I.10 Chief Audit Executive’s assessment of the PRIA team’s independence and objectivity with respect to its role in conducting practice reviews

The Chief Audit Executive (CAE) discussed with the Audit Committee at least annually (or more often, if appropriate) the CAE’s independence and objectivity, and the associated risks and safeguards in place, specifically in relation to the CAE’s practice review function.

The CAE communicated to the Auditor General and the Audit Committee the risks of conducting practice reviews.

The CAE gave confirmation to the Auditor General and the Audit Committee, at least annually, that the PRIA team’s activities conformed with the PRIA Charter.

• The PRIA Charter defines the nature of the internal auditors’ roles.
• The PRIA Charter refers to the PRIA team’s responsibility to conduct practice reviews, which is a second line of defence activity.

The CAE evaluated annually (or more often, as required) the lines of reporting to the Auditor General and the Audit Committee.

The CAE conducted an annual review and self-assessment of the PRIA team’s independence and objectivity with respect to its role in conducting practice reviews and internal audits.

Before conducting a practice review, the CAE and responsible Director defined and discussed the following items with management (the Principal):

• any risks and potential impacts related to the PRIA team’s independence and objectivity;
• management’s acceptance and ownership of the risks;
• roles, responsibilities, and any segregation of duties; and
• controls in place to validate that the agreed upon safeguards were operating effectively.

Before conducting a practice review, the CAE and practice review team confirmed their independence. If there was a risk to the PRIA team’s independence and objectivity, the CAE would disclose it to management and take action to mitigate it.

The CAE documented other assurance providers’ assessments of the PRIA team’s activities, such as internal audit plans, risk assessments, engagement communications, and second line of defence activities (for example, an international peer review).

After each engagement (internal audit or practice review), the CAE issued a client survey to solicit feedback on the perceptions of the CAE’s independence and objectivity.