Costs:

$0

Travel Costs:

$15,000


Project Risk Ranking

OCG Commitment

Project Title:

OCG Audit - Horizontal Internal Audit of Performance Management

Major Auditable Unit:

Chief Financial Officer

Link to Corporate Risk:

Information for Decision Making ; Strategic Alignment

Link to Management Accountability Framework:

Effectiveness of Corporate Risk Management

Background and Engagement Specific Risks:
Effective performance management enables Large Departments and Agencies to ensure accountability, good governance, value for money, and overall effectiveness of operations and service delivery. Program management underpins management decision making at all levels of government. Performance management should also support more effective planning when results are integrated into future business plans.
Although results-based management has been around for some time, there is widespread concern that little real progress has been made toward reporting on outcomes of initiatives. 
A horizontal internal audit of performance management is expected to yield important insight and lessons learned in what is known to be an area of systemic weakness across government. The value of such an audit is further increased by the overarching accountability agenda: without good information on performance, the government’s ability to adequately address this agenda is limited. This audit will therefore contribute to the broad government-wide agenda by highlighting problems and related solutions in individual departments.

Audit Scope and Objectives:
The audit will assess compliance with the Policy on Management, Resources, and Results Structures (2008). It will also assess whether the Treasury Board Secretariat is improving its ability to provide effective and efficient government-wide reporting and decision making; and whether departments and agencies have established Management, Resources, and Results Structures that include a common framework linking financial and non-financial information across government.

Estimated Project Costs:

Resource Days:

150

Resource Dollars:

$60,120

Timing:

Q4

Contractor Costs:

$0

Travel Costs:

$0


Project Risk Ranking High

Project Title:

Fleet Operational Readiness Part 2: Fleet Operational Capability

Major Auditable Unit:

Canadian Coast Guard

Link to Corporate Risk:

Higher Input Costs, Hazard-type or Crisis-type Risks, Climate Change, Third Party Reliance, Human Capital

Link to Management Accountability Framework:

Citizen-focused Service, Excellence in People Management

Background and Engagement Specific Risks:
There is high materiality in the area of Fleet Operational Capability. The preliminary survey for the 2010-11 audit of Fleet Asset Management identified areas such as costing methodology and fulfilling client needs as being areas of risk. The 2007 OAG follow-up audit found that some deficiencies still existed. There has been no additional follow-up work since 2007.

Audit Objective (Assurance Audit):
The objective of this audit is to provide assurance that the Fleet Operational Capability program is adequately managed to ensure that certificated professionals safely, effectively and efficiently operate vessels, air cushion vehicles, helicopters and small crafts that are ready to respond to the Government of Canada's on-water and marine related needs.
Note: The audit of Fleet Operational Readiness has been phased into two projects. This will be the second phase.

Audit Scope:
The audit of the Fleet Operational Capability will focus on the fleet operations, fleet management and the provision of fleet personnel, to provide assurance that certificated professionals, safely, effectively and efficiently operate vessels, air cushion vehicles, helicopters, and small craft that are ready to respond to the Government of Canada's on-water and marine related needs. 
The audit will focus on the management of Fleet’s services during the period of fiscal years 2009-10 to 2010-11.  In order to understand the evolution of some activities, review of information dating back earlier may be required to provide sufficient context to the area being examined.
The audit will be carried out in National Headquarters and in selected regions to be determined.

Estimated Project Costs:

Resource Days:

400

Resource Dollars:

$160,319

Timing:

Q2-Q4

Contractor Costs:

$20,000

Travel Costs:

$13,000


Project Risk Ranking High

Project Title:

Commercial Fisheries

Major Auditable Unit:

Ecosystems and Fisheries Management

Link to Corporate Risk:

Economic and Market Pressures, Overcapacity and Overfishing, Information for Decision Making

Link to Management Accountability Framework:

Citizen-focused Service

Background and Engagement Specific Risks:
Commercial fishing is an important industry across Canada, with a landed value of close to $1.9 billion in 2008. The program integrates input from other related DFO program areas (Science, Policy, Conservation and Protection, Aboriginal Programs  and Governance, International Affairs, Aquaculture), other levels of government (provincial/territorial and municipal), other government departments and stakeholders to develop and implement fishing plans (Integrated Fisheries Management Plans, Conservation and Harvesting Plans, etc.) for fisheries.  Under the authority of the Fisheries Act and the Species at Risk Act, these plans integrate conservation, management and scientific objectives, and spell out the required measures to conserve and manage fisheries resources. 

Commercial Fisheries is listed as a DFO priority under “Fisheries Renewal”. Senior Management identified some issues with the program including 7 different licensing systems, a need for modernization, and regional inconsistencies.

Audit Objective (Assurance Audit):
The objective of this audit is to provide assurance that controls for the commercial fisheries program related to licensing, quota monitoring, and the implementation of management measures are adequate to meet the objectives of DFO.

Audit Scope:
The scope of the audit will encompass the controls in place for the licensing systems, quota monitoring, and management measures to control commercial fisheries. The preliminary scope of the audit will include HQ and regions as selected. During the preliminary survey phase, the scope and objective of the audit will be further defined.

Estimated Project Costs:

Resource Days:

400

Resource Dollars:

$160,319

Timing:

Q1-Q3

Contractor Costs:

$20,000

Travel Costs:

$13,000


Project Risk Ranking

Moderate

Project Title:

Integrated Oceans Management

Major Auditable Unit:

Oceans and Science

Link to Corporate Risk:

Information for Decision Making, Climate Change, Legal, Overcapacity and Overfishing

Link to Management Accountability Framework:

Citizen-focused Service

Background and Engagement Specific Risks:
The Integrated Oceans Management program provides federal, and provincial government authorities, industry and Canadians with the tools (e.g., identification of Ecologically and Biologically Significant Areas, Marine Protected Areas) needed to collaboratively develop integrated management plans that incorporate social, economic, and environmental considerations in decision making.  Other methods of intervention used by the program include: developing Canada’s ocean-related international legal commitments and the establishment of integrated management areas for all of Canada’s marine regions. 
Integrated Oceans management is a DFO priority under “Healthy Ecosystems”. Senior management identified this audit as timely. There is high visibility and lack of previous audit coverage. There is moderate materiality in the area of integrated oceans management.

Audit Objective (Assurance Audit):
The objective of this audit is to assess the adequacy of the management control framework in place to deliver DFO's mandated responsibilities under the Oceans Act.

Audit Scope:
The scope of the audit will encompass the integrated management plans that incorporate social, economic and environmental considerations in decision making. The preliminary scope of the audit will include HQ and regions as selected. During the preliminary survey phase, the scope and objective of the audit will be further defined.

Estimated Project Costs:

Resource Days:

300

Resource Dollars:

$120,240

Timing:

Q1-Q3

Contractor Costs:

$20,000

Travel Costs:

$12,000

  Appendix 3: Audit Priorities by Program Activity, Materiality of Coverage and DFO Horizontal Audits

PROGRAM ACTIVITIES

Coverage

Risk3

Materiality (000's)4

1.1 INTEGRATED FISHERIES RESOURCE MANAGEMENT

 

139,742

1.1.1 Commercial Fisheries

Audit in 2011-12

High

114,144

1.1.2 Recreational Fisheries

Evaluation in 2011-12

Moderate

5,832

1.1.3 Atlantic Lobster Sustainability Measures Program

Audit in 2013-14

Moderate

17,558

1.1.4 Fisheries Science Collaborative Program

Audit in 2009-10

Low

2,209

1.2 FISHERIES STRATEGIES AND GOVERNANCE

New PAA element as of April 2011

High

45,981

1.3 ABORIGINAL STRATEGIES AND GOVERNANCE

 

 

111,357

1.3.1 Aboriginal Fisheries Strategy

Audit in 2007-08 Evaluation in 2013-14

Moderate

33,144

1.3.2 Aboriginal Aquatic Resource & Oceans Management

Audit in 2007-08  Evaluation in 2013-14

Low

14,619

1.3.3 Strategies and Governance

Audit in 2009-10
OCG audit  in 2012-13  Evaluation in 2012-13

Low

14,781

1.3.4 Atlantic Integrated Commercial Fisheries Initiative

Evaluations in 2012-13

Low

14,163

1.3.5 Pacific Integrated Commercial Fisheries Initiative

Evaluations in 2012-13

Low

34,650

1.3.6 Aboriginal Funds for Species at Risk

New PAA element as of March 2011

Low

Same as 1.3.3

1.4 SUSTAINABLE AQUACULTURE PROGRAM

 

 

41,628

1.4.1 Aquaculture Regulatory Reform

Audit 2007-08
Evaluation 2012-13

 

Low

139

1.4.2 Aquaculture Innovation and Market Access Program

Low

3,137

1.4.3 Aquaculture Certification and Sustainability Reporting

Moderate

10,490

1.4.4 British Columbia Aquaculture Program

Audit in 2013-14

Moderate

9,902

1.4.5 Aquaculture Environmental and Biological Science Program

Audit in 2011-12

High

11,726

1.4.6 Aquaculture Collaborative Research & Development Program

High

346

1.4.7 Program for Aquaculture Regulatory Research

High

5,888

1.5 AQUATIC ANIMAL HEALTH

Evaluation in 2014-15

Moderate

5,878

1.6 BIOTHECHNOLOGY AND GEONOMICS

Evaluation in 2012-13

Low

2,985

1.7 INTERNATIONAL AFFAIRS

Audit in 2012-13

High

15,937

1.8 WATERWAYS MANAGEMENT

Evaluation 2010-11

Moderate

5,142

1.9 AIDS TO NAVIGATION

Audit in 2013-14

Moderate

22,110

1.10 ICEBREAKING SERVICES

Evaluation 2010-11

Moderate

17,024

1.11 SMALL CRAFT HARBOURS

 

 

111,681

1.11.1 Harbour Operations and Maintenance

EAP 2010-11

High

92,831

1.11.2 Divestiture of Non-Core Harbours

Audit in 2010-11

Low

19,150

1.12 TERRITORIAL DELINEATION

Evaluations in 2011-12

Moderate

6,404

2.1 COMPLIANCE AND ENFORCEMENT

 

 

109,419

2.1.1 Education and Shared Stewardship

Audit in 2009-10

 

Low

10,420

2.1.2 Monitoring, Control and Surveillance

Low

50,163

2.1.3 Major Cases and Special Investigations

Moderate

15,424

2.1.4 Compliance and Enforcement Program Capacity

Low

33,413

2.2 SALMONID ENHANCEMENT PROGRAM

 

29,993

2.2.1 Salmonid Enhancement Program Facilities

Audit in 2009-10
Audit in 2008-09
Evaluation in 2013-14

 

Low

18,427

2.2.2 Community Involvement program

Low

7,579

2.2.3 Resource Restoration Program

Low

3,024

2.2.4 Salmonid Enhancement Contribution Programs

Low

962

2.3 HABITAT MANAGEMENT

Audit in 2008-09
OAG audit in 2009-10
Evaluation in 2011-12

High

57,956

2.4 ABORIGINAL INLAND HABITAT PROGRAM

Audit in 2008-09  Evaluation in 2011-12

Low

8,750

2.5 SPECIES AT RISK MANAGEMENT

Audit in 2013-14

Moderate

26,899

2.6 ENVIRONMENTAL RESPONSE SERVICES

OAG audit in 2010-11
Audit in 2009-10

High

10,413

2.7 INTEGRATED OCEANS MANAGEMENT

 

 

38,793

2.7.1 Marine Conservation Tools

Audit in 2011-12

Moderate

15,494

2.7.2 Ecosystem Assessments

Audit in 2011-12

Moderate

23,250

2.8 AQUATIC INVASIVE SPECIES

Audit in 2013-14

Moderate

11,008

3.1 SEARCH & RESCUE SERVICES

 

 

34,521

3.1.1 Search & Rescue Coordination and Response

Evaluation in 2011-12

Moderate

29,819

3.1.2 Canadian Coast Guard Auxiliary

Low

4,702

3.2 MARINE COMMUNICATIONS & TRAFFIC SERVICES

Audit in 2010-11

Moderate

44,763

3.3 MARITIMES SECURITY

Audit in 2012-13

Moderate

10,039

3.4 FLEET OPERATIONAL READINESS

 

 

419,488

3.4.1 Fleet Operational Capability

Audit in 2011-12 (Phase 2)

High

243,409

3.4.2 Fleet Maintenance

Audit in 2011-12 (Phase 1)

Moderate

47,110

3.4.3 Fleet Procurement

Audit in  2011-12 (Phase 1)

High

128,970

3.5 SHORE-BASED ASSET READINESS

Audit in 2012-13

High

123,388

3.6 CANADIAN COST GUARD COLLEGE

Evaluation in 2011-12

Moderate

10,971

3.7 HYDROGRAPHIC PRODUCTS AND SERVICES

Evaluation in 2012-13

Moderate

28,518

3.8 OCEAN FORECASTING

Evaluation in 2012-13

Moderate

9,680

INTERNAL SERVICES

 

 

309,120

Governance & Management support

 

High

79,178

Management & Oversight Services

OCG Audit in 2011-12 on Performance Management ; OAG Audit of Evaluation and Internal Audit in 2011

Moderate

62,573

Communications

 

Moderate

10,875

Legal

Audit in 2012-13

High

5,729

Resource Management Services

 

 

109,813

Human Resources Management

2 audits in 2009-10
PSC audit in 2010-11

High

25,896

Information Management

Audit in 2009-10

High

18,119

Information Technology

Audit in 2010-11

High

37,690

Financial Management

Audit in 2011-12

High

28,225

Travel & other administrative services

Audit in 2013-14

Moderate

32M as of 11/2010, there is a $60M cap

Asset Management Services

 

 

120,130

Real Property

Audit in 2011-12

High

112,785

Material

Evaluation in 2011-12

Moderate

3,635

Acquisition

Audit in 2013-14

High

3,710


Coverage by Materiality

 
DFO $ Spending (000's)

$ covered (000's)

% covered

Total:

1,809,591 1,009,628 56%

Note: Does not include OCG horizontal audits and DFO multi-sector audits

OCG Horizontal Audits and DFO Multi-Sector Audits
   
OCG Horizontal Audits

Performance Management

2011-12

Grants and Contributions Management Control Framework - Phase 2

 2012-13 

DFO Multi-Sector Audits

DFO Governance Structure

2012-13

DFO’s Northern Strategy

2012-13

Policy on Internal Control

2012-13


  Appendix 4: Summary of DFO’s Corporate Risk Profile

Internal Risks

Risk Name

Risk Event

1. Human Capital

There is a risk that DFO will be unable to sustain a sufficient and representative workforce with the appropriate competencies to adequately support, deliver and manage programs and services.

2. Information for Decision Making

There is a risk that sufficient and appropriate information will not be available on a timely basis to support decision making.

3. Physical Infrastructure

There is a risk that DFO will be unable to invest in or maintain the infrastructure necessary to achieve its objectives.  This includes particularly port infrastructure, real property, IT infrastructure, fleet, aids to navigation and shore-based assets.

4. Strategic Alignment

There is a risk that DFO’s resources, activities, plans and strategies will not be sufficiently harmonized with the priorities and expectations of the Government of Canada and other external stakeholders.

5. Financial Capacity

There is a risk that sufficient resources will not be available to support program delivery and maintain service levels for both internal and external client groups.

6. Communications Capacity

There is a risk that stakeholder awareness, understanding and acceptance of DFO mandate, programs, regulations, decisions, roles and responsibilities, and value added will be affected by gaps in communications and consultations.

External Risks

7. Legal Risks

There is a risk that DFO will make decisions or take actions which will be successfully challenged before the courts, and result in either significant financial liability, or negative effects on DFO’s legislative or regulatory authorities.  In addition, there is a risk that groups seeking to have DFO’s regulatory mandate complied with, enforced or extended will bring litigation against DFO.

8. Third Party Reliance

There is a risk that third parties, on which DFO relies to deliver many of its programs and services, will not be able to produce the necessary results.

9. Climate Change

There is a risk that DFO will be unable to adapt quickly to the effects of climate change.

10. Economic and Market Pressures

There is a risk that DFO will be unable to facilitate access to international markets for Canadian commercial fisheries and that Canadian commercial fishers will be unable to remain globally competitive.

11. Overcapacity and Overfishing

There is a risk that DFO will be unable to manage and protect fisheries resources and foster viability because of commercial fishing fleet overcapacity. Overcapacity can lead to overfishing which presents a risk to DFO’s ability to foster globally competitive fisheries and the preservation and sustainable use of fisheries resources. 

12. High Input Costs

There is a risk that higher input costs (e.g. fuel, value of the dollar, labour etc.) are creating challenges for the industry in maintaining economically prosperous fishing and processing enterprises.

13. Hazard-type or Crisis-type Risks

There is a risk that DFO will be ill-prepared to respond effectively to major hazards and crises (e.g., The oil spill response regime is 20 years old.) (This includes matters such as contingency planning.)

  Appendix 5: Summary of Planned Projects by Other Assurance Providers

Project Title Major Auditable Unit Timing

Office of Auditor General (OAG) / Commissioner of the Environment and Sustainable Development (CESD)

Cumulative Environmental Effects Assessment

Ecosystems & Fisheries Management

2011

Environmental Science

Oceans and Science

2011

Environmental Enforcement

To be determined

2011

Land-based Emergencies

To be determined

2011

Public Accounts

Chief Financial Officer

2011

Internal Audit

Chief Audit Executive

2011
Petitions

Department of Fisheries and Oceans

2011, 2012, 2013

Follow-up on Past Recommendations

Department of Fisheries and Oceans

2011, 2012, 2013

Biodiversity and Endangered Species

To be determined

2012

SDS Monitoring

To be determined

2012

Acquisition of ships

Canadian Coast Guard

2012

The Arctic

To be determined

2013

Office of the Comptroller General (OCG)

Audit of Performance Management

Internal Services –  Chief Financial Officer

2011-12

Audit of Grants and Contributions Management Control Framework

Ecosystems and Fisheries Management/Chief Financial Officer

2012-13

  Appendix 6: Coverage of Departmental Priorities

DFO Priority as per September 2010 DMC meeting5

Audit coverage

Fisheries Renewal

Commercial Fisheries 2011-12

Healthy Ecosystems

Integrated Oceans Management 2011-12

Aboriginal

Audit of At-Sea Mentoring Initiative (ASMI) and the First Nations Fisheries Operations Management Initiative (FOMI) 2009-10

International

International Affairs 2012-13 

Coast Guard Priorities

Fleet Asset Management 2011-12; Maritime Security 2012-13

North

Aids to Navigation 2013-14; Northern Strategy 2012-13

Climate Change Adaptation

OAG Audit 2010-11

Cohen Inquiry

See RBAP section 7.2

Fisheries Act Renewal

Not Applicable

Consultation and Engagement

Not Applicable

Policy on Private-Public Goods

Not Applicable

Integration of Science to Underpin Economic Prosperity

Not Applicable

Management Priorities:

Strategic Alignment

DFO Governance Structure 2012-13

People Management

Significant assurance provided recently: PSC Audit of Staffing 2010-11 ; Classification 2009-10; Succession Planning 2009-10

Asset Management

Audit of Small Craft Harbours Divestiture Class Grant Program 2010-11

Managing for Results

Accounts Verification 2011-12; Policy on Internal Controls 2012-13

  Appendix 7: Coverage of Corporate Risks

DFO Corporate Risks

2011-12 to 2013-14 RBAP Audit Coverage
Internal Risks

Human Capital

Fleet Operational Capability

Information for Decision-making

Accounts Verification, OCG Audit of Performance Management, Commercial Fisheries, Integrated Oceans Management, DFO Governance Structure, Policy on Internal Controls, Maritime Security, Species at Risk Management, Atlantic Lobster Sustainability Measures, Aquatic Invasive Species

Physical Infrastructure

Fleet Asset Management, Real Property, Shore-based Asset Readiness, Aids to Navigation

Strategic Alignment

Fleet Asset Management, Accounts Verification, OCG Audit of Performance Management, OCG Audit of the Grants and Contributions Management Control Framework Phase 2, DFO Governance Structure, Policy on Internal Controls, BC Aquaculture Program, Travel and Hospitality

Financial Capacity

BC Aquaculture Program

Communications Capacity

Legal

Real Property, Aquaculture Management, Integrated Oceans Management, Legal Risk Management Control Framework, Contract Management, BC Aquaculture Program, Aids to Navigation, Species at Risk Management

External Risks

Third Party Reliance

Aquaculture Management, Fleet Operational Capability, International Affairs, Maritime Security, Species at Risk Management, Aquatic Invasive Species

Climate Change

Fleet Asset Management, Fleet Operational Capability, Integrated Oceans Management, Northern Strategy, Aquatic Invasive Species

Economic and Market Pressures

Commercial Fisheries, International Affairs, Atlantic Lobster Sustainability Measures

Overcapacity and Overfishing

Commercial Fisheries, Integrated Oceans Management

Higher Input Costs

Fleet Asset Management, Fleet Operational Capability

Hazard-type or Crisis-type Risks

Fleet Asset Management, Fleet Operational Capability, Northern Strategy

  Appendix 8: Coverage by Sector and Risk

Coverage by Sector and Risk

  Appendix 9: Estimated Resource Allocation and Timelines6

Estimated Resource Allocation and Timelines


1At DFO, the Deputy Minister chairs the DAC.

2 At DFO, the Deputy Head chairs the DAC.

3The risk assessment was done by Internal Audit and took into account management interviews, materiality, and risk factors such as complexity, degree of change, previous assurance work, legislative or other compliance requirements, and degree of dependencies.

4 Materiality was taken from DFO Main Estimates for 2011-12 as of November 2010.

5 These priorities were used as input to DFO’s 2011-12 Report on Plans and Priorities

6 This table has been developed in compliance with the OCG practice guidebook entitled Internal Audit Planning for Departments and Agencies. The data concerning the scheduling of the various audit engagements within the fiscal years reflects the intention at the time this plan is drafted. Audit engagements planned for a particular year will be conducted within the year but actual scheduling must remain flexible. This is particularly so in the out-years of the plan.

Top of page