Presentation is loading. Please wait.

Presentation is loading. Please wait.

Presentation to ISACA Ottawa Valley Chapter Richard Brisebois, Principal November 9, 2010.

Published byAugustus Hopkins Modified over 9 years ago

Similar presentations

Presentation on theme: "Presentation to ISACA Ottawa Valley Chapter Richard Brisebois, Principal November 9, 2010."— Presentation transcript:

1 Presentation to ISACA Ottawa Valley Chapter Richard Brisebois, Principal November 9, 2010

2 Agenda Background about the OAG Audit objective Scope of the audit CIO Survey results Main findings 1

3 Mandate The Auditor General Act sets out the duties of the Auditor General and the Commissioner of the Environment and Sustainable Development as they relate to auditing and monitoring of federal departments and agencies. 2

4 Work of the the OAG – Four product Lines v Attest audit of financial statements - Government of Canada (Public Accounts) v Attest audits of financial statements - Crowns v Performance audits - departments and agencies v Special examinations – Crowns 3

5 Budget and People Main estimates 2010-11 $85.1 Million Approximately 635 people (FTE) Approximately half of professional staff comprise accountants Other professional staff include: - - Engineers - Scientists - Sociologists - Economists - Lawyers - Geologists - Other professionals Approximately 200 people in the Audit Services Group 4

6 Objective of the Aging IT performance audit To determine whether selected government entities had adequately identified and were managing the risks related to aging IT systems 5

7 6

8 Scope and approach Examined the Chief Information Officer Branch of TBS Reviewed five organizations  Canada Revenue Agency  Public Works and Government Services Canada  Human Resources and Skills Development Canada  Royal Canadian Mounted Police  Citizenship and Immigration Canada Reviewed three critical systems  HRSDC - Employment Insurance Program  CRA - Personal Income Tax (T1)  PWGSC – Standard Payment System Conducted a CIO Survey 7

9 Definition of Aging IT Systems “Aging information technology (IT) systems refers not only to a system’s age in years but also to issues that affect its sustainability over the long term, such as the availability of software and hardware support and of people with the necessary knowledge and skills to service these systems. The term also relates to a system’s ability to adequately support changing business needs or emerging technologies, such as 24/7 online availability.” 8

10 Major Factors Driving the Modernization of Aging IT Systems Skills shortage Vendor support Regulatory compliance Maintenance costs Access to data Meeting client expectations Security Green IT initiatives Disaster recovery 9

11 CIO Survey 40 government entities included in the Treasury Board of Canada Secretariat's Chief Information Officer Council 10

12 Audit Findings – Departments and Agencies Organizations have all identified significant risks related to aging IT systems Aging IT risk management need improvement Monitoring of aging IT risks is incomplete Departmental investment plans need to be supported by a funding strategy 11

13 Organizations Assessed against Key Criteria 12

14 Organizations have all identified significant risks related to aging IT systems All five entities audited considered Aging IT as a significant risk Five of the six entities included it in their corporate risk profiles They stated that if these risks are not addressed in a timely manner, they may not have the capacity to meet current and future business needs 13

15 Aging IT risk management need improvement CRA and RCMP have both completed departmental multi-year investment plan that defines and prioritizes ongoing and future investments HRSDC has a Long—Term Capital Plan but projects are not prioritized and a portfolio view is missing PWGSC and CIC are further behind and don’t have a departmental multi-year investment plan or a portfolio view 14

16 Monitoring of aging IT risks is incomplete Only CRA fully met this criteria  CRA Management Committee and Resource Investment Management Committee review all risks and investments projects regularly  There is an action plan for each risk that outlines specific strategies, key activities, deliverables and timelines 15

17 Departmental investment plans need to be supported by a funding strategy Significant funding is likely to be needed across government to renew aging systems The shortfall is estimated at a total of $2 billion in three entities 16

18 Audit Findings TBS-CIOB Chief Information Officer Branch CIOB is aware that aging of IT systems is an issue The aging of IT system has not formally identified as an area of importance for the government There is a need to formulate IT strategic directions or a plan to address these issues on a government-wide level. 17

19 Recommendation – Risk Management Departments should use a department-wide portfolio management approach to ensure that they focus on current and planned IT investments that best contribute to meeting their business objectives, with an acceptable degree of risk and at a reasonable cost. Departments should develop a multi-year IT investment plan that presents a balanced mix of mandatory, sustaining, and discretionary investments that they require to both sustain existing systems and to improve service delivery. 18

20 Recommendation – Risk Monitoring Departments should develop an action plan for each significant aging IT risk. The plans should include specific strategies, key activities, deliverables, and timelines to manage these risks. These entities should report progress regularly to senior management. 19

21 Recommendation – Funding Strategy Departments should identify an appropriate funding strategy. The funding strategy should present investment options, or scenarios that take into account what source of funding would most likely be available in the five-year planning period. 20

22 Recommendation - TBS The Chief Information Officer Branch (CIOB) of the Treasury Board of Canada Secretariat should exercise its central leadership role by collecting and analyzing relevant information to assess the state of aging IT systems across government. The CIOB should prepare a report on its assessment and the related cost estimates for the government as a whole. In consultation with deputy heads, it should also develop a plan that will set the IT strategic directions for the government to mitigate risks associated with aging IT systems on a sustainable basis. 21

23 Questions/Thank You Richard Brisebois, CGA, CISA Office of the Auditor General of Canada Tel: (613)995-3708 Fax: (613)947-9736 240 Sparks Street Ottawa, Ontario, Canada K1A 0G6 www.oag-bvg.gc.ca 22

Download ppt "Presentation to ISACA Ottawa Valley Chapter Richard Brisebois, Principal November 9, 2010."

Similar presentations

Building blocks for adopting Performance Budgeting in Canada Bruce Stacey – Executive Director Results Based Management Treasury Board Secretariat, Canada.

Building blocks for adopting Performance Budgeting in Canada Bruce Stacey – Executive Director Results Based Management Treasury Board Secretariat, Canada.
Course: e-Governance Project Lifecycle Day 1

Course: e-Governance Project Lifecycle Day 1
CFO Model December 2007 Bill Matthews A/Executive Director Government Accounting and Policy Office of the Comptroller General.

CFO Model December 2007 Bill Matthews A/Executive Director Government Accounting and Policy Office of the Comptroller General.
29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.

29e CONFÉRENCE INTERNATIONALE DES COMMISSAIRES À LA PROTECTION DES DONNÉES ET DE LA VIE PRIVÉE 29 th INTERNATIONAL DATA PROTECTION AND PRIVACY COMMISSIONERS.
Internal Audit : Framework for the Management of Compliance Presentation at FMI meeting Sept. 2014.

Internal Audit : Framework for the Management of Compliance Presentation at FMI meeting Sept
Meeting with IESBA CPAB Update Glenn Fagan and Kam Grewal April 7, 2014.

Meeting with IESBA CPAB Update Glenn Fagan and Kam Grewal April 7, 2014.
Evaluation in the Government of Canada

Evaluation in the Government of Canada
AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.

AUDIT COMMITTEE FORUM TM ACF Roundtable IT Governance – what does it mean to you as an audit committee member July 2010 The AUDIT COMMITTEE FORUM TM is.
“Partnering to Make IT Happen” Welcome to the EMF Symposium February 23, 1999 Enhancing Alignment of IM/IT with Business Chief Information Officer Branch.

“Partnering to Make IT Happen” Welcome to the EMF Symposium February 23, 1999 Enhancing Alignment of IM/IT with Business Chief Information Officer Branch.
NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.

NLRB: Information Security & FISMA Daniel Wood, Chief IT Security February 19, 2004.
Action Implementation and Monitoring A risk in PHN practice is that so much attention can be devoted to development of objectives and planning to address.

Action Implementation and Monitoring A risk in PHN practice is that so much attention can be devoted to development of objectives and planning to address.
IS Audit Function Knowledge

IS Audit Function Knowledge
Pertemuan 11-12 Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.

Pertemuan Matakuliah: A0214/Audit Sistem Informasi Tahun: 2007.
Office of the Auditor General of Canada The State of Program Evaluation in the Canadian Federal Government Glenn Wheeler Director, Results Measurement.

Office of the Auditor General of Canada The State of Program Evaluation in the Canadian Federal Government Glenn Wheeler Director, Results Measurement.
The CPA Profession Chapter 2.

The CPA Profession Chapter 2.
Resource Allocation in Canada Evaluation, Accountability and Control Brian Pagan Expenditure Operations and Estimates Treasury Board of Canada Secretariat.

Resource Allocation in Canada Evaluation, Accountability and Control Brian Pagan Expenditure Operations and Estimates Treasury Board of Canada Secretariat.
Trinidad & Tobago Corporate Governance Code 2013

Trinidad & Tobago Corporate Governance Code 2013
“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.

“The Impact of Sarbanes Oxley, An Evolving Best Practice” Ellen C. Wolf Senior Vice President & Chief Financial Officer American Water National Association.
Session 4: Good Governance: How SAIs influence Good Governance in Public Administration Zahira Ravat 27 & 28 May 2014.

Session 4: Good Governance: How SAIs influence Good Governance in Public Administration Zahira Ravat 27 & 28 May 2014.
The Role of Central Agencies

The Role of Central Agencies

Similar presentations

Ads by Google