Table of Contents
- 1. Introduction
- 2. Departmental System of Internal Control over Financial Reporting
- 3. Departmental assessment results during fiscal year 2012-2013
- 4. Departmental Action Plan
1. Introduction
This document provides summary information on the measures taken by Transport Canada to maintain an effective system of internal control over financial reporting (ICFR) including information on internal control management and assessment results and related action plans.
Detailed information on Transport Canada’s authority, mandate and program activities can be found in the 2012-13 Part III-Departmental Performance Report (DPR) TC DPR 2011-12 , and Report on Plans and Priorities TC RPP 2013-14.
2. Departmental System of Internal Control over Financial Reporting
2.1 Internal Control Management
The department has an established governance and accountability structure to support departmental assessment efforts and oversight of its system of internal control. A departmental internal control management framework, approved by the Deputy Minister, is in place which includes:
- organizational accountability and oversight structures as they relate to internal control management to support sound financial management including roles and responsibilities for senior departmental managers (TMX members) in their areas of responsibility for control management through the established management committee structure as detailed in the Transport Canada Governance under the PAA – An integrated Decision Making Framework;
- an updated TC Code of Values and Ethics framework;
- on-going communication and training on statutory requirements, policies, and procedures for sound financial management and control;
- monitoring and regular updates at least semi-annually on internal control management for ICFR plus assessment results and action plans to the Deputy Minister, TMX executive members and the Departmental Audit Committee (DAC) as applicable. The DAC provides advice to the Deputy Minister on the adequacy and functioning of the Department’s risk management, control and governance frameworks and processes;
- internal control measures included in senior management performance measurement agreements; and
- annual validations of internal control management results through TMX members’ sign-off on controls management for their areas of responsibility.
2.2 Service Arrangements Relevant to Financial Statement
Transport Canada relies on other organizations for the processing of certain transactions that are recorded in its financial statements as follows:
Common Arrangements:
- Public Works and Government Services Canada (PWGSC) centrally administers the payments of salaries and the procurement of goods and services, as per the Department’s Delegation of Authority and provides accommodation services;
- Treasury Board Secretariat provides the department with information used to calculate various accruals and allowances, such as the accrued severance liability;
- The Department of Justice provides legal services to the Department; and
- Shared Services Canada (SSC) provides IT infrastructure services to Transport Canada in the areas of data centre and network services. The scope and responsibilities are addressed in the interdepartmental arrangement between SSC and Transport Canada.
Specific Arrangements:
- Transport Canada performs financial management, accounting and reporting, as well as payroll administration services on behalf of Transportation Appeal Tribunal of Canada (TATC).
3. Departmental assessment results during fiscal year 2012-13
During 2012-13, the Department completed the design and most of its operating effectiveness testing of remaining key control areas in accordance with the risk-based assessment approach as outlined in Transport Canada ICFR Framework for Risk-based Assessment and Monitoring document. On-going monitoring has commenced as per the plan.
3.1 Design effectiveness testing of key controls
In the current year, the Department completed design effectiveness testing of planned key processes as follows:
- Entity Level Controls;
- Financial Budgeting and Forecasting;
- Manage Payroll and Salary Benefits; and
- Manage Capital Assets and WIP (work-in-progress capital expenditures).
As a result of design effectiveness testing, the Department identified deficiencies for which the required corrective action was in place by the end of this reporting period as follows:
- Improved process and greater accountability for the management and monitoring of work-in-progress capital expenditures to ensure completed assets are properly capitalized and the work-in-progress accounts are reconciled and cleared on a timely basis; and
- Strengthened reconciliation, period-end procedures and reporting of progress of work-in-progress accounts across headquarters and the regions.
Operating effectiveness testing on WIP projects will be performed in 2013-14 once the corrective measures have been in place for a sufficient period of time.
In addition, as per the departmental on-going monitoring plan, the following design of key processes were analyzed and updated to ensure sound financial management continues to be in place for:
- Manage Travel Procurement - design updated to reflect new procedures for improved iTravel system and paperless travel claim process;
- Manage Procurement (Operating expenditures) - design updated in response to corrective action (from previous financial controls Internal Audit assessment) and initiative to centralize payable functions at the regional/NCR level;
- Manage Revenue and Receivables - design updated for specific revenue streams to reflect process change to centralize port and airports billing into one single region;
- Manage Contracting and Commitments - design updated to reflect process change to centralize entry of NCR purchase order information.
3.2 Operating effectiveness testing of key controls
In 2012-13, the Department completed operating effectiveness testing of Entity level controls, key business process controls and IT application controls as detailed below:
- Entity Level Controls;
- Manage Financial Budgeting and Forecasting;
- Manage Payroll and Salary Benefits;
- Manage Capital Assets and WIP; and
- IT Oracle EBS R12 Application controls.
As a result of the operating effectiveness testing, the Department identified the following remediation required:
Entity Level Controls:
- Complete the implementation and communication of the new TC Code of Values & Ethics and related framework;
- Strengthen awareness of roles and responsibilities related to Values and Ethics for employees and managers;
- Implement and communicate the amended Fraud Policy and new Fraud risk management procedures;
- Improve monitoring of period-end close process to ensure timely completion;
- Improve commitment control and forecasting practices;
- Build capacity with respect to in-depth financial analytical and reporting skills to enhance financial advice provided to senior management; and
- Improve IM/IT governance to strengthen IM/IT strategy and investment decision making.
Manage Financial Budgeting and Forecasting:
- Strengthen the finance “challenge function” and increase oversight in support of strong budget management processes.
Manage Payroll and Salary Benefits:
- Strengthen account verification for on-line payroll bulk payment approvals; and
- Improve consistency for required approvals and supporting documentation.
Manage Capital Assets:
- Strengthen roles and responsibilities and procedures for WIP project monitoring and timely project close out; and
- Improve internal asset disposition process to ensure controls related to dispositions and accounting for dispositions are operating consistently and effectively.
Remediation identified from departmental self-assessments for the above key processes are addressed through established management corrective action plans and are advanced in most areas.
The Department takes a risk-based approach for remediation of control deficiencies. Every effort is made to correct significant control deficiencies and priority is given to any remediation deemed high risk. It should be noted the Department accepts that certain corrective actions may require a reasonable amount of time to complete due to the level of complexity and/or effort. For low risk items, management may choose to accept the stated risk, with no further corrective action being undertaken. All remediation actions are tracked through approved management action plans (MAPs) which are regularly monitored so that status can be reported to senior management.
3.3 On-going monitoring of key controls
During 2012-13, the Department was unable to continue planned on-going monitoring to re-assess the operating effectiveness of Revenue and Receivables due to a change in process to centralize the billing of certain functions to a single region. The re-assessment was deferred to allow sufficient time for the new process and related procedures to take effect. As such, only the design effectiveness of significant sub-processes and related controls were updated as detailed in section 3.1 above.
In the context of other on-going monitoring activities, the Department implemented continuous improvements where feasible, including improving on its monitoring of compliance with the directive on account verification through a newly updated TC National Sampling Plan.
In addition, the account verification process for Grants and Contributions transfer payments was streamlined and aligned with the risk management framework for transfer payments in the Department.
4. Departmental Action Plan
4.1 Progress during fiscal year 2012-13
During 2012-13, the Department made significant progress in completing its assessments and improving on its key controls framework. A summary of the main progress made by the Department based on the plans identified in the previous fiscal year’s annex is presented below and further highlighted in section 4.2 (see table):
|
Element in previous year’s action plan |
Status |
|---|---|
|
Operating effectiveness testing |
|
|
Entity Level Controls |
|
|
Manage Financial Budgeting and Forecasting |
|
|
Manage Payroll and Salary Benefits |
|
|
Manage Capital Assets and WIP (work-in-progress capital expenditures) |
|
|
Manage Travel Procurement |
|
|
Manage Procurement (Operating expenditures) |
|
|
Manage Accruals and Other General Entries (PAYES, JEs) and Environmental liabilities |
|
|
Manage Revenue and Receivables |
|
|
Manage Contracting and Commitments |
|
|
Manage Financial Close and Reporting |
|
|
Oracle ERP IT General Controls (ITGC) |
|
|
Oracle EBS R12 IT Application Controls (ITAC) |
|
|
Transport Canada Billing System (TCBS) |
|
|
ITGC – Distributed Air Personnel Licensing System (DAPLS) and Oracle Download Interface (OADI) |
|
4.2 Status and action Plan for the next fiscal year and subsequent years
Building on progress made and following the updated departmental ICFR Framework for Risk-based Assessment and Monitoring, the Department is positioned to complete a full risk-based assessment of its system of ICFR in 2013-14.
During 2013-14, the Department intends to update its financial reporting risk assessments for key business processes. This updated risk assessment could impact the frequency of future on-going monitoring of the business processes described below. The Department has also upgraded its IT general control (ITGC) risk assessment over the recently implemented Oracle R12 EBS financial system and the various extended sub-systems that form the overall Oracle ERP system. As a result, the scheduled re-assessment of the operating effectiveness of these systems has been advanced from 2015-16 to 2013-14.
In 2013-14 the Department will complete the remaining business process not previously assessed, address any findings or gaps identified in the follow-up OAG controls audit, and complete remediation of deficiencies noted in various departmental self-assessments conducted during the year.
At the same time, the Department will be applying its rotational on-going monitoring plan to reassess control performance on a risk basis across completed control areas. The status and action plan for the completion of the identified control areas for 2013-14 and subsequent years is as follows:
|
Internal Controls over Financial Reporting (Key Control Areas) |
Assessment Elements |
||
|---|---|---|---|
|
Design Effectiveness
|
Operational Effectiveness
|
On-going MonitoringTC RPP 2013-14 |
|
|
|
As of Mar 31, 2013 |
As of Mar 31, 2013 |
|
| Entity Level Controls | |||
|
Entity Level controls (Design and Operating Effectiveness) |
Complete |
Advanced; to complete in 2013-14 |
2015-16 |
|
Business Process Controls |
|||
|
Manage Financial Budgeting and Forecasting |
Complete |
Advanced; to complete in 2013-14 |
2015-16 |
|
Manage Payroll and Salary Benefits |
Complete |
Advanced; to complete in 2013-14 |
2014-15 |
|
Manage Capital Assets and WIP (Capital Expenditures) |
Complete |
Advanced; to complete in 2013-14 |
2014-15 |
|
Manage Travel Procurement |
Complete |
Started; to complete in 2013-14 |
2015-16 |
|
Manage Procurement (Operating Expenditures) |
Complete |
Complete |
2013-14 |
|
Manage Accruals and Other General Entries (PAYEs, Pay accruals, Environmental Liabilities and other JEs) |
Complete |
Started; to complete in 2013-14 |
2015-16 |
|
Manage Grants & Contributions Transfer Payments |
Complete |
Complete |
2014-15 |
|
Manage Revenues and Receivables |
Complete |
Advanced; to complete in 2013-14 |
2015-16 |
|
Manage Contracting and Commitments |
Complete |
Started; to complete in 2013-14 |
2015-16 |
|
Manage Financial Close and Reporting |
Started |
2013-14 |
2015-16 |
|
IT Controls |
|||
| ITGC
Oracle ERP (include iTravel) |
Complete |
Complete |
2013-14 |
|
ITGC
|
Complete |
Advanced; to complete in 2013-14 |
2013-14 |
|
ITGC
|
Complete |
To remove |
To remove |
|
IT Application Controls Oracle EBS R12 (including iTravel) |
Complete |
Advanced; to complete in 2013-14 |
2014-15 |
1 Advanced refers to completion of operating effectiveness testing, with required remediation to address findings identified from OAG follow-up audit and deficiencies noted through self-assessments being addressed through approved management action plans.
2 On-going monitoring rotation for future years, once initial assessments are fully completed in 2013-14
The following document is available for downloading or viewing:
- Annex to the Statement of Management Responsibility including Internal Control over Financial Reporting Transport Canada Fiscal year 2012-13 ( PDF Version, 294 kb )
To access the Portable Document Format ( PDF ) version you must have a PDF reader installed. If you do not already have such a reader, there are numerous PDF readers available for free download or for purchase on the Internet: