What to Expect—An Auditee’s Guide to the Performance Audit Process

6. Access to entity information

Audit teams at the Office of the Auditor General of Canada (OAG) have a right to access the following within audited entities, in accordance with federal legislation:

OAG auditors are entitled to receive all information that they determine is relevant and necessary to enable them to carry out their audits and examinations. This may include documents, reports, or explanations from members of the public service and from officers, employees, or agents.

As OAG auditors identify the information they need and who they need to interview, the audited entity is to give them access. The information that the entity should supply, upon request, includes all forms of communication—written, visual, auditory, and electronic—whether in final or draft form, with the exception of draft Treasury Board submission material.

Guidance for deputy ministers from the Privy Council Office emphasizes that the role of deputy heads includes ensuring that

OAG auditors are entitled to access documents that may be subject to solicitor-client and other privileges. To ensure that this access does not affect the privilege attached to the documents, the OAG makes a formal written request for access to such documents at the start of the audit.

The OAG issues a letter of notification and solicitor-client privilege to the deputy head of the entity requesting timely access to information and personnel under the powers granted by the Auditor General Act and, among other things, to documents that may be subject to solicitor-client and other privileges.

The deputy head is expected to acknowledge in writing that the entity will comply with its duty under the Act and that providing the documents to the OAG does not constitute a waiver of any privilege attached to the documents. The exchange of letters maintains the privileged nature of the information provided to the OAG for audit purposes.

The OAG respects the confidentiality of the documents and does not refer to them in its reports.

When the audit team identifies entity staff for an interview, the staff must be made available. It is unacceptable and inappropriate for the entity to coach staff prior to an interview with auditors or filter information requested by the OAG. As a general rule, to encourage candour and complete responses, only entity staff being interviewed should be present during the interview. Under certain circumstances, the audit team and the audited entity may agree that observers at an interview are appropriate, but it is up to the OAG to decide when they are.

The Auditor General’s access to Cabinet confidences is set out in two orders-in-council: PC#1985-3783 and PC#2006-1289.

An audited entity is responsible for identifying the following to OAG auditors:

These are made available to the Auditor General through a separate process that involves the Privy Council Office or the Treasury Board of Canada Secretariat, as appropriate.

The fact that a document is not accessible to the public, through an Access to Information request, is not a valid reason for denying access to OAG staff. The provisions of the Access to Information Act do not apply to the Auditor General’s access to information for audit purposes.

Auditors encountering problems obtaining information during an audit, such as delays, will report the problems to the engagement leader. If the problems continue, the engagement leader will attempt to resolve the issue with the entity’s OAG liaison, or if necessary, with senior management.

In some circumstances, a delay in providing requested documents or information can amount to a denial of access. The Auditor General may report such cases to Parliament.

Electronic information is preferred, but hard copies are acceptable.

Information can include all forms of communication—written, visual, auditory, and electronic—whether in final or draft form.

This includes but is not limited to any relevant

Auditors may take extracts and make photocopies, unless security classifications dictate otherwise.

The audit team maintains a register of documents requested and received during an audit.

Access to information and to privileged information begins once

Entity officials should instruct their employees to make themselves and information available, as they would for any other important entity business. Timely access to information is essential for the Auditor General to meet reporting obligations to Parliament. Entity officials should respond expeditiously to OAG requests for information.

The time required to produce information can be affected by such factors as the information’s format and location, and an individual’s availability.

Information Time frame
Easily accessible Five working days
Requiring additional work to compile (such as data manipulation or archive searches) Audit team and audited entity discuss and agree on time frame.

Audit team members have access to an audited entity’s

Auditors must comply with the same security requirements that apply to the entity’s employees.

At the start of an audit, the audit team provides the entity’s OAG liaison with the names and security clearance levels of OAG and contract staff initially assigned to the audit. If any changes need to be made to this list during the audit, the team notifies the OAG liaison.