The Scope of Internal Audit Activities

The scope of internal audit activities encompasses, but is not limited to, objective examinations of evidence for the purpose of providing independent assessments to the Audit Committee on the adequacy and effectiveness of governance, risk management, and control processes for the City.

Internal Audit assessments include evaluating whether:

  • Risks relating to the achievement of the City's strategic objectives are appropriately identified and managed.
  • The actions of the City's officers, directors, employees, and contractors are in compliance with the City's policies, procedures, and applicable laws, regulations, and governance standards.
  • The results of operations or programs are consistent with established goals and objectives
  • Operations or programs are being carried out effectively and efficiently.
  • Established processes and systems enable compliance with the policies, procedures, laws, and regulations that could significantly impact the City.
  • Information and the means used to identify, measure, analyze, classify, and report such information are reliable and have integrity.
  • Resources and assets are acquired economically, used efficiently, and protected adequately.

The Director, Internal Audit has the responsibility to:

  • Submit, at least annually, to the Audit Committee, a risk-based Internal Audit Work Plan for review and approval. The Internal Audit Work Plan sets out the priorities for Internal Audit that: are reflective of the City's objectives, concerns and priorities; are integrated and coordinated with the corporate risk assessment and strategic planning process: and, considers input from senior management.
  • Communicate to the Audit Committee the impact of resource limitations on the Internal Audit Work Plan.
  • Review and adjust the Internal Audit Work Plan, as necessary, in response to changes in the City's business, risks, operations, programs, systems, and controls.
  • Communicate to the Audit Committee any significant interim changes to the Internal Audit Work Plan.
  • Ensure each engagement of the Internal Audit Work Plan is executed, including the establishment of objectives and scope, the assignment of appropriate and adequately supervised resources, the documentation of work programs and testing results, and the communication of engagement results with applicable conclusions and recommendations to appropriate parties.
  • Follow up on engagement findings and corrective actions, and report periodically to the Audit Committee any corrective actions not effectively implemented.
  • Manage and coordinate all fraud investigation activities within City Departments and Related Boards.
  • Ensure the principles of integrity, objectivity, confidentiality, and competency are applied and upheld.
  • Ensure Internal Audit collectively possesses or obtains the knowledge, skills, and other competencies needed to meet the requirements of the Internal Audit Charter.
  • Ensure emerging trends and successful practices in internal auditing are considered.
  • Establish and ensure adherence to policies and procedures designed to guide Internal Audit. 7 By-law Number 1°8 - 2023
  • Ensure adherence to the City's relevant policies and procedures, unless such policies and procedures conflict with the Internal Audit Charter. Any such conflicts will be resolved or otherwise communicated to the Audit Committee.
  • Ensure conformance of Internal Audit with the Standards, with the following qualifications:
    • If Internal Audit is prohibited by law or regulation from conformance with certain parts of the Standards, the Director, Internal Audit will ensure appropriate disclosures and will ensure conformance with all other parts of the Standards.
    • If the Standards are used in conjunction with requirements issued by ISACA, the Director, Internal Audit will ensure that Internal Audit conforms with the Standards, even if Internal Audit also conforms with the more restrictive requirements of ISACA.