Performance results for the internal audit function

January 15, 2020

Compliance attributes Key compliance attribute Results
Do internal auditors in departments have the training required to do the job effectively? Are multidisciplinary teams in place to address diverse risks? Percentage of staff who have an internal audit or accounting designation, such as Certified Internal Auditor (CIA), Chartered Professional Accountant (CPA) 62.5%
Percentage of staff whose internal audit or accounting designation (CIA, CPA) is in progress 12.5%
Percentage of staff who hold other designations, such as Certified Government Auditing Professional (CGAP), Certified Information Systems Auditor (CISA) 37.5%
Is internal audit work performed in accordance with the international standards for the internal audit profession, as required by Treasury Board policy? Date of last comprehensive briefing to the Departmental Audit Committee on the internal processes, tools and information considered necessary to evaluate conformance with the Institute of Internal Auditors’ (IIA) Code of Ethics and the IIA’s Standards, as well as with the results of the quality assurance and improvement program April 2019
Date of last external assessment April 2019
Is internal audit credible and adding value in support of the mandate and strategic objectives of the organization? Average overall usefulness rating from senior management (ADM-level or equivalent) of areas audited. 90%

Table 1 – Risk-based audit plan (FY 2019–2020) and related information

January 15, 2020

Audit title Status Report approval date Report publication date Original management action plan completion date Implementation status
Management Audit of the Western (Calgary) Regional Office Approved Jul. 3, 2018 Nov. 8, 2018 Sep. 2018 Substantially implemented
Audit of the Directorate of Nuclear Cycle and Facilities Regulation’s Inspection Processes Approved Jun. 14, 2019 Jun. 29, 2019 Dec. 2019 Substantially implemented
Audit of the Directorate of Nuclear Substance Regulation’s Inspection Processes Approved Jun. 14, 2019 Jun. 29, 2019 Jun. 2019 Substantially
implemented
Follow-up on the 2016 report by the Office of the Auditor General‘s (OAG) Commissioner of the Environment and Sustainable Development on the audit of the Directorate of Power Reactor Regulation Nuclear Power Plants In progress        
Audit of the management of personal information In progress        
Audit of the Management of the Time Reporting System In progress        
Review of the Directorate of Security and Safeguards’ (DSS) Inspection Processes In progress        
Review of the Directorate of Environmental and Radiation Protection’s Assessment Inspection Processes In progress        
OCG Horizontal Audit of Physical Security In progress        
OCG Horizontal Blended Engagement of Information Technology Security – Phase II Planned        
Audit of Cyber Security – CNSC Oversight of Licensees Planned        

June 30, 2019

Compliance attributes Key compliance attribute Results
Do internal auditors in departments have the training required to do the job effectively? Are multidisciplinary teams in place to address diverse risks? Percentage of staff who have an internal audit or accounting designation, such as Certified Internal Auditor (CIA), Chartered Professional Accountant (CPA) Percentage of staff whose internal audit or accounting designation (CIA, CPA) is in progress 71.4%
Percentage of staff whose internal audit or accounting designation (CIA, CPA) is in progress 14%
Percentage of staff who hold other designations, such as Certified Government Auditing Professional (CGAP), Certified Information Systems Auditor (CISA) 43%
Is internal audit work performed in accordance with the international standards for the internal audit profession, as required by Treasury Board policy? Date of last comprehensive briefing to the Departmental Audit Committee on the internal processes, tools and information considered necessary to evaluate conformance with the Institute of Internal Auditors’ (IIA) Code of Ethics and the IIA’s Standards, as well as with the results of the quality assurance and improvement program April 2019
Date of last external assessment April 2019
Is internal audit credible and does it add value to the organization’s mandate and strategic objectives? Average rating of the usefulness of areas audited, as rated by senior management (ADM level or equivalent) Overall satisfaction 90%

Table 1 – Risk-based audit plan (FY 2019–2020) and related information

June 30, 2019

Audit title Status Report approval date Report publication date Original management action plan completion date Implementation status
Audit of Financial Guarantees Approved Jul. 3, 2018 Nov. 8, 2018 Dec. 2018 Fully
implemented
Audit of Contracting and Procurement Approved Aug. 1, 2018 Nov. 8, 2018 Feb. 2019 Fully
implemented
Management Audit of the Western (Calgary) Regional Office Approved Jul. 3, 2018 Nov. 8, 2018 Sep. 2018 Substantially
implemented
Audit of the Nuclear Emergency Management Program Approved Jul. 3, 2018 Nov. 8, 2018 Apr. 2018 Fully
implemented
Audit of the Directorate of Nuclear Cycle and Facilities Regulation’s Inspection Processes Approved Jun. 14, 2019 Jun. 29, 2019 Dec. 2019 Substantially
implemented
Audit of the Directorate of Nuclear Substance Regulation’s Inspection Processes Approved Jun. 14, 2019 Jun. 29, 2019 Jun. 2019 Substantially
implemented
Follow-up on the 2016 report by the Office of the Auditor General‘s (OAG) Commissioner of the Environment and Sustainable Development on the audit of the Directorate of Power Reactor Regulation Nuclear Power Plants In progress        
Audit of the management of personal information In progress        
Audit of the Management of the Time Reporting System Planned        
Review of the Directorate of Security and Safeguards’ (DSS) Inspection Processes In progress        
Review of the Directorate of Environmental and Radiation Protection’s Assessment Inspection Processes Planned        
OCG Horizontal Audit of Physical Security In progress        
OCG Horizontal Blended Engagement of Information Technology Security – Phase II Planned        
Audit of Cyber Security – CNSC Oversight of Licensees Planned        
Date modified: