ARCHIVED - Follow-up to the 2007-08 Audit of the NRC Industrial Research Assistance Program - October 2011

Archived Content

Information identified as archived is provided for reference, research or recordkeeping purposes. It is not subject to the Government of Canada Web Standards and has not been altered or updated since it was archived. Please contact us to request a format other than those available.

ARCHIVED - Follow-up to the 2007-08 Audit of the NRC Industrial Research Assistance Program (IRAP) (PDF, 218 KB)

Executive Summary and Conclusion

Background

This report presents the findings of the Follow-up to the 2007-08 Audit of the NRC Industrial Research Assistance Program (NRC-IRAP). The decision to conduct the audit was approved by the President following the recommendation of the Senior Executive Committee and thereafter by the Departmental Audit Committee on April 29, 2010 as part of the ARCHIVED - NRC 2010-11 to 2012-13 Risk-Based Internal Audit Plan.

Audit objective, scope and methodology

In accordance with the Treasury Board Policy on Internal Audit and professional auditing standards, the objective of this audit was to verify management’s progress in implementing their action plans in response to the recommendations contained in the 2007-08 Internal Audit of NRC-IRAP as well as those subsequent recommendations emanating from three Finance Branch audits of IRAP recipients issued between February 2008 and November 2009.  The scope was limited to the four NRC-Internal Audit recommendations and the 13 recommendations emanating from the recipient audits. However, in order to assess the effectiveness of the changes made to the financial monitoring framework, the results of the June 2011 Finance Branch recipient audit were reviewed given that they were pertinent to the time period audited. 

In assessing management’s progress in implementing the audits’ recommendations, the six potential rating standards issued by the Office of the Comptroller General and described in the Appendix formed the basis of our observations. The audit procedures included, but were not limited to: conducting interviews with NRC managers and staff; reviewing relevant NRC-IRAP documentation and SONARFootnote 1 applications; and placing reliance on the continuous audits of the contribution agreements undertaken by NRC-Internal Audit in response to risks associated with the Canada Economic Action Plan (CEAP) funds (file reviews and data analysis of 130 contribution agreements).

Audit opinion and conclusion

Overall, we found the level of implementation of both Internal Audit and Finance Branch audit recommendations to be very positive.  The majority of the recommendations have been fully or substantially implemented. Significant progress has been identified with respect to business planning as well as implementing revised monitoring control frameworks for Firms and Organizations.  While the frequency and quality of monitoring efforts have substantially improved, we noted other opportunities to further minimize the risks of overpayments and stacking.  Progress has also been noted with regard to the development and implementation of a nationally coordinated approach to the collection, analysis and reporting of performance information for Firms including a recent upgrade to SONAR (SONAR is NRC-IRAP’s client relationship management system by which all contribution agreements for Firms are managed and to a lesser extent Organizations) essential for data collection. Senior management has reported that the delivery of the CEAP has by necessity diverted their attention from responding to this audit recommendation for Organizations but the development of a performance measurement framework is ongoing.  Our recommendation with respect to planned improvements to SONAR for Organizations to assist IRAP Advisors in exacting and demonstrating due diligence with respect to appropriate project approvals and amendments has become obsolete due to the fact management chose more cost-effective means to address these issues. However, significant enhancements have been made to SONAR for more effective management of contribution agreements for Firms.

Recommendation

1. NRC-IRAP Management should verify ITAs’ understanding of the importance of monitoring / site visits in lowering the risk of over-payments that may be caused by stacking issues, or other reasons. NRC-IRAP Management should verify that Preparatory Meetings and First Claim Validation procedures are being followed. [Moderate Priority - Level 3]

NRC Management Response:

NRC-IRAP agrees with this recommendation and acknowledges that there are opportunities to improve this process and further minimize the risks of overpayments that may be caused by stacking and/or other issues. NRC-IRAP’s Director General Office will issue a communication piece to its Senior Leadership Team (to be sent to staff) related to the importance of site visits and how these visits can contribute to prevent risk of overpayments. This communication piece will also stress NRC-IRAP Management’s role in ensuring that its staff understands the importance of site visits by December 2011.

NRC-IRAP’s Director General Office will issue a communication piece to its Senior Leadership Team (to be sent to staff) related to the procedures surrounding the preparatory and claim-related meetings and the post payment validation of the first claim. This communication piece will also stress NRC-IRAP Management’s role in ensuring that its staff understands these procedures.

NRC-IRAP will review the sections of the Field Manual pertaining to preparatory and claim related meetings to ensure that more emphasis is placed on the requirement for segregating costs and maintaining adequate financial records to reduce the possibilities of overpayments and stacking issues by December 2011.

For all of the above, NRC IRAP Management will monitor performance thereafter in order to verify staff understanding as recommended.

Statement of assurance

In my professional judgement as Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria that were agreed upon by management. The opinion is applicable only to the entity examined.

Jayne Hinchliff-Milne, CMA, Chief Audit Executive

NRC Audit Team Members: 

Mayan Ismail, Junior Auditor, BCom
Jean Paradis, Audit Manager, CA, CIA

Appendix: NRC Internal Audit Implementation Rating Scale for Management Action Plans

Level 1: No Progress or Insignificant Progress

Actions such as striking a new committee, having meetings, and generating informal plans are regarded as insignificant progress.

Level 2: Planning Stage

Formal plans for Organizational changes have been created and approved by the appropriate level of management (at a sufficiently senior level, usually executive committee level or equivalent) with appropriate resources and a reasonable timetable.

Level 3: Preparations for Implementation

The entity has made preparation for implementing a recommendation by hiring or training staff, or developing or acquiring the necessary resources to implement the recommendation.

Level 4: Substantial Implementation

The structures and processes are in place and integrated within at least some parts of the organization, and some achieved results have been identified. The entity will also probably have a short-term plan and timetable for full implementation.

Level 5: Full Implementation

The structures and processes are operating as intended and are fully implemented.

Obsolete

It is no longer applicable because the process or issue has become outdated as a result of having been superseded by something newer, i.e., management resolved the issue by doing something else.

Footnotes

Footnote 1

SONAR is NRC-IRAP's client relationship management system by which all contribution agreements for Firms are managed and to a lesser extent Organizations.

Return to footnote 1 referrer

Date modified: