2018-2019 Annex to the Statement of Management Responsibility Including Internal Control over Financial Reporting (unaudited)

For the year ended March 31, 2019     

1. Introduction

This document provides summary information on the measures taken by the Office of the Information Commissioner of Canada’s (the Office) to maintain an effective system of internal control over financial reporting, including information on internal control management, assessment results and relation action plans.   

Detailed information on the Office’s authority, mandate and program activities can be found in its, 2018-2019 Departmental Results Report and 2019-2020 Departmental Plan.

2. Departmental system of internal control over financial reporting

2.1 Internal control management

The Office has a well-established governance and accountability structure to support organizational assessment efforts and oversight of its system of internal control. A departmental internal control management framework, approved by the Deputy Head, is in place and includes:

  • Organizational accountability structures as they relate to internal control management to support sound financial management, including roles and responsibilities of senior managers in their areas or responsibility for control management;
  • Values and ethics;
  • Ongoing communication and training on statutory requirements, and policies and procedures for sound financial management and control; and
  • Ongoing monitoring of and regular updates on internal control management, as well as the provision of related assessment results and action plans to the Commissioner and departmental senior management and, as applicable, the Office’s Audit and Evaluation Committee. 

The Office’s Audit and Evaluation Committee provides advice to the Commissioner on the adequacy and functioning of the Office’s risk management, control and governance frameworks and processes. 

2.2 Service arrangements relevant to the financial statements

The Office relies on other organizations for the processing of certain transactions that are recorded in its financial statements as follows:

Common Arrangements

  • Public Services and Procurement Canada (PSPC) centrally administers the payments of salaries and the procurement of some goods and services in accordance with the Office’s Delegation of Authority, and provides accommodation services;
  • Treasury Board of Canada Secretariat (TBS) provides the Office with information used to calculate various accruals and allowances such as the accrued severance liability;
  • Public Service Commission provides the Office with language evaluation services;
  • The Office of the Auditor General (OAG) provides audit services to the Office; and
  • Shared Services Canada (SSC) provides information technology (IT) infrastructure services to the Office in the areas of internet connectivity and email security.

Specific Arrangements

  • The Canadian Human Rights Commissions (CHRC) provides the Office with the following:
    • a financial system platform to capture and report all financial transactions;
    • procurement services for processing of all contracts and reporting;
    • financial services for processing of all invoice payments and reimbursement requests;
  • The Office and the other tenants at 30 Victoria Street, Gatineau, have entered into a Memorandum of Understanding (MOU) for base building security and multi tenants responsibilities;
  • The Office and other tenants at 30 Victoria Street, Gatineau share facility and services related to the mailroom;
  • Canada School of Public Service (CSPS) provides the Office with some training services;
  • Public Services and Procurement Canada (PSPC) provides the Office with translation services.

3. Departmental assessment results during fiscal year 2018-19

The key findings and significant adjustments required from the current year’s assessment activities are summarized below.
New or significantly amended key controls: In the current year, there were no significantly amended key controls in existing processes which required a reassessment.

Ongoing monitoring program: The Office has a comprehensive internal control framework for financial and HR management that is aligned with the federal government’s expenditure management process.   The Office manages its funding through budgeting and commitment control process in its integrated financial and salary budgeting systems.  Appropriate segregation of duties is done in the context of common, systematized business processes.  Expenditures are approved at the initiation, contracting, performance certification and payment approval stages.  Payments are subject to a quality control process that tailors verification processes to risk.  Controls over payments are tested for effectiveness on a monthly basis.  Financial results are monitored through a monthly financial reporting process, and validated and approved by management.

4. Departmental action plan

4.1 Progress during fiscal year 2018-19   

During 2018-19, the Office continued to make significant progress in assessing and improving its key controls. The following table summarizes the department’s progress based on the plans identified in the previous fiscal year’s annex.

Progress during fiscal year 2018-19

Progress during fiscal year 2018-19
Element in previous year’s action plan Status

Entity-level controls

Reviewed on an annual basis. No remedial actions required. Ongoing.

IT general controls

Completed through IT audit and recommendations addressed. Ongoing.

Asset management

Monitored as recommended.


Payroll transactions reconciled bi-weekly to identify any over or under-payments. Ongoing.

Phoenix HR system.

Continued analysis and review of any post implementation issues with corrective measures as required especially as it related to the new Phoenix system. 

In 2018-19, the Office conducted the following work in addition to the progress made in ongoing monitoring:

  • Sampled and reviewed pay transactions resulting from the signed collective agreement for accuracy and completeness;
  • Formalized an action plan to address the nine (9) recommendations from the Office of the Auditor General (OAG) to the Office of the Comptroller General (OCG) regarding payroll transactions using the Phoenix Pay System; 
  • Strengthen overall corporate governance with the arrival on February 19th, 2019 of a new Chief Financial Officer leading to improved segregation of duties between the CFO and Program Deputy Head;

4.2 Action plan for the next fiscal year and subsequent years

Building on progress to date, the Office is positioned to complete the full assessment of its system of internal control over financial reporting in 2019-20. At that time, the department will be applying its rotational ongoing monitoring plan to reassess control performance on a risk basis across all control areas. The status and action plan for the completion of the identified control areas for the next fiscal year and for subsequent years are shown in the following table

Status and Action Plan for the Next Fiscal Year and Subsequent Years

Status and Action Plan for the Next Fiscal Year and Subsequent Years

Key control areas

Design effectiveness testing and remediation

Operational effectiveness testing and remediation

Ongoing monitoring rotation

Entity-level controls



Future years

IT general controls



Future years




Future years




Future years

Date modified:
Submit a complaint