Information identified as archived on the Web is for reference, research or recordkeeping purposes. It has not been altered or updated after the date of archiving. Web pages that are archived on the Web are not subject to the Government of Canada Web Standards. As per the Communications Policy of the Government of Canada, you can request alternate formats on the "Contact Us" page.
The audit objective was to assess whether an appropriate management control
framework is in place within the Secretariat to effectively support activities
related to the DI Plan.
1. Are roles, responsibilities and accountabilities clearly defined, and is there a process in place to ensure
that employees possess the appropriate knowledge and skills to carry out their duties? 
- Roles, responsibilities and accountabilities are clearly defined, documented and communicated. (Sources:
Whitepaper on Plan Governance-2 and Core Management Controls—AC-1 and AC-4)
- Pensions and Benefits employees involved in the management of DI Plan understand their respective roles,
responsibilities and accountabilities; and the roles, responsibilities and accountabilities of the DI Plan
delivery stakeholders. (Sources: Core Management Controls—AC-2)
- A process is in place in the Pensions and Benefits Sector to identify and maintain the knowledge and
skills needed for DI Plan management. (Sources: Whitepaper on Plan Governance-6 and Core Management
2. Is there a process, and are there controls in place to facilitate oversight?
- A process is in place to assess whether DI Plan objectives are being met. (Sources: Whitepaper on Plan
Governance-1 and Core Management Controls—G-3, G-5, RP-3, ST-4, ST-16, ST-18)
- A process is in place to report on the activities of the DI Plan. (Sources: Core Management
- A process is in place to ensure that the management of the DI plan is in compliance with legislative and
regulatory requirements. (Sources: Whitepaper on Plan Governance-7 and Core Management Controls—ST-7)
- A process is in place to ensure that the DI Plan is in compliance with legislative and regulatory
(Sources: Whitepaper on Plan Governance-7 and Core Management Controls—ST-7)
3. Is there a formal and systematic approach for identifying and assessing risks facing the DI Plan, and are
there mitigation strategies to respond to identified risks?
- A process is in place to ensure risks are identified, monitored and mitigated. (Sources: Whitepaper on
Plan Governance-7 and Core Management Controls—RM-2, RM-4, RM-5)
4. Is there appropriate administration of the insurance policy (contract) between Sun Life and Treasury Board?
- Contract and amendments are supported by documented justification and are approved by the appropriate
authority. (Sources: Core Management Controls—AC-1, CFS-1)
- Appropriate oversight of contractor activities is conducted (e.g., monitoring, ensuring deliverables are
met, review of contractor performance, etc.). Periodic briefings are made to senior management regarding the
contract, as appropriate. (Sources: Core Management Controls—AC-3, G-6, ST-20, ST-22)
- Pensions and Benefits Sector monitors and analyzes payments to the contractor related to the DI Plan
contract (i.e., examination of the processes used to verify payments.) (Sources: Core Management
- Key documentation is on file to support contract management. (Sources: Core Management