2. Planning Context
Page 3 of 6
Internal audit is an independent, objective entity within OCOL that is designed to add value and improve the organizationís operations. It helps OCOL accomplish its objectives by bringing a systematic, disciplined approach to evaluate and improve the effectiveness of risk management, control and governance processes. The Internal Audit group is led by the Chief Audit Executive who is supported by a variety of staff and external professional service providers with varying skill sets depending on the nature of the audit project.
Generally, OCOLís Internal Audit group provides assurance and advisory services to the Commissioner, the Executive Committee and the Audit and Evaluation Committee. Internal audit work is typically focused on assessing whether the system of internal control within OCOL is adequate and effective to support the following imperatives:
- Achievement of operational objectives;
- Safeguarding of assets;
- Economy and efficiency of operations;
- Reliability and integrity of financial and operational information; and
- Compliance with legislation, policies and procedures
For internal audit planning purposes, it is important to use OCOLís strategic outcome and operational priorities as context for the establishment of internal audit activities to be conducted.
OCOLís strategic outcome reads as follow: Canadians' rights under the Official Languages Act are protected and respected by federal institutions and other organizations subject to the Act; and linguistic duality is promoted in Canadian society. Operational priorities read as follow:
- Work with federal institutions and other organizations subject to the Official Languages Act so that they fully integrate linguistic duality as an important element of leadership.
- Promote to Canada's two official language communities, the value of linguistic duality as one of the key elements of Canadian identity.
- Support official language minority communities in order to foster their development and vitality.
- Strengthen organizational capacity by applying sound management principles and practices with respect to corporate priorities.
A critical element in establishing internal audit priorities relates to the key risks being faced by OCOL. A core principle of internal audit at OCOL is to focus resources in areas that will be of the highest value to OCOL – with key risk areas representing a typical starting point. Usually, Internal Audit will build off the organizationís risk management framework and OCOL has completed an exercise to develop a corporate-level risk profile.
The corporate risk profile identifies the following four high-rated risks, which are being addressed by senior management through various risk mitigation measures:
- Inadequate IM/IT systems, infrastructure and support. – The risk that the IM/IT infrastructure and support are not sufficient to fulfill OCOLís current operational needs. Also the risk that information cannot be collected, analyzed and reported/communicated on a timely basis. Finally, the risk of losing valuable corporate memory.
- Perception that the Official Languages Act may be less relevant. - The risk that the public and/or stakeholder groups perceive OCOL and the Official Languages Act as irrelevant. Also, the risk of loss of credibility and influence within the federal government and not being able to fulfill OCOLís mandate.
- Inadequate funding from the federal government – The risk that changes to government policy/funding priorities could result in reduced funding to OCOL. Also, the risk that OCOLís expenses increase significantly, due to new requirements necessitating additional unplanned resources.
- Inadequate performance measures and reports. – The risk that performance measures are not set or canít be measured. Also the risk that adequate performance information is not collected or that IT systems are not able to collect it. Finally, the risk that corrective measures to address performance gaps are not implemented.