The National Research Council of Canada (NRC) carries out independent audits of its research centres, branches, programs and initiatives, in accordance with the Treasury Board Policy on Internal Audit.
Here is a list of the most current reports on the results of these audits.
2023-2024
2022-2023
- Audit of acquisition card management - February 2023
- Audit of Cyber incident response
- Audit of Digital authorization
2021-2022
2020-2021
2019-2020
- Audit of Intellectual Property (IP)-related royalties and awards
- Audit of Research and licensing agreement management
- Audit of conflict of interest management
- Audit of Acquisition card management
- Audit of procurement and contracting
- Audit of IT Security
2018-2019
2017-2018
- Audit of Industrial Research Assistance Program (IRAP) - SONAR
- Audit of Talent Management – Workforce Planning and Succession Management
2016-2017
- Audit of Occupational Safety and Health
- Audit of NRC Operational Security: Controlled Goods and International Traffic in Arms Regulations (ITAR)
2015-2016
- Audit of Revenue Management - February 2016
- Audit of Acquisition Cards in the Interim Operating Environment - June 2015
- Audit of Expenditure Management in the Interim Operating Environment - June 2015
- Audit of the Industrial Research Assistance Program in the Interim Operating Environment - June 2015
- Audit of Procurement and Contracting in the Interim Operating Environment - June 2015
2014-2015
2013-2014
- ARCHIVED - Continuous Audit of the Industrial Research Assistance Program (IRAP) – FY 2012-13
- ARCHIVED - 2012-13 Continuous Audit of Expenditure Management
- ARCHIVED - Audit of Investment Planning
- ARCHIVED - 2012-13 Continuous Audit of Procurement and Contracting
If you want a complete copy of audit reports listed as summaries, please contact the NRC Internal Audit Reports.
Audit performance results
Key compliance attributes are published as required under sections A.2.2.3 and A.2.2.3.1 of the Directive on Internal Audit.
These results, or key attributes demonstrate that the main fundamental elements necessary for oversight are in place, are performing as required under the Policy on Internal Audit and the Directive on Internal Audit and are achieving results.
Why publish key compliance attributes of internal audit?
Key compliance attributes
Performance indicators | Key compliance attributes | June 30, 2024 | Definitions |
---|---|---|---|
Do internal auditors in departments have the training required to do the job effectively? Are multidisciplinary teams in place to address diverse risks? | % of staff with an internal audit or accounting designation (Certified Internal Auditor (CIA), Chartered Professional Accountant (CPA)) | 62% | |
% of staff with an internal audit or accounting designation in progress (Certified Internal Auditor (CIA), Chartered Professional Accountant (CPA)) | 10% | In progress: The staff member (an indeterminate employee) has formally registered with and has been accepted by the certifying body to complete the requirements of the professional designation in a prescribed time frame and has registered for at least one component of the certification process. | |
% of staff holding other designations (CGAP, CISA, etc.) | 31% | ||
Is internal audit work performed in conformance with the international standards for the profession of internal audit as required by Treasury Board policy? | Date of last comprehensive briefing to the Departmental Audit Committee on the internal processes, tools, and information considered necessary to evaluate conformance with the IIA Code of Ethics and the Standards and the results of the quality assurance and improvement program (QAIP) | June 2023 |
Last comprehensive briefing:
External assessments (practice inspections) must be conducted at least once every five years by a qualified, independent assessor or assessment team from outside the organization. |
Date of last external assessment | June 2023 | ||
Is internal audit credible and adding value in support of the mandate and strategic objectives of the organization? | Average overall usefulness rating from senior management (ADM-level or equivalent) of areas audited. | No recent results |
Average "overall usefulness" rating: Post-audit surveys to senior management of the area audited should include a question on the overall usefulness of the audit. |
Internal audit status
Internal audit title | Audit status | Report approved date | Report published date | Original planned Management Action Plan completion date |
Management Action Plan Implementation status (%) |
---|---|---|---|---|---|
Audit of real property management | Published – Management Action Plan not fully implemented | 2021/03/26 | 2021/06/30 | 2024/03/31 | 67% |
Audit of cyber incident response | Approved – Not published | 2022/12/22 | N/A | 2023/12/31 | 80% |
Review of the hazard prevention program | Approved – Not published | 2023/01/30 | N/A | 2024/03/31 | 67% |
Audit of research cloud services | Cancelled | N/A | N/A | N/A | N/A |
Audit of professional services contracting | Approved – Not published | N/A | N/A | N/A | N/A |
Audit of recruitment and staffing | In progress | N/A | N/A | N/A | N/A |
Audit of IT governance | In progress | N/A | N/A | N/A | N/A |
Audit of enterprise risk management | In progress | N/A | N/A | N/A | N/A |
Audit of business continuity management | Planned | N/A | N/A | N/A | N/A |