Return to reports
Annex to the Public Service Labour Relations Board (PSLRB) Statement of Management Responsibility Including Internal Control Over Financial Reporting
PSLRB Assessment of Internal Control Over Financial Reporting (Unaudited)
For the year ended March 31, 2012
This document is an annex to the Public Service Labour Relations Board (PSLRB) Statement of Management Responsibility Including Internal Control Over Financial Reporting which prefaces the financial statements for the fiscal year 2011-12. As required by the Treasury Board Policy on Internal Control, this annex provides summary information on the measures taken by the PSLRB to maintain an effective system of internal control over financial reporting (ICFR). In particular, it provides summary information on the assessment conducted by the PSLRB as at March 31, 2012, including progress, results and related action plans, along with some financial highlights pertinent to understanding the control environment of the PSLRB.
It is important to note that the system of ICFR is not designed to eliminate every possible risk, rather to mitigate risk to a reasonable level with controls that are balanced with and proportionate to the risks they aim to mitigate. The maintenance of an effective ICFR is an ongoing process designed to identify and prioritize risks and the controls to mitigate those risks, as well as to monitor its performance in support of continuous improvement.
1.1 Authority, Mandate and Program Activities
The Public Service Labour Relations Board (PSLRB) is an independent quasi-judicial tribunal mandated by the Public Service Labour Relations Act (PSLRA) to administer the collective bargaining and grievance adjudication systems in the federal public service. It is also mandated by the Parliamentary Employment and Staff Relations Act (PESRA) to perform the same role for the institutions of Parliament.
The PSLRB has one strategic outcome: the resolution of labour relations issues in the federal public service and in Parliament in an impartial manner, and one program activity: adjudication, mediation, and compensation analysis and research. This contributes to a productive and efficient workplace that ultimately benefits Canadians through the smooth delivery of government programs and services.
Detailed information on the PSLRB's authority, mandate and program activities can be found in the Departmental Performance Report and in Section I of the Report on Plans and Priorities.
1.2 Financial Highlights
Key financial highlights from the 2011-12 financial statements are:
- Total expenses are $15.4 million. Salaries and employee benefits comprise the majority at $9.3 million (60%) for about 91 employees.
- Tangible capital assets represent $0.7 million (45%) of total assets ($1.5 million), and amounts due from the Consolidated Revenue Fund to satisfy future cash requirements represent $0.6 million (38%).
- Accounts payable and accrued liabilities comprise $0.85 million (44%) of total liabilities ($1.94 million). Employee future benefits represent the largest liability at $1.09 million (56%).
Additional departmental financial information for fiscal year 2011-12 can be found under Section III - Supplementary Information of the Departmental Performance Report and in the Public Accounts of Canada.
1.3 Service Arrangements Relevant to Financial Statements
The PSLRB relies on other organizations for the processing of certain transactions or the provision of information, which impacts its financial statements:
- Public Works and Government Services Canada (PWGSC) centrally administers the payments of salaries and benefits, the procurement of some goods and services, and the provision of accommodations, on behalf of the PSLRB.
- Treasury Board Secretariat (TBS) provides an annual dollar figure for the centrally funded health and dental insurance plans, and provides information used to calculate various accruals and allowances, such as the employee severance benefit.
Further information is available in the financial statements under Note 7 - Related Party Transactions.
1.4 Material Changes in Fiscal Year 2011-12
There were no significant departmental changes in the year that impacted the department’s financial results. During 2011, amendments were made to Treasury Board Accounting Standard 1.2: Departmental and Agency Financial Statements to improve financial reporting by government departments and agencies. The amendments are effective for financial reporting of fiscal years ending March 31, 2012, and later. The significant changes to the PSLRB’s financial statements are described below.
Net debt (calculated as liabilities less financial assets) is now presented in the Statement of Financial Position. Accompanying this change, the PSLRB now presents a Statement of Change in Net Debt and no longer presents a Statement of Equity.
Revenue and related accounts receivable are now presented net of non-respendable amounts in the Statement of Operations and Net Financial Position and Statement of Financial Position.
Government funding and transfers, as well as the credit related to services provided without charge by other government departments are now recognized in the Statement of Operations and Net Financial Position below “Net cost of operations before government funding and transfers.” In previous years, the Department recognized these transactions directly in the Statement of Equity of Canada.
In addition, Note 9 Accounting Changes has been added.
2. PSLRB's Control Environment Relevant to ICFR
The PSLRB recognizes the importance of direction from senior management to help ensure that staff at all levels understand their roles in maintaining effective systems of ICFR and are well equipped to exercise these responsibilities effectively. The PSLRB's objective is to continually enhance its internal control environment to ensure risks are managed well through a responsive and risk-based approach that enables continuous improvement and innovation.
2.1 Key Positions, Roles and Responsibilities
Below are the PSLRB's key positions and committees with responsibilities for maintaining and reviewing the effectiveness of its system of ICFR.
Chairperson - The PSLRB Chairperson, as Accounting Officer, assumes overall responsibility and leadership for the measures taken to maintain an effective system of internal control. This position is a Governor-in-Council appointment. In this role, the Chairperson chairs the Executive Committee.
Executive Director and Chief Financial Officer (CFO) – The Executive Director and CFO is the top level public servant within the PSLRB and is responsible for the leadership over all operational activities in the organization.
Deputy Chief Financial Officer (DCFO) - The DCFO reports directly to the CFO and provides leadership for the coordination, coherence and focus on the design and maintenance of an effective and integrated system of ICFR.
Executive Committee (EC) - As the central decision-making body, the EC reviews, approves and monitors the corporate risk profile and the departmental system of internal control, including the assessment and action plans relating to the system of ICFR. The EC is composed of the Chairperson, Vice-Chairpersons, the Executive Director, the General Counsel, and all directors of the Board, who are responsible for maintaining the effectiveness of the ICFR falling within their operations.
2.2 Risk Assessment over Financial Reporting
The key elements that increase the risk of error over financial reporting and by consequence the need for increased controls include:
- The financial significance of the financial statement element;
- The extent to which assumptions or judgment are required in determining the financial statement element;
- The risk of fraud/theft surrounding the financial statement element. For example, cash is more likely to be misappropriated and its reporting altered than a vehicle; and,
- The level of decentralization of financial operations.
Statement of Operations and Net Financial Position: The PSLRB’s most significant expense is salaries and employee benefits, which represents approximately 60% of its expenses. Hence controls surrounding payroll administration represent the most important controls over financial reporting in the Statement of Operations and Net Financial Position.
The following elements reduce PSLRB’s control risks over financial reporting:
- Simple financial transactions: the majority of PSLRB’s expenses are salaries and employee benefits, and operating expenses. The PSLRB does not issue grants and contributions, enter into international transactions or other complex transactions. Additionally, the PSLRB has few transactions that require the use of assumptions or judgment in determining their value, other than the useful life of tangible capital assets.
- Centralized financial reporting: Although financial transactions are initiated in the program areas, all financial transactions are reviewed by the Finance and Administration Division.
The following elements increase PSLRB’s control risks over financial reporting:
- Dependence on other departments: Similar to all government departments, the PSLRB relies on other organizations for the processing of certain transactions, such as payroll systems provided by Public Works and Government Services Canada, and the provision of cost information, such as the costs for services provided without charge (e.g. accommodations and employee benefits). These amounts represent a material amount of the financial statements. They are determined by other government departments and may involve the use of assumptions and professional judgment. The PSLRB therefore relies on other government departments to ensure they have adequate internal controls over the amounts reported for inclusion in the PSLRB’s financial statements.
2.3 Key Measures Taken by the PSLRB
The PSLRB's control environment includes a series of measures to equip its staff to manage risks well through raising awareness, providing appropriate knowledge and tools, as well as developing skills.
Key organization-wide measures include:
- An established governance structure and provision of strategic direction through the Executive Committee;
- The PSLRB has throughout the year participated in various forums to get a better understanding of the requirements of the Policy on Internal Control and participated in various workshops to assist in the completion of this assessment and overall plan.
- The PSLRB has an established Code of Conduct that is distributed to all employees that outlines the values and ethics and expected behaviours;
- The financial processes have been established to ensure an adequate segregation of duties through delegated signing authorities and financial system user profiles and passwords;
- The PSLRB has accounting policies and procedures tailored to the PSLRB's control environment
- Employees receive appropriate training on financial management requirements. For example and where applicable, employees must pass mandatory training offered by the Canada School of the Public Service prior to delegated financial signing authority being provided;
- Human resources management plan and policies that support learning and succession planning; and
- The PSLRB does not maintain an internal audit function. Instead it participates in horizontal audits of small departments and agencies led by the Treasury Board Secretariat. The PSLRB also occasionally engages external firms to perform ad hoc internal audits or reviews.
3. Assessment of the PSLRB's System of ICFR
3.1 Assessment objective and scope
The self-assessment is a systematic review conducted by management to provide assurance on internal control over financial reporting. Annual assessments are intended to be led and administered by the CFO and supported by the senior management team.
The assessment’s objective is to ensure that the ICFR are effective in preventing material misstatements or errors in the PSLRB’s financial statements. In this context, an error is considered to be material if its omission or misstatement could impact the decisions of the financial statement users.
To determine the scope of the undertaking, a scoping and planning exercise must be undertaken to identify business process controls, entity level controls, and general computer controls associated with key risks to financial reporting. Both quantitative and qualitative risk factors must be considered during the scoping and planning. These include, but not limited to: materiality, transactions requiring significant judgment or estimations (e.g. provisions), complexity of operations, susceptibility to fraud, and previous audit findings.
Business processes are defined as the specific processes supporting the treatment of financial transactions. The PSLRB has recently (May 2012) upgraded to a new version of its Departmental Financial and Material Management System (DFMS) which will have a significant impact on its business processes. The PSLRB limited its assessment in 2011-12 and in 2012-13 will transition to the new functionalities and measure the impacts and assess the design of the key controls. The following two business processes were identified for initial assessment based on risks and based on the published projects from the Financial Management Business Process (FM/BP) initiative: Pay Administration and Manage Procure to Payment.
Entity level controls are defined as the overarching controls of the organization that set the ‘tone from the top’. The following entity level control areas were identified: Governance and Accountability, Risk Management and Monitoring.
General computer controls, also known as information technology general controls or ITGCs, are defined as controls over the financial management and reporting systems and information technology (IT) infra-structure used across the organization. The PSLRB is responsible for assessing the effectiveness of all key IT general controls for the systems that it fully manages. Where the PSLRB acquires system-based services from other government departments (i.e. Regional Pay System (RPS) and Standard Payment System (SPS)), the self-assessment will be limited to components of the systems that are controlled by the PSLRB.
These control areas are the baseline by which the PSLRB developed its three-year self-assessment plan. This plan will be reviewed and updated on an annual basis to reflect changes in risks and findings.
3.2 Assessment Elements and Methodology
Whether it is to support its year-end financial statements or the requirements of the Policy on Internal Control, the objective of the PSLRB’s ICFR is to provide reasonable assurance that:
- Transactions are appropriately authorized;
- Financial records are properly maintained;
- Assets are safeguarded; and
- Applicable laws, regulations and policies are complied with.
This assurance will be achieved through the assessment of the design and operating effectiveness of the system of ICFR, the creation of a management action plan to address significant gaps in design and operating effectiveness, and the on-going monitoring and continuous improvement of all key elements of this system.
Design effectiveness means that key control points exist, are known, documented, and are aligned with the risks (i.e. controls are balanced with and proportionate to the risks they aim to mitigate). The assessment includes the mapping of key business processes and IT systems, identification of key risks and internal controls implemented to mitigate these risks, and a walk-through of the process or systems to confirm their existence.
Operating effectiveness means that the application of key controls is tested over a defined period, normally the fiscal year, and that they are working as intended. The assessment activities include performing a sample test of transactions to determine whether the documented procedures and internal control measures are being consistently followed and applied.
Management action plan – A report will be issued internally, reporting on any deficiencies identified during the tests of operating design and effectiveness. The process owner will develop a Management Action Plan, which will be included in the report, to remediate the deficiencies in a timely manner.
On-going monitoring and continuous improvement – Once remediated, the design and operating effectiveness of the key controls will be reassessed to ensure that the actions taken address the identified gaps. Thereafter, annual monitoring activities will ensure that the control design continues to address key risks and operating effectiveness is maintained.
4. Assessment Results and Action Plan
The project plan was developed to ensure that sufficient resources were available and that realistic timelines were established to complete the initial assessment of design and operational effectiveness of key business processes, entity level controls, and information technology general controls as well as to accommodate the implementation and testing of remedial actions. Both internal and external reporting mechanisms were established to track progress and identify the need for senior management assistance.
The PSLRB’s assessment efforts during the fiscal year ended March 31, 2012 focused on the following assessment areas:
|Business processes controls|
|Remediate design gaps||P|
|Remediate operating gaps||P|
|Manage Procure to Payment|
|Remediate design gaps||P|
|Remediate operating gaps||P|
|Entity level controls|
|Governance and Accountability|
|Assessment and remediation||P|
|Assessment and remediation||P||P|
|Assessment and remediation||P|
|General computer controls|
|Remediate design gaps||P||P|
|Remediate operating gaps||P|
|P=Planned; I=Iniated; O=Ongoing; C=Completed|
As a result of the limited assessment work, and taking into account the level of risk exposure and the resources required to remediate, the PSLRB identified the following actions and timelines:
Business Process Controls:
- Complete assessment of key controls for identified business processes (2012-13);
- Remediate identified design gaps and ensure alignment to common financial management business processes (2012-13); and
- Document key business processes (2012-13).
Entity Level Controls:
- Complete assessment of key entity level controls (2012-13);
- Remediate identified gaps (2012-13); and
- Document key entity level controls (2012-13).
General Computer Controls:
- Complete the assessment of the design (2012-13);
- Standardize and document administrator and user access approval and withdrawal processes (2012-13); and
- Strengthen infrastructure change operating procedures and documentation of controls of new version of DFMS (2012-13 & 2013-14).
In addition to the individual action items described above, in fiscal year 2012–13, the PSLRB will continue the ongoing monitoring of its ICFR and will report the results of this activity in this annex yearly. PSLRB senior management is committed to sustaining and continuously improving its sound framework of effective ICFR in the department, to ensure that the key controls meet the expectations of management and stakeholders and appropriately mitigate associated risks.