Audit of Financial Planning, Forecasting & Monitoring (February 2012)

Audit of Financial Planning, Forecasting & Monitoring (February 2012) PDF Version (377 KB)
Table of contents

Acknowledgements
The audit team would like to thank those individuals who contributed to this project and, particularly, employees who provided insights and comments as part of this audit.

1.0 Executive Summary

1.1 Background

The Financial Planning, Forecasting, and Monitoring audit was approved by the Deputy Minister on June 10, 2010 as part of the Risk-Based Internal Audit Plan for 2010-2011 to 2012-2013.

Financial planning, forecasting, and monitoring are critical activities ensuring timely and sound management decisions, and effective use of funds and resources. These activities are governed through policies and legislation (see Appendix B). As well expectations are articulated in the Audit Criteria Related to the Management Accountability Framework (MAF) established by the Office of the Comptroller General (OCG). Specifically:

Public Safety Canada (PS) had planned spending of $ 571.6M for the fiscal year 2010-2011, of which the Operating Expenditures accounted for approximately 26%, and the remaining majority related to Grants and Contributions (G&C). There are approximately 1071 Full-time equivalent (FTE) employees in PS.

Roles and Responsibilities

As per the Treasury Board (TB) Policy Framework for Financial Management and the Policy on Financial Management Governance, the Chief Financial Officer (CFO) is the lead departmental executive for all aspects of financial management, program financing, financial reporting and disclosure, and provides key objective strategic advice on the overall stewardship of the financial management culture and its performance. In this context, the CFO supports the deputy head by establishing and maintaining a system of internal control related to financial management including financial reporting and department accounts.

As per the TB Policy on Financial Management Governance, Senior departmental managers, defined as managers reporting directly to the Deputy Minister and members of the Departmental Management Committee (DMC), also establish and maintain a system of internal control for their areas of responsibility and within the departmental system of internal control. They are responsible to:

Responsibility Centre Managers (RCM) are responsible for ensuring compliance with applicable policies and legislation, before exercising Section (34) of the Financial Administration Act (FAA). They are also accountable for the integrity of their financial information and the tracking of these expenditures against their budget, including payables at year-end, with the expectation that related variances will be identified in a timely manner to allow management to make informed decisions on necessary re-allocations.

The Financial Planning, Analysis and Reporting (FPAR) Division, based on discussion with the FPAR Director, is responsible for providing assistance to Program Assistant Deputy Ministers (ADMs) and their management teams in the development of Memoranda to Cabinet (MC) and Treasury Board (TB) submissions that have direct resource implications for PS.

The past year had significant unexpected activities and new reporting requests, such as Cost Containment Measures, TB Transfer Payment Policy, Deficit Reduction Action Plan, Future-Oriented Financial Statements, Quarterly Financial Reports, and Certification of Internal Control over Financial Reporting. These activities impacted the capacity of the organization to focus on the further development of the required financial framework.

1.2 Why it's Important

During the audit planning cycle, and continuing with the 2011-12 Corporate Risk Profile exercise, the department identified the risk that “the current budget allocation/reallocation process may not allow the Department to effectively use its financial resources in delivering on its core mandate, and addressing risks and emerging pressures.” Further given that PS has lapsed funding for the past number of years and will continue to face an environment of tight fiscal constraints, the effectiveness and efficiency of the financial planning, forecasting, and monitoring processes are critical.

1.3 Audit Objective and Scope

The objective of the audit was to provide reasonable assurance that the management control framework over financial planning, forecasting, and monitoring is appropriately designed and operating effectively. This included assurance that these activities are compliant with applicable external and internal policies and legislation.

The audit criteria establish the expectations for the audit and form the framework for the specific audit tests (see Appendix A for specific criteria). The audit criteria are based on The Canadian Institute of Chartered Accountants “Criteria for Control” (COCO) model, the MAF audit criteria, and applicable policies, legislation and regulations (see Appendix B).

1.4 Audit Opinion

The financial management control framework in place to ensure that financial planning, forecasting, and monitoring activities are appropriately designed and operating effectively is in the early stages of development. As the implementation of this framework continues, further development of risk-based financial monitoring activities, guiding directives, and standardized tools will reduce the risk of lapses, overspending, or objectives not being achieved.

1.5 Statement of Assurance

In the professional judgment of the Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to provide senior management with reasonable assurance of the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria. The opinion is applicable only to the entity examined.

1.6 Summary of Audit Findings

Individual RCMs, understanding their financial accountability in regard to financial planning, forecasting and monitoring, have developed their own financial templates in which to cost and analyze their activities. Directorates and branches reinforce the financial planning activities through regular meetings where budgets, forecasts, and variances are discussed. Financial oversight is further enhanced by the Departmental Management Committee (DMC) which receives monthly Financial Situation Reports, adhoc financial information, as well as mid-year and yearend financial updates.

Despite these financial activities, there is limited reporting and collective discussion on key financial information at the DMC which may impact their ability to provide effective oversight. Significant financial risk management strategies, budget transfers within and between branches, or variance to budget impacts are not regularly or fully discussed at DMC. Therefore it is not clear that DMC has a fulsome view around key financial assumptions which could have significant inherent risks. Although RCMs are accountable for their individual budgets, DMC oversight on a regular basis will ensure both entity and operational level risk strategies are still effective in aggregate.

Financial information is inherently complex and difficult to understand. Interviewees noted that due to these complexities additional clarity in financial processes and support would be beneficial. Standardizing and strengthening the tools will improve both efficiency and effectiveness of financial planning, forecasting, and monitoring. For example more robust analysis and clearer alignment of budgets to priorities will ensure everyone is making decisions with the same information source.

The audit found that PS has implemented a financial planning, forecasting and monitoring support “model” that provides support at the corporate, branch, and directorate level. While this “model” provides a valuable control, the audit noted that there were inconsistencies in the activities undertaken, potential duplication of efforts, and capacity issues, which may limit the effectiveness of the control. It was also observed that there was a range of positions fulfilling these financial planning, forecasting, and monitoring responsibilities, with no defined or standardized descriptions of the expected roles and responsibilities associated with these positions within the “model”.

1.7 Summary of Audit Recommendations

  1. The Chief Financial Officer should assess the financial information needs of the DMC and ensure appropriate governance and oversight over financial planning, forecasting and monitoring. Financial planning, forecasting and monitoring decisions should be a regular DMC agenda item.
  2. The Chief Financial Officer should ensure that each Branch ADM has the opportunity to discuss with and receive approval by the DMC on key financial budget decisions (as identified in the establishment of directives). This assessment should include the identification of financial risk information strategies.
  3. The Chief Financial Officer should assess and develop an appropriate risk-based Financial Planning, Forecasting and Monitoring Framework.
  4. The Chief Financial Officer should, in conjunction with the branches, assess the needs and develop the appropriate guidance, templates and tools to facilitate financial planning, forecasting, and monitoring analysis.
  5. The Chief Financial Officer should, in conjunction with the branches, assess the needs and develop a training program to support financial planning, forecasting and monitoring activities.
  6. The Chief Risk Officer should ensure that risks identified in the Corporate Risk Profile are appropriately integrated into Branch Business Plans with the associated mitigation plans.
  7. The Chief Risk Officer should ensure that on a regular basis, at minimum twice annually, significant risks and the status of the associated action plans are monitored by the DMC.
  8. The Chief Financial Officer should:
    1. Require each ADM to inform the Chief Financial Officer of their financial risks and associated mitigation strategies, as ADMs are ultimately responsible and accountable for their risks and strategies;
    2. Monitor these financial risks and associated mitigation strategies in collaboration with the Chief Risk Officer; and
    3. Report to DMC as necessary on the status of these financial risks and associated mitigation strategies.
  9. The Chief Financial Officer, in conjunction with all ADM Branch Heads, should assess and define a uniform financial “model” which balances stewardship, accountability, capacity, and reporting requirements.
    • In line with the department`s priorities to move to generic job descriptions, this assessment should include the review of the roles and responsibilities of the individuals responsible for providing financial advice and support to ensure consistency and appropriateness.

1.8 Management Response

The Chief Financial Officer (CFO) and Comptroller accept the recommendations as presented. However, please note that important improvements were done over the last two years such as: a re-basing exercise to better align the department priorities and the internal costs, better reporting (i.e. monthly financial reports, P6 and P9 review, year- end review) to plan, forecast and monitor the financial situation and regular presentations to DMC to discuss the risks and financial situation.

The action plan and the associated deliverables presented are aligned with the action plan to strengthen the internal controls, as mandated by TBS. However, at this time, CMB has not yet secured the funding to implement this action plan.

Approved By: Rosemary Stephenson
Chief Audit Executive

2.0 Background

The Financial Planning, Forecasting, and Monitoring audit was approved by the Deputy Minister on June 10, 2010 as part of the Risk-Based Internal Audit Plan for 2010-2011 to 2012-2013.

Financial planning, forecasting, and monitoring are critical activities ensuring timely and sound management decisions, and effective use of funds and resources. These activities are governed through policies and legislation (see Appendix B). As well expectations are articulated in the Audit Criteria Related to the Management Accountability Framework (MAF) established by the Office of the Comptroller General (OCG). Specifically:

Public Safety Canada (PS) had planned spending of $ 571.6M for the fiscal year 2010-2011, of which the Operating Expenditures accounted for approximately 26%, with the majority related to Grants and Contributions (G&C). There are approximately 1071 Full-time equivalent (FTE) employees in PS.

Roles and Responsibilities

As per the Treasury Board (TB) Policy Framework for Financial Management and the Policy on Financial Management Governance, the Chief Financial Officer (CFO) is the lead departmental executive for all aspects of financial management, program financing, financial reporting and disclosure, and provides key objective strategic advice on the overall stewardship of the financial management culture and its performance. In this context, the CFO supports the deputy head by establishing and maintaining a system of internal control related to financial management including financial reporting and department accounts.

As per the TB Policy on Financial Management Governance Senior departmental managers, defined as mangers reporting directly to the Deputy Minister and members of the Departmental Management Committee (DMC), also establish and maintain a system of internal control for their areas of responsibility and within the departmental system of internal control. They are responsible to:

Responsibility Centre Managers (RCM) are responsible for ensuring compliance with applicable policies and legislation, before exercising Section (34) of the Financial Administration Act (FAA). They are also accountable for the integrity of their financial information and the tracking of these expenditures against their budget, including payables at year-end, with the expectation that related variances will be identified in a timely manner to allow management to make informed decisions on necessary re-allocations.

The Financial Planning, Analysis and Reporting (FPAR) Division, based on discussion with the FPAR Director, is responsible for providing assistance to Program Assistant Deputy Ministers (ADMs) and their management teams in the development of Memoranda to Cabinet (MC) and Treasury Board (TB) submissions that have direct resource implications for PS. The FPAR Division is also responsible to provide expert financial advisory services for the following:

The past year had significant unexpected activities and new reporting requests, such as Cost Containment Measures, TB Transfer Payment Policy, Deficit Reduction Action Plan, Future-Oriented Financial Statements, Quarterly Financial Reports, and Certification of Internal Control over Financial Reporting. These activities impacted the capacity of the organization to focus on the further development of the required financial framework.

2.1 Audit Objective

The objective of the audit was to provide reasonable assurance that the management control framework over financial planning, forecasting, and monitoring is appropriately designed and operating effectively. This included assurance that these activities are compliant with applicable external and internal policies and legislation.

2.2 Audit Criteria and Scope

The audit criteria establish the expectations for the audit and form the framework for the specific audit tests (see Appendix A for specific criteria). The audit criteria are based on The Canadian Institute of Chartered Accountants “Criteria for Control” (COCO) model, the MAF audit criteria, and applicable policies, legislation and regulations (see Appendix B).

The scope of the audit included all financial planning, forecasting, and monitoring activities related to the Vote 1 Operating Expenditures for the period of April 1, 2010 to May 31, 2011. The financial planning, forecasting, and monitoring activities for G&C funding was excluded, as they were covered in the recent audit of G&C expenditures.

2.3 Approach

The audit was planned and performed in such a way as to obtain reasonable assurance that the audit objective was achieved (see Appendix C for detailed audit activities).

2.4 Findings, Recommendations and Management Response

The following findings are horizontal in nature and responsibility and accountability for the necessary financial management controls rests with all senior managers. While the recommendations are directed specifically to the Chief Financial Officer and the ADM Strategic Policy (Chief Risk Officer) given their leadership roles for overall finance and risk processes respectively, it is expected that all senior managers play an integral role in the development, implementation, and monitoring of the actions identified to address the recommendations.

2.4.1 Governance over financial reporting needs to be strengthened.

The audit expected to find an appropriate governance structure that ensures responsible individuals receive accurate and timely information to fulfill their oversight function and make informed decisions in regard to financial planning, monitoring and forecasting, and that there is regular and substantial discussion of budget allocations, priorities and impacts to those priorities.

Based on the departmental governance structure, there are two committees that discuss “finance”:

In addition there is an Executive Committee (EXCOM), which is not specifically mandated with financial oversight responsibility, although when necessary, issues requiring attention can be brought to this committee. EXCOM “meets twice a week, serves as a forum for the Deputy Minister and Associate Deputy Minister to provide strategic direction, provide meeting debriefs, receive updates, review the departmental agenda and discuss substantive key policy issues.”3

While regular monthly Financial Situation Reports (FSR) are provided to DMC members, they are not discussed as a standing agenda item. Other key updates such as the Mid-year review are both, provided to the DMC members and discussed. However the audit noted that other key information is not reported or discussed with senior management, such as:

This lack of reporting and discussion on key information may impact the ability of the DMC to provide effective oversight.

Further, based on a review of the DMC agendas and records of decision, it was noted that “Finance” was not a standing item. A DMC discussion on these activities would ensure a collective and transparent decision-making process, and would allow senior management to obtain a horizontal view of potentially cross-cutting issues, to understand the impacts to their areas of responsibilities, and to bring their expertise to the process. The DMC would have the complete picture on which to base sound decision-making. Limited reporting and isolated decisions, contributed to senior management`s late detection of the budget alignment issues in fiscal year 2011-12. With strengthened oversight mechanisms, DMC would have the confidence that budget targets, for example Strategic Review, and future Deficit Reduction Action Plan (DRAP) decisions, will be achieved efficiently and effectively and that ongoing operations are sustainable.

Financial information is inherently complex and difficult to understand, for example, carry-forward allocations, and the tracking of sun setting funds. Interviewees noted that due to these complexities additional clarity in financial processes and support would help improve their understanding. Corporate Management Branch is strengthening its monthly financial information by defining more meaningful financial and non-financial tracking indicators for presentation to DMC. Additional indicators such as “year-over-year” trends and “leading” financial indicators may also further enhance DMC`s ability to assess the sustainability of funding limits and operational exposures.

A key control necessary in any governance structure is tone at the top, and the audit found the department has demonstrated positive tone at the top in regard to open discussions and accountability for budgets.

A well-defined communication channel to escalate significant issues should they arise is also a key control. The audit found that there are several branch forums for employees to discuss budgeting issues. However, the audit also found that while budget shortfalls were identified and brought to the attention of various management levels including senior management, some issues did not escalate early enough to be resolved before they became a concern.

There is potential that without strong governance and comprehensive reporting the DMC does not have a fulsome view of significant risks and financial planning issues which could result in lapses, overspending, or objectives not being achieved.

Recommendations:

  1. The Chief Financial Officer should assess the financial information needs of the DMC and ensure appropriate governance and oversight over financial planning, forecasting and monitoring. Financial planning, forecasting and monitoring decisions should be a regular DMC agenda item.
Management Action Plan Completion Date
The Chief Financial Officer will review the financial information requirements of senior management and develop terms of reference for the DMC meetings devoted to financial management (Financial Management Committee). June 30, 2012
  1. The Chief Financial Officer should ensure that each Branch ADM has the opportunity to discuss with and receive approval by the DMC on key financial budget decisions (as identified in the establishment of directives). This assessment should include the identification of financial risk management strategies.
Management Action Plan Completion Date
The Chief Financial Officer will develop a financial calendar of events and ensure that meeting agendas are produced for each Financial Management Committee to promote discussions on budget allocation and reallocation as well as ongoing issues related to financial risk management. April 30, 2012 - May 31, 2012

2.4.2 Directives, tools and systems should be further developed and standardized.

The audit expected to find sufficient and appropriate policies, directives, tools and systems in regard to the department`s key financial planning, forecasting and monitoring activities.

Directives:

There were limited directives found in regard to financial planning, forecasting and monitoring. Additional directives could be developed to further support both the Financial Management Advisors (FMAs) and the RCMs in fulfilling their responsibilities. Examples where further clarification or standardization would be beneficial include:

Tools and Systems:

PS uses the government wide endorsed Financial System (SAP), and within SAP has implemented the Salary Forecasting Tool (SFT) which is an integrated module that tracks all current and planned employee positions. The SAP system is run for PS by the Royal Canadian Mounted Police (RCMP) through a Memorandum of Understanding. Further PS has developed other stand-alone tools in support of the specific involvement of FPAR Division`s roles and responsibilities, for example, the FPAR Budget spreadsheet used for budgeting and funds management allocations. Together these systems and tools allow the department to plan and manage budgets and resources.

Generally, interviewees found the budgeting and reporting functionality of SAP to be complex. Additionally, SAP as configured within PS does not take advantage of the full suite of budgeting and reporting features available within the RCMP support version. In terms of the use of SAP, the following observations were made:

Interviewees also found SFT to be complex with limited reporting functionality however SFT was specifically designed only to forecast salary requirements without enhanced reporting capabilities. Similarly to SAP, the understanding and use of SFT could be strengthened as several specific observations were made:

The FPAR Budget spreadsheet, accessible only by the FPAR team, is a complex, manual, and voluminous excel spreadsheet developed over a number of years, and is used mainly to prepare the Annual Reference Level Update (ARLU) and the Notional Budgets by branch. It was intended as a supplement to the SAP budget module. The auditors were able to reconcile the FPAR Budget spreadsheet summary information to SAP and TB submissions without any observed deviations. However the FPAR team has not performed any detailed reconciliations on the data as it is a complex and cumbersome task. Rather, reliance is placed on the RCMs to confirm the accuracy of budget allocations provided to them by the FPAR team. Further, the FPAR team noted that the data entry and reporting is very time consuming and inefficient. There are potential further inefficiencies as RCMs maintain their own spreadsheets in order to track and reconcile these budget allocations.

There are no standard budgeting tools provided to the RCMs and therefore the majority of them have now developed their own internal budgeting spreadsheets. Consequently, there is a need to standardize these spreadsheets, to the extent necessary, for both efficiency and effectiveness and to ensure everyone is making decisions with the same information source. In addition, these existing spreadsheets are not robust enough to provide sufficient analytical and monitoring capability and could be improved in order to better track sunsetting programs, reconcile temporary versus permanent funding against resources, or perform sensitivity analysis. The enhancement of key analytical and monitoring controls is even more important in an environment of fiscal constraint, where the implementation of budget decisions, for example, Strategic Review, is complex with cross cutting impacts.

Although alignment of funding to resources and to priorities was identified as a risk by the department, the associated mitigation plan was unfunded as discussed in section 2.4.4.

There is potential that without appropriate policies, directives, tools, and the consistent and appropriate use of the systems, significant financial planning issues go undetected and result in lapses, overspending, or objectives not being achieved.

Recommendation:

  1. The Chief Financial Officer should assess and develop a risk-based Financial Planning, Forecasting and Monitoring Framework that balances the need to implement an internal control framework with the central agency requirements.
Management Action Plan Completion Date
The Chief Financial Officer will promulgate a policy on financial planning, forecasting and monitoring that clarifies the roles and responsibilities of senior management, financial officers and responsibility centre managers.
The Chief Financial Officer will promulgate directives on budget management, forecasting and financial reporting to clarify the key processes and control points in support of the policy.
Sept. 30, 2012 Sept. 30, 2012 - Sept. 30, 2013

2.4.3 Analytical tools should be strengthened to support more robust analysis and ensure the alignment of resources to priorities

The audit expected to find sufficient and appropriate analysis to support efficient and effective financial planning, forecasting and monitoring.

Throughout the department there was good evidence of financial planning, forecasting, and monitoring activities, for example, budget spreadsheets/workplans aligning dollars against nature of expense; reconciliations between salary dollars and actual headcount; vertical communication channels within the branches to discuss financial issues and associated action plans. However despite these good practices and the fact that the majority of Branches achieved their target in fiscal year 2010-2011, the department continued to lapse approximately $7.4M or 5.4% of Vote 1.

The audit found that generally branches rely on the Integrated Human Resources Business Plan (IHRBP) and the Report Plans and Priorities (RPP) to provide direction on their deliverables, however, while these are important strategic business documents, there is also a need for lower level operational work plans which align priorities to staffing to dollars. It was observed that the initial budget allocation to branches is based largely on the ARLU. While it is understandable that zero-based budgeting on an annual basis may not be cost effective, there is a need to ensure that the costs are reasonably estimated before deliverables are committed to. The main rationale being that there are likely several options to deliver a priority and therefore the selection, feasibility and cost of these decisions needs to be understood regardless of whether PS does zero-based budgeting. This resulting analysis would form the basis for understanding delivery capacity, funding shortfalls/surpluses, value for money and priority alignment.

Budget transfers throughout the year, while standardized with appropriate approvals, do not have sufficient analysis to understand the impact to deliverables, and the rationale for the transfer decision. Further the volume of transfers should be reviewed to ensure they are not an administrative burden or the result of other planning issues. It was also noted that internal branch transfers are not reported to DMC, however there are some material transfers that do have an impact on deliverables and there should be guidance as to when such transfers require the DMC approval. For example, had there been DMC review of the significant internal transfers, the funding shortfall would likely have come to light sooner.

The audit noted that forecasts are monitored and updated on a regular basis by an appropriate level of branch management, which is a good control. However many RCMs felt they would benefit from having more tools and training to facilitate their analysis and provide them with a better understanding of complexities such as temporary funding, commitments, etc.

Generally across all branches and functions, while various levels of “challenge” are done on forecasts we noted a need for a more structured challenge function including a review of evidence to support actions, periodic validation of outcomes, and the ability to escalate issues to the highest level when necessary.

Further, guidance from the Department in regard to “how to” and “what is” required to align funding to resources to priorities would be beneficial. As well, interviewees felt that the Delegation of Financial Signing Authority and the Financial Management training are not sufficient to ensure adequate knowledge of more complex financial analysis and planning techniques.

Without sufficient analysis there is limited opportunity to identify significant issues which could result in lapses, overspending, or objectives not being achieved.

Recommendation:

  1. The Chief Financial Officer should, in conjunction with the branches, assess the needs and develop the appropriate guidance, templates and tools to facilitate financial planning, forecasting, and monitoring analysis.
Management Action Plan Completion Date
The Chief Financial Officer will develop and implement standardized guidance, tools and templates to support Branch Heads and responsibility centre managers in budgeting, forecasting and monitoring exercises. Sept. 30, 2012
  1. The Chief Financial Officer should, in conjunction with the branches, assess the needs and develop a training program to support financial planning, forecasting and monitoring activities.
Management Action Plan Completion Date
The Chief Financial Officer will ensure that Administrative Assistants are provided with access to the CO module of SAP and appropriate training and guidance to support the budgeting and forecasting requirements of responsibility centre managers. The Chief Financial Officer will ensure that Financial Management Advisors and Branch Planners are provided appropriate training and guidance to support the budgeting and forecasting requirements of Branch Heads. March 31, 2013

Sept. 30, 2012 - March 31, 2013

2.4.4 Risk management practices should be strengthened.

The audit expected to find that on a regular basis, financial risks, at both the organizational (entity) level and the branch (operational) level, are identified, assessed, appropriately mitigated, and that these risks and associated action plans are discussed and monitored to ensure risk strategies are effective.

Effective February 15, 2010, the department implemented an Integrated Risk Management Policy (IRMP) intended to enhance management practices and decision-making by promoting a culture of risk awareness within PS. Each branch was required to identify risks, develop action plans and monitor implementation. Additionally the highest organizational risks were incorporated into the Corporate Risk Profile (CRP) that was developed in early 2011. The audit noted that very few risks associated with financial planning, forecasting and monitoring were identified by branches, as per branch business plans and interviewees, however, the 2011-12 CRP identified a key risk; “That the current budget allocation/reallocation process may not allow the Department to effectively use its financial resources in delivering on its core mandate, and addressing risks and emerging pressures.” The mitigation action plan to address this risk was unfunded and DMC did no further monitoring of the risk or the status of the action plan.

The audit noted that some branches had various risk management strategies to achieve budget targets, for example, offsetting workforce reduction targets against natural attrition, or over committing funds. Some of these risk strategies were reported to senior management and DMC, through branch team meetings and periodic financial updates prepared by Corporate Management Branch, others were not.

The audit also found that while branches complete monthly variance analysis, this analysis is not sufficient to effectively anticipate planning risks, to identify the variance impacts and necessary mitigation strategies, and to ensure a common understanding of the risks by the appropriate levels of management. Although RCMs are accountable for their individual budgets, DMC oversight on a regular basis is a mandated responsibility of the IRMP in order to ensure both entity and branch risk strategies are still effective in aggregate.

The complexities and understanding of the financial issues may have prevented the department from appropriately identifying key financial planning exposures, further compounded by capacity constraints within the CMB.

Given these observations it is not clear that the DMC has a comprehensive view of key financial assumptions which could have significant inherent risks or their potential impacts. As a result significant financial planning issues may go undetected, resulting in lapses, overspending, or objectives not being achieved.

Recommendations:

  1. The Chief Risk Officer should ensure that risks identified in the Corporate Risk Profile are appropriately integrated into Branch Business Plans with the associated mitigation plans.
Management Action Plan Completion Date
SPB will lead once a year a process to identify or update corporate risks and associated mitigation strategies, before the business planning process. As part of the guidance for the development of branch business plans, all risks and mitigation strategies from the Corporate Risk Profile (CRP) will be included in the template for these plans along with the respective accountabilities.
Mitigation strategies will be reviewed and adjusted, as appropriate, at integration sessions and at mid-year.
Beginning with the 2012-13 business planning cycle
  1. The Chief Risk Officer should ensure that on a regular basis, at minimum twice annually, significant risks and the status of the associated action plans are monitored by the DMC.
Management Action Plan Completion Date
At a minimum, an update on risk management will be put on the agenda for DMC following the annual development or update of the Corporate Risk Profile and at another time during the year. The Department Audit Committee will also discuss risks and mitigation strategies on a regular basis. To begin with FY 2012-13.
  1. The Chief Financial Officer should:
    • Require each ADM to inform the Chief Financial Officer of their financial risks and associated mitigation strategies, as ADMs are ultimately responsible and accountable for their risks and strategies;
    • Monitor these financial risks and associated mitigation strategies in collaboration with the Chief Risk Officer; and
    • Report to DMC as necessary on the status of these financial risks and associated mitigation strategies.
Management Action Plan Completion Date
The Chief Financial Officer will provide an opportunity for Branch Heads to disclose financial risks to DMC and attest to the accuracy and completeness of forecasts through the monthly financial reporting process. Sept. 30, 2012 to March 31, 2013

2.4.5 The departmental financial support “model” needs further clarity, consistency, and integration into branch financial planning, forecasting, and monitoring activities.

The audit expected to find a financial planning, forecasting, and monitoring support model to assist senior management in making informed decisions and to allow for a rigorous “challenge” function.

The audit found that PS has implemented a financial planning, forecasting and monitoring support “model” that provides support at the corporate, branch, and directorate level.

At the Corporate level, within the Corporate Management Branch, FMAs are assigned to the various branches. They are responsible for providing financial advice and support to their respective branches.

At the branch level, each branch has established a “Centralized Branch Finance Function” with the responsibility to communicate financial requirements within the branch, consolidate responses at the Directorate level, and liaise with their assigned FMA on financial planning, forecasting and monitoring activities. This centralized function provides the majority of financial information received by Assistant Deputy Ministers (ADMs).

At the directorate level, there is also a requirement for financial analysis. Individual directorates allocate these responsibilities through various means, for example some have dedicated financial analysts, while others assign these roles and responsibilities to administrative personnel. The financial analysis includes preparing the detailed budgeting activities for the Directorate, and responding to the Centralized Branch Finance Function`s requirements.   

While this “model” provides a valuable control, the audit noted that there were inconsistencies in the activities undertaken, potential duplication of efforts, and capacity issues, which may limit the effectiveness of the control. It was also observed that there was a range of positions fulfilling these financial planning, forecasting, and monitoring responsibilities, with no defined or standardized descriptions of the expected roles and responsibilities associated with these positions within the “model”.

Interviewees noted that the FMA role was a valuable control. The FMA role, in part, is facilitated by the FMA attending branch meetings however, attendance at these meetings was not consistent. It was also recognized that there is a need to further develop their support role in conjunction with senior management, to ensure the requirements are understood and in support of the FMA role. With this support and full integration of the FMAs into the branch discussions it will enable them to provide more strategic business advice. Specific operational policies, directives, and roles and responsibilities should be defined and communicated to avoid duplication and to ensure a consistent, comprehensive analysis and effective “challenge” function.

As with the FMA role, interviewees noted that the Centralized Branch Finance Function and directorate/branch financial analyst role were also necessary as they provided the financial expertise to monitor detailed transactions and business advice on a regular basis. However each group is attempting to establish their own policies, directives (for example: individual analytical tools; spreadsheets), and roles and responsibilities for financial planning, forecasting and monitoring activities. The audit noted that the department should provide the overall framework and direction in order to achieve efficiencies, and improve effectiveness.

Capacity limitations appear to have prevented the comprehensive implementation of the financial support “model”. Without a clearly articulated and enforced support model that would include: sufficient capacity, defined roles, responsibilities, accountabilities, operational processes, and an effective monitoring regime, there is a risk of inefficiencies, and inconsistent and limited advice.

Recommendation:

  1. The Chief Financial Officer, in conjunction with senior management, should assess and define a uniform financial “model” which balances stewardship, accountability, capacity, and reporting requirements.
    • In line with the department`s priority to move to generic job descriptions, this assessment should include the review of the roles and responsibilities of the individuals responsible for providing financial advice and support to ensure consistency and appropriateness.
Management Action Plan Completion Date
The Chief Financial Officer will develop and implement a model for the provision of financial management advice and support to Branch Heads that is appropriate to Departmental requirements and available capacity within the Comptroller Directorate.

The Chief Financial Officer will review the roles and responsibilities of the Financial Management Advisors and update their current work descriptions to ensure consistency and appropriateness of the financial advice and support that is provided to Branch Heads.
June 30, 2012 June 30, 2012

Appendix A - Audit Criteria

The following criteria were assessed:
Appropriate internal control processes within the department are identified, and implemented with appropriate evidence to ensure a risk-based approach to financial planning, forecasting, and monitoring.

Financial planning, forecasting, and monitoring processes are in accordance with the FAA, and TB and internal policies. This would include:

Appendix B - Financial Planning, Forecasting & Monitoring applicable policies, legislation and regulations

Appendix C - Audit Activities

The audit included the following activities:


1 PS Intranet website

2 ibid

3 ibid

Date modified: