What to Expect—An Auditee’s Guide to the Performance Audit Process
6. Access to entity information
Audit teams at the Office of the Auditor General of Canada (OAG) have a right to access the following within audited entities, in accordance with federal legislation:
- information,
- documents, and
- staff.
OAG auditors are entitled to receive all information that they determine is relevant and necessary to enable them to carry out their audits and examinations. This may include documents, reports, or explanations from members of the public service and from officers, employees, or agents.
As OAG auditors identify the information they need and who they need to interview, the audited entity is to give them access. The information that the entity should supply, upon request, includes all forms of communication—written, visual, auditory, and electronic—whether in final or draft form, with the exception of draft Treasury Board submission material.
Guidance for deputy ministers from the Privy Council Office emphasizes that the role of deputy heads includes ensuring that
- their departments establish a respectful and constructive working relationship with a body such as the OAG, and
- entities supply the information needed to fulfill the body’s legislative mandates.
OAG auditors are entitled to access documents that may be subject to solicitor-client and other privileges. To ensure that this access does not affect the privilege attached to the documents, the OAG makes a formal written request for access to such documents at the start of the audit.
The OAG issues a letter of notification and solicitor-client privilege to the deputy head of the entity requesting timely access to information and personnel under the powers granted by the Auditor General Act and, among other things, to documents that may be subject to solicitor-client and other privileges.
The deputy head is expected to acknowledge in writing that the entity will comply with its duty under the Act and that providing the documents to the OAG does not constitute a waiver of any privilege attached to the documents. The exchange of letters maintains the privileged nature of the information provided to the OAG for audit purposes.
The OAG respects the confidentiality of the documents and does not refer to them in its reports.
When the audit team identifies entity staff for an interview, the staff must be made available. It is unacceptable and inappropriate for the entity to coach staff prior to an interview with auditors or filter information requested by the OAG. As a general rule, to encourage candour and complete responses, only entity staff being interviewed should be present during the interview. Under certain circumstances, the audit team and the audited entity may agree that observers at an interview are appropriate, but it is up to the OAG to decide when they are.
The Auditor General’s access to Cabinet confidences is set out in two orders-in-council: PC#1985-3783 and PC#2006-1289.
An audited entity is responsible for identifying the following to OAG auditors:
- memoranda to Cabinet,
- Cabinet decisions,
- Treasury Board submissions, and
- decisions related to the audit.
These are made available to the Auditor General through a separate process that involves the Privy Council Office or the Treasury Board of Canada Secretariat, as appropriate.
The fact that a document is not accessible to the public, through an Access to Information request, is not a valid reason for denying access to OAG staff. The provisions of the Access to Information Act do not apply to the Auditor General’s access to information for audit purposes.
Auditors encountering problems obtaining information during an audit, such as delays, will report the problems to the engagement leader. If the problems continue, the engagement leader will attempt to resolve the issue with the entity’s OAG liaison, or if necessary, with senior management.
In some circumstances, a delay in providing requested documents or information can amount to a denial of access. The Auditor General may report such cases to Parliament.
Electronic information is preferred, but hard copies are acceptable.
Information can include all forms of communication—written, visual, auditory, and electronic—whether in final or draft form.
This includes but is not limited to any relevant
- correspondence,
- memoranda,
- books,
- reports,
- plans,
- maps,
- drawings,
- diagrams,
- analyses,
- surveys,
- pictorial or graphic work,
- photographs,
- films,
- microfilms,
- sound recordings,
- videotapes, or
- records.
Auditors may take extracts and make photocopies, unless security classifications dictate otherwise.
The audit team maintains a register of documents requested and received during an audit.
Access to information and to privileged information begins once
- the entity has been notified of the start of a performance audit or of the strategic audit planning exercise, and
- the deputy head has responded to the OAG’s letter of notification and solicitor-client privilege.
Entity officials should instruct their employees to make themselves and information available, as they would for any other important entity business. Timely access to information is essential for the Auditor General to meet reporting obligations to Parliament. Entity officials should respond expeditiously to OAG requests for information.
The time required to produce information can be affected by such factors as the information’s format and location, and an individual’s availability.
Information | Time frame |
---|---|
Easily accessible | Five working days |
Requiring additional work to compile (such as data manipulation or archive searches) | Audit team and audited entity discuss and agree on time frame. |
Audit team members have access to an audited entity’s
- information for which they have the required level of security clearance, and
- staff who can provide the information.
Auditors must comply with the same security requirements that apply to the entity’s employees.
At the start of an audit, the audit team provides the entity’s OAG liaison with the names and security clearance levels of OAG and contract staff initially assigned to the audit. If any changes need to be made to this list during the audit, the team notifies the OAG liaison.
- Access to Information Act
- Auditor General Act
- Guidance to deputy heads, departmental and entity legal counsel, and OAG audit liaisons on providing the Auditor General access to information in certain confidences of the Queen’s Privy Council (Cabinet confidences)
- 2010 Protocol Agreement on Access by the Office of the Auditor General to Cabinet Documents
- Communiqué (TBS-OAG): Office of the Auditor General’s Access to Records and Personnel for Audit Purposes (distributed by email to deputy heads on 7 August 2007)
- Order-in-Council PC#1985-3783 dated 27 December 1985
- Order-in-Council PC#2006-1289 dated 6 November 2006