Audit of Canadian Intellectual Property Office—Financial Management Control Framework

Recommended for Approval to the Deputy Minister by the Departmental Audit Committee on April 20, 2012

Approved by the Deputy Minister on April 23, 2012

Table of contents


1.0 Executive Summary

1.1 Introduction

The Canadian Intellectual Property Office (CIPO), a Special Operating Agency of Industry Canada, administers Canada's Intellectual Property (IP) systems comprising patents, trade-marks, copyrights, industrial designs and integrated circuit topographies.

CIPO's primary clients include: applicants for IP protection, agents representing applicants, users of IP systems and the Canadian business community. CIPO partners with provincial research councils, universities and other federal government agencies to build awareness of its products and services and increase the effective use of IP by Canadians.

CIPO does not receive annual parliamentary appropriations for its operations. It provides products and services on a fee-for-service basis, and manages revenues and costs within a revolving fund. The revolving fund, established in 1994, is an ongoing funding authority for revenue re-spending that provides a financial management structure similar to that of a private business and must generate sufficient revenues to meet its expenses.

Industry Canada is responsible for implementing the Treasury Board (TB) Policy Framework for Financial Management. According to the framework's Policy on Internal Control, Deputy Heads of federal institutions are accountable for departmental financial results and the accuracy of their financial statements. In fulfilling this responsibility, Deputy Heads must rely on staff members who play an integral part in performing financial work, including the exercise of financial authorities.

To guide and direct staff at all levels in maintaining the integrity and accuracy of departmental finances, the Comptrollership and Administration Sector (CAS), in consultation with other sectors of Industry Canada, developed a departmental Financial Control Framework (FCF). This framework, aligned with TB policies and directives, provides an overview of the controls, monitoring and reporting procedures upon which Sector Heads can rely for fulfilling their financial accountabilities. All Industry Canada Sector Heads are responsible for implementing a range of financial controls that are decentralized from CAS.

As Sector Head of CIPO, the Commissioner of Patents, Registrar of Trademarks and Chief Executive Officer is responsible for meeting the FCF requirements. The CIPO Finance Branch ensures professional accounting and financial management standards and practices are applied within the organization.

The objective of this audit was to provide reasonable assurance that CIPO has a sound Financial Management Control Framework that is operating as intended, particularly in the areas of financial roles and responsibilities, budget allocation and monitoring, segregation of duties over the revenue cycle and employee benefit plan costs.

At the end of fiscal year 2010-11, a new CIPO Commissioner of Patents, Registrar of Trademarks and Chief Executive Officer and a new Executive Director of Corporate Strategies and Services were appointed. Following their appointments, CIPO launched new initiatives to improve the overall Office's management. These initiatives include the redesign of the governance structure, the review of the performance measurement framework and indicators, the development of an investment plan and the elaboration of a formal risk management strategy.

In light of these significant changes, the Audit and Evaluation Branch divided the audit of CIPO's Financial Management Control Framework into two audits. This first focused mainly on the internal control process; the second will focus on the governance and risk management processes within CIPO. The second audit will start after implementation of the above initiatives.

1.2 Main Findings and Recommendations

Financial Roles, Responsibilities and Accountabilities

CIPO employees meet the departmental Financial Control Framework requirements with respect to completeness of training, update of signature cards and signing of financial attestation forms.

Financial roles, responsibilities and accountabilities are understood by employees; CIPO is implementing a new organizational structure for the Finance Branch.

Recommendation 1

CIPO should continue to review the organizational structure of the Finance Branch and identify the financial positions to meet its current needs.

Management of Internal Control Deficiencies

CIPO has processes in place to identify internal control deficiencies and report them to senior management within CIPO and to CAS.

Budget Allocation and Monitoring

CIPO's budgeting process enables timely development of annual budgets and monitoring of budget performance throughout the year.

Segregation of Duties over Revenue Cycle

Most controls related to the segregation of duties within the revenue cycle are in place and work as intended.

Recommendation 2

CIPO should review its revenue cycle process and identify adjustments that would improve compliance with the Financial Control Framework requirements regarding segregation of duties.

System Data Integrity

CIPO has mechanisms in place to ensure data integrity across its revenue and reporting systems and is addressing variances between its revenue and inventory systems.

Recommendation 3

CIPO should explore solutions and put an action plan in place to address the reconciliation issues identified between its revenue system (FITT) and inventory (Product Line) systems to continue to ensure the integrity of data.

Employee Benefit Plan Costs

CIPO calculates, records and manages its employee benefit costs in accordance with TB requirements.

1.3 Audit Opinion

In my opinion, CIPO's Financial Management Control Framework is in place and operates as intended with no material weaknesses. There are low risk exposures related to internal control processes where improvements are required.

1.4 Overall Conclusion

The results of this audit revealed that CIPO, with some exceptions, has a sound Financial Management Control Framework that is operating as intended in the areas of financial roles, responsibilities and accountabilities, managing internal control deficiencies, budget allocation and monitoring, segregation of duties over the revenue cycle, system data integrity and the management of employee benefit plan costs.

1.5 Statement of Assurance

In my professional judgment as Chief Audit Executive, sufficient and appropriate audit procedures have been conducted and evidence gathered to support the accuracy of the opinion provided and contained in this report. The opinion is based on a comparison of the conditions, as they existed at the time, against pre-established audit criteria that were agreed on with management. The opinion is applicable only to the entities examined and within the scope described herein. This audit was conducted in accordance with the Internal Auditing Standards for the Government of Canada.

Susan Hart
Chief Audit Executive, Industry Canada


2.0 About the Audit

2.1 Background

In accordance with the approved Industry Canada 2011-14 Multi-Year Risk-Based Audit Plan, the Audit and Evaluation Branch (AEB) undertook an audit of the Canadian Intellectual Property Office (CIPO) – Financial Management Control Framework.

CIPO, a Special Operating Agency of Industry Canada, administers Canada's Intellectual Property (IP) systems comprising patents, trade-marks, copyrights, industrial designs and integrated circuit topographies. CIPO's primary clients include: applicants for IP protection, agents representing applicants, users of IP systems and the Canadian business community. CIPO partners with provincial research councils, universities and other federal government agencies to build awareness of its products and services and increase the effective use of IP by Canadians.

CIPO does not receive annual parliamentary appropriations for its operations. As a Special Operating Agency, CIPO provides products and services on a fee-for-service basis, and manages revenues and costs within a revolving fund. The revolving fund, established in 1994, is an ongoing funding authority for revenue re-spending that provides a financial management structure similar to that of a private business and must generate sufficient revenues to meet its expenses.

The fund has continuing non-lapsing authority from Parliament to make payments out of the Consolidated Revenue Fund for working capital, capital acquisitions and temporary financing of accumulated operating deficits. The fund may retain surpluses for Information Technology investments.

To comply with Section 6 of the Treasury Board (TB) Policy on Special Revenue Spending Authorities, CIPO's revolving fund financial statements must be audited annually. For 2010-11, external auditors provided an unqualified opinion on the statements.

Departmental Financial Control Framework

Industry Canada is responsible for implementing the TB Policy Framework for Financial Management. The Framework presents the roles and responsibilities of key players in the area of financial management and outlines key principles, which are articulated in four main policies supported by directives, standards and guidelines.

According to one of these policies, the Policy on Internal Control, Deputy Heads of federal institutions are accountable for departmental financial results and the accuracy of their financial statements. Annually, the Deputy Head and the Chief Financial Officer must sign the departmental Statement of Management Responsibility Including Internal Control over Financial Reporting, which acknowledges the responsibility of management for ensuring the maintenance of an effective departmental system of internal control over financial reporting. In fulfilling this responsibility, Deputy Heads must rely on staff members who play an integral part in performing financial work, including the exercise of financial authorities.

To guide and direct staff at all levels in maintaining the integrity and accuracy of departmental finances, the Comptrollership and Administration Sector (CAS), in consultation with other sectors of Industry Canada, developed a departmental Financial Control Framework (FCF). This framework, aligned with TB policies and directives, provides an overview of the controls, monitoring and reporting procedures upon which Sector Heads can rely for fulfilling their financial accountabilities. All Industry Canada Sector Heads are responsible for implementing a range of financial controls that are decentralized from CAS.

CIPO Financial Structure, Roles and Responsibilities

As Sector Head of CIPO, the Commissioner of Patents, Registrar of Trademarks and Chief Executive Officer is responsible for meeting the FCF requirements. The CIPO Finance Branch ensures the application of professional accounting and financial management standards and practices for all of CIPO's programs. The Branch has four main areas:

  • Financial planning, reporting and analysis;
  • Accounting operations, financial policies and systems;
  • Costing and managerial accounting; and
  • Procurement and contracting services.

Ongoing Initiatives

At the end of fiscal year 2010-11, a new Commissioner of Patents, Registrar of Trademarks and Chief Executive Officer and a new Executive Director of Corporate Strategies and Services were appointed. Following their appointments, CIPO launched several initiatives to improve the overall Office's management. These include:

  • redesign of the governance structure;
  • review of the performance measurement framework and indicators;
  • development of an investment plan; and
  • elaboration of a formal risk management strategy.

In light of these significant changes, the Audit and Evaluation Branch divided the audit of CIPO's Financial Management Control Framework into two audits. This first audit focused mainly on the internal control process; the second will focus on the governance and risk management processes within CIPO. The second audit will start after implementation of the above initiatives.

2.2 Objective and Scope

The audit objective was to provide reasonable assurance that CIPO has a sound Financial Management Control Framework that is operating as intended. During the first audit, AEB assessed:

  • employee awareness of financial roles and responsibilities and whether roles and responsibilities are clearly defined;
  • whether budget allocations are clear and understood by individuals with budget authority and budgets are monitored and analyzed on a regular basis;
  • whether there is appropriate segregation of duties around the handling and processing of revenue transactions; and
  • whether employee benefit costs are calculated, recorded and managed in accordance with TB requirements.

Some areas were excluded from the scope of this audit because they are managed by another sector within Industry Canada, or are subject to examination in a separate audit or review. These areas include payroll, contracting, and departmental charges allocated to CIPO for common services received.

2.3 Audit Approach

This internal audit was conducted in accordance with the TB Policy on Internal Audit and the Internal Auditing Standards for the Government of Canada.

The planning phase for this audit took place from May to November 2011. A detailed risk assessment was performed to confirm the audit objective and key audit areas. Based on these key areas, AEB developed audit criteria by focusing on the requirements of the Industry Canada FCF and the related TB policies, directives and guides, particularly the TB Guide on Revolving Funds and Special Revenue Spending Authorities. Appendix A of this report lists the audit criteria.

The conduct phase for this audit took place at CIPO headquarters from December 2011 to February 2012. AEB reviewed documents, conducted interviews, tested key controls, and gathered and analyzed data from various sources.

AEB tested key internal controls related to the revenue process and to other areas in the departmental FCF assessed as higher risk areas. The objective of the testing was to evaluate the extent to which CIPO operates in compliance with the FCF requirements. Judgmental and random selection methods were used in sampling. The testing of controls over the revenue process covered the timeframe from April 1, 2010 to June 30, 2011. The timeframe for the selection of samples in other areas varied based on the nature of the testing.

In February 2012, AEB met with CIPO senior management to validate the findings in this report.


3.0 Findings and Recommendations

3.1 Introduction

This section presents detailed findings from the audit of CIPO's Financial Management Control Framework. The findings are based on evidence and analysis from both the initial risk assessment and the detailed audit work.

In addition to the findings below, AEB has communicated findings of conditions that were non-systemic and of low risk to management, verbally and/or in a management letter, for consideration.

3.2 Financial Roles, Responsibilities and Accountabilities

CIPO employees meet the departmental Financial Control Framework requirements with respect to completeness of training, update of signature cards and signing of financial attestation forms.

The departmental FCF outlines requirements associated with training, signature cards and financial attestation sign-off. In the course of this audit, we examined how CIPO employees comply with the following main requirements:

  • Training:
    • A list of all employees with Section 33 and 34 authorities under the Financial Administration Act (FAA) must be maintained and updated annually.
    • Employees must attend mandatory training courses, including the on-line validation exam renewed every five years, in order to obtain or retain Section 33 and/or 34 authorities under the FAA.
    • Notification must be sent to employees and their immediate supervisor to inform them that their authorities will be discontinued until the required training is completed.
  • Signature card:
    • Up-to-date specimen signature cards must be kept on file for each delegated authority.
    • All specimen signature cards must be reviewed, updated annually, and monitored throughout the year to reflect the responsibility of the employee and his or her financial authorities.
    • Signature cards must be deactivated for employees who are not eligible to exercise these authorities due to a lack of training or for any other reason.
  • Financial attestation form:
    • Before granting FAA authorities, employees must sign a financial attestation form attesting that they have read the entire departmental FCF and agree to abide by its requirements in exercising any financial authorities delegated to them.

Based on the results of sample testing of transactions, interviews and document reviews, AEB noted that CIPO employees met these requirements as follows:

  • Training:
    • CIPO management maintained a list of all employees with Section 33 or 34 authorities and updated it annually.
    • CIPO employees granted Section 33 or 34 authorities attended mandatory training courses and completed an on-line validation exam after five years.
    • Individuals, supervisors or administrators were notified about the deadline for individuals to revalidate their mandatory training in order to retain their delegated authorities.
  • Signature card:
    • Up-to-date signature cards are kept in the Integrated Financial and Materiel System (IFMS) reporting system.
    • All specimen signature cards were reviewed, updated annually and monitored throughout the year to reflect the responsibility of the employee and his or her financial authorities.
    • As a revolving fund, CIPO Finance Branch reviewed all specimen signature cards during the year and deactivated the cards themselves, when necessary. No signature cards had to be deactivated due to lack of training.
  • Financial attestation form:
    • Employees signed a financial attestation form attesting that they had read the entire departmental FCF and agreed to abide by its requirements in exercising any financial authorities delegated to them.

As the findings above demonstrate, CIPO meets the departmental FCF requirements with respect to completeness of training, update of signature cards and signing of financial attestation forms.

Financial roles, responsibilities and accountabilities are understood by employees; CIPO is implementing a new organizational structure for the Finance Branch.

To ensure all stakeholders are aware of and understand their roles, responsibilities, and accountabilities for both financial management and stewardship of public resources, the departmental FCF requires that senior management performance agreements clearly articulate roles and responsibilities related to financial operations and include a component on implementation of the FCF.

In the course of our audit, we reviewed the job descriptions and performance agreements of all key employees involved in CIPO financial management.

The job descriptions for senior management clearly define roles and responsibilities related to financial operations and make specific reference to the implementation of departmental financial policies, which includes the departmental FCF. The performance agreements of senior management are clearly linked to financial operations and make specific reference to continued improved monitoring and reporting of financial management.

Despite their outdated job descriptions, managers and analysts were able to describe their financial roles, responsibilities and accountabilities. CIPO senior management is aware that job descriptions need to be updated and told the audit team they are implementing a new Finance Branch organizational structure. The objective is to realign roles and responsibilities to better support CIPO in achieving its objectives.

A new structure along with updated job descriptions will help CIPO communicate roles, responsibilities and accountabilities to its employees.

Recommendation 1

CIPO should continue to review the organizational structure of the Finance Branch and identify the financial positions to meet its current needs.

3.3 Management of Internal Control Deficiencies

CIPO has processes in place to identify internal control deficiencies and report them to senior management within CIPO and to CAS.

Industry Canada, through its FCF requirements, has established processes for which internal control deficiencies should be captured and reported to senior management within sectors and to the department.

In the course of our audit, we reviewed key documents and interviewed departmental and CIPO staff to assess the extent to which internal control deficiencies were captured and reported to senior management and, when applicable, corrective actions were taken to adequately address deficiencies.

At the corporate level, CAS monitors each sector of Industry Canada to ensure financial internal controls are in place and working as intended. This monitoring consists mainly of quarterly and monthly testing of transactions. CAS conducts the testing in collaboration with the financial staff of each sector and reports the results to both the relevant sector and CAS senior management. In addition to the testing, CAS conducts an annual financial monitoring visit to each sector to test overall compliance with FCF requirements.

The audit found that CAS, in collaboration with CIPO financial staff, conducted quarterly and monthly reviews of CIPO transactions as well as an annual financial monitoring visit during the 2010-11 fiscal year. Overall, the CAS monitoring report did not identify any significant internal control deficiencies and concluded that CIPO performed its due diligence with regards to the expenditure process and its responsibilities under the FCF. Only minor issues were raised in the report, and CIPO management had agreed to take corrective actions to address these issues.

The FCF requires CIPO senior management to ensure that all concerns raised by financial staff are presented to an appropriate level of management for discussion and analysis. For reporting purposes, CIPO is also to submit quarterly Letters of Representation to CAS attesting to the accuracy of sector financial results and to raise any significant internal control deficiencies. As required in the FCF, CIPO has sent quarterly Letters of Representation to CAS during fiscal year 2011-12; no internal control deficiencies have been identified.

The audit also found that CIPO staff reconciled, on a monthly basis, the financial transactions recorded in its revenue system (FITT) and its reporting system (IFMS) to identify any control weaknesses; no deficiencies related to financial reporting were noted.

In addition, based on discussions with CIPO staff, the audit found that communication channels exist from staff to manager to senior management, and that these channels are used when necessary to communicate any deficiencies identified. CIPO staff confirmed that they had not found any significant deficiencies during the 2011-12 fiscal year to date.

As a revolving fund, CIPO is subject to an annual external audit of its financial statements. In conducting such an audit, external auditors review key internal control processes and report to CIPO and Industry Canada senior management on any significant internal control deficiencies detected during the course of the audit. For the audited 2010-11 financial statements, external auditors did not identify or report any significant internal control deficiencies.

3.4 Budget Allocation and Monitoring

CIPO's budgeting process enables timely development of annual budgets and monitoring of budget performance throughout the year.

The TB Guide on Revolving Funds indicates that management is responsible for budgeting and forecasting the revolving fund's net cash requirement, which is the difference between revenues and expenditures of the revolving fund unit.

During our audit, we examined the CIPO internal budgeting process for fiscal year 2011-12 to assess the extent to which:

  • budget allocations instructions are clear and understood by individuals with budget authorities;
  • management monitors actual revenues and expenditures against the budget and any significant deviations from the budget are reported to senior management for decision-making and further action, when necessary.

With respect to the budget allocations, the audit found that instructions were clearly communicated and understood by individuals with budget authorities. Budgeting tools were provided on a timely basis to staff involved in the process. The allocations were supported by information on assumptions, such as the number of applications expected, and considered historical data. Each CIPO branch provided its budget to the Finance Branch for review and consolidation. The final consolidated budget was submitted to the Senior Executive Committee for approval.

Management at different levels monitored actual revenues and expenditures against the budget through monthly, quarterly, mid-year and year-end reviews using branch-developed tools. Variances between actual and budgeted revenues and expenditures were identified, and justifications were provided for any significant variances. In addition, any significant variances were communicated to CIPO and Industry Canada senior management for decision-making and further action, when necessary.

3.5 Segregation of Duties over Revenue Cycle

Most controls related to the segregation of duties within the revenue cycle are in place and work as intended.

According to the department's FCF requirements, which are aligned with the TB Directive on Receipt, Deposit and Recording of Money, management must ensure the segregation of duties of employees who deal with receipts, deposits and recording of money to prevent error or fraud within the revenue cycle. More precisely, the FCF requires the following five internal controls to be implemented, whenever possible:

  • Two individuals must be present to observe and record the total amounts received when mail that contains cheques/cash is opened. A register must be kept and initiated by the individuals involved.
  • The individual who records the transactions must not handle the cheques/cash or prepare the cash receipt.
  • Transactions must always be recorded and authorized in both the revenue (FITT) and reporting (IFMS) systems by two different individuals.
  • For revenue refund, the transaction must not be recorded by the same person who authorized the refund.
  • The daily/monthly reconciliation must be reviewed and signed off by personnel not involved in depositing or recording of revenues.

In circumstances where proper segregation of duties is not possible due to the lack of staff, the verification has to be performed by different personnel with adequate knowledge to mitigate the risk of loss, and evidence needs to be retained for audit purposes. Management must always ensure that effective monitoring or compensating controls are in place to reduce the risk of error.

The Directive on Receipt, Deposit and Recording of Money also requires that employees not control any function continuously for an extended period of time unless alternate controls, such as independent periodic verification, are implemented.

To determine whether adequate segregation of duties is in place at CIPO, AEB tested the five above mentioned internal controls. For each control tested, the audit team randomly selected samples to test during the period of April 1, 2010 to June 30, 2011. Our testing found that most controls in the revenue cycle were operating as intended:

  • Two individuals were present in the mail room to open the mail.
  • A register was prepared for courier and registered mail.
  • Cash receipts were prepared by individuals not involved in recording the transactions.
  • Transactions were entered into the revenue system (FITT) and recorded into the reporting system (IFMS) by two different individuals.
  • Revenue refund transactions were authorized and recorded by two different individuals.
  • Daily reconciliations were made by individuals not involved in the depositing or recording of revenues.
  • Reconciliations between the bank account and the reporting system (IFMS) as well as between the revenue system (FITT) and the reporting system (IFMS) were prepared, reviewed and signed off on a monthly basis.
  • Monthly reconciliations were made by individuals not involved in the depositing of revenues.

Despite the above results, the audit team found some opportunities for improvement in the revenue cycle control environment with respect to segregation of duties. Below is a summary of where these opportunities exist:

  • the preparation and initialing of registers in the mailroom and over the counter mainly for cheques;
  • the ability of employees involved in entering and recording revenues in the FITT or IFMS to access the secure room where cash and/or cheques are stored;
  • the involvement of the same employees in recording revenues in the IFMS and reviewing monthly reconciliations.

In light of the above results, there is a slight risk that inappropriate segregation of duties over the handling of cash and recording of revenue may create an environment in which it is possible for individuals to engage in fraudulent activity such as manipulation of financial data or misappropriation of assets.

Recommendation 2

CIPO should review its revenue cycle process and identify adjustments that would improve compliance with the Financial Control Framework requirements regarding segregation of duties.

3.6 System Data Integrity

CIPO has mechanisms in place to ensure data integrity across its revenue and reporting systems and is addressing variances between its revenue and inventory systems.

All sectors of Industry Canada are responsible for maintaining accurate information in the Integrated Financial and Materiel System (IFMS). The IFMS is used to record all financial transactions from the initiation of an expense to the payment, with a focus on financial reporting.

As a sector, CIPO is also responsible for maintaining other key systems, such as the Financial Information Transaction Tool (FITT) system and five Product Line (PL) systems. FITT records CIPO revenues. The PL systems track the inventory of applications received from customers for various business lines such as patents, trade-marks, copyrights and industrial designs. The PL systems also track the inventory of applications processed to provide data on work completed and work in progress for each business line. At year-end, revenues and deferred revenues are recorded in the CIPO financial statements based on the level of work completed and in progress.

As part of our audit, we assessed whether CIPO has mechanisms in place to ensure data integrity across its key financial systems. The results of this assessment demonstrate that regular reconciliations of financial transactions were made between the FITT system and the IMFS.

At the same time, CIPO management has identified issues in the reconciliation process between the FITT system and the PL systems. The Finance Branch started a project in 2010-11 to identify the reasons for the variances between these systems. Because of resource limitations, CIPO delayed the project until 2011-12. Management is now developing tools to address these issues.

If variances remain, there is a risk that inaccurate revenue and deferred revenue figures could be recorded in the annual financial statements. As part of the 2010-11 CIPO financial statements audit, external auditors asked management to make adjustments to ensure revenues and deferred revenues were accurately recorded.

Recommendation 3

CIPO should explore solutions and put an action plan in place to address the reconciliation issues identified between its revenue system (FITT) and inventory (Product Line) systems to continue to ensure the integrity of data.

3.7 Employee Benefit Plan Costs

CIPO calculates, records and manages its employee benefit costs in accordance with TB requirements.

According to the TB Guide on Revolving Funds, revolving fund personnel costs are viewed separately from the rest of the department's personnel costs. The revolving fund must account for its own share of employee benefit costs, such as premiums for Employment Insurance, Quebec Pension Plan and medical benefits.

Annually, TB Secretariat (TBS) estimates the cost to the government of delivering employee benefits and insurance plans for the upcoming fiscal year. Each March TBS informs revolving fund entities of these estimates, and of the amounts to be remitted to TBS for the upcoming fiscal year. In March of the following year, TBS calculates and communicates the actual cost to revolving fund entities, which must then make final adjustments to accounting records prior to year end.

During our audit, we examined how CIPO staff calculates and records its employee benefit costs in accordance with TB requirements. We observed that for the audited period, CIPO staff:

  • forecasted, for fiscal year 2011-12, the employee benefit costs using the rates pre-determined by TBS;
  • considered these costs in the budget at the beginning of 2011-12;
  • made quarterly employee benefit payments to TBS, based on these forecasted costs;
  • made a year-end adjusted payment based on variances between the forecasted and actual costs; and
  • recorded these costs and the payments into the IFMS.

In addition to following the TBS instructions, CIPO has implemented complementary internal controls to ensure proper management of its employee benefit costs. Some key controls are:

  • adequate segregation of duties – different employees perform the calculations, the recording and the verification of employee benefit costs;
  • monthly review by the Director of Finance Branch of the financial statements, which includes the details of the costs of employee benefits; and
  • annual external audit of the CIPO financial statements.

Based on the above-noted observations, AEB found that CIPO staff calculates, records and manages its employee benefit costs to meet TB requirements.


4.0 Overall Conclusion

The results of this audit revealed that CIPO, with some exceptions, has a sound Financial Management Control Framework that is operating as intended in the areas of financial roles, responsibilities and accountabilities, managing internal control deficiencies, budget allocation and monitoring, segregation of duties over the revenue cycle, system data integrity and the management of employee benefit plan costs.


Appendix A: Audit Criteria

Audit Criteria Table
Criteria Criteria Met or Not Met
1. Employees are aware of their financial responsibilities, accountabilities and authorities, which are clearly defined, and they carry out their duties in accordance with the requirements set out in the Industry Canada Financial Control Framework. Met with exceptions
2. Appropriate mechanisms are in place for identifying, reporting and resolving internal control deficiencies. Met
3. Budget allocations are clear and understood by individuals with budget authority and budgets are monitored and analyzed on a regular basis. Met
4. Appropriate procedures exist and are followed when the required financial training is not completed by managers/staff. Met
5. There is appropriate segregation of duties around the handling of receipts and processing of revenue transactions. Met with exceptions
6. Appropriate mechanisms are in place to ensure data integrity across key financial systems within CIPO. Met with exception
7. Employee benefit costs are calculated, recorded and managed in accordance with Treasury Board requirements. Met

Appendix B: Management action plan

Tableau du plan d'action de la direction
Recommendation Planned Action on the Recommendation Responsible Official Target completion date
Recommendation 1:

CIPO should continue to review the organizational structure of the Finance Branch and identify the financial positions to meet its current needs.

  • Obtain concurrence from Comptrollership and Administration Sector (CAS) for the new Finance Directorate organizational structure;
Corporate Strategies and Services April 2012
  • Submit the new Finance Directorate organizational structure to Human Resource Branch /Classification;
April 2012
  • Communicate changes to Finance Directorate staff;
May 2012
  • Write and review work descriptions Executive Director
June 2012
Recommendation 2:

CIPO should review its revenue cycle process and identify adjustments that would improve compliance with the Financial Control Framework requirements regarding segregation of duties.

  • Review segregation of duties for preparation and initiation of registers for cash and cheques received at the mail room;
Director of Finance May 2012
  • Consider removing access to secure room of employees performing recording in Integrated Financial and Material System (IFMS) and review internal processes to make sure the employees who have access to the safe in the secure room are not allowed to enter and record revenues in Financial Information Transaction Tool (FITT); and
April 2012
  • Review internal processes to make sure the employees recording revenues in the IFMS (posting rights) are not also performing monthly reconciliations.
April 2012
Recommendation 3:

CIPO should explore solutions and put an action plan in place to address the reconciliation issues identified between its revenue system (FITT) and inventory (Product Line) systems to continue to ensure the integrity of data.

  • Align the reconciliation process among product lines to facilitate the reconciliation of data between systems;
Director of Finance May 2012
  • Identify areas to reduce the number of reconciliation items between systems;
August 2012
  • Produce regular reconciliation reports of financial transactions;
September 2012
  • Explore a solution to automate the transfer of financial data from FITT to business lines systems; and
March 2013
  • On a longer term basis, explore the possibility of eliminating FITT and the need for data reconciliation by having e-services and business line systems feed data directly to IFMS.
2014-15