Audit subobjective
|
Audit criteria
|
1. Are roles, responsibilities and accountabilities clearly defined, and is there a process in place to ensure
that employees possess the appropriate knowledge and skills to carry out their duties? [7]
|
- Roles, responsibilities and accountabilities are clearly defined, documented and communicated. (Sources:
Whitepaper on Plan Governance-2 and Core Management Controls—AC-1 and AC-4)
- Pensions and Benefits employees involved in the management of DI Plan understand their respective roles,
responsibilities and accountabilities; and the roles, responsibilities and accountabilities of the DI Plan
delivery stakeholders. (Sources: Core Management Controls—AC-2)
- A process is in place in the Pensions and Benefits Sector to identify and maintain the knowledge and
skills needed for DI Plan management. (Sources: Whitepaper on Plan Governance-6 and Core Management
Controls—LICM-4)
|
2. Is there a process, and are there controls in place to facilitate oversight?
|
- A process is in place to assess whether DI Plan objectives are being met.[8] (Sources: Whitepaper on Plan
Governance-1 and Core Management Controls—G-3, G-5, RP-3, ST-4, ST-16, ST-18)
- A process is in place to report on the activities of the DI Plan. (Sources: Core Management
Controls—G-6, ST-20)
- A process is in place to ensure that the management of the DI plan is in compliance with legislative and
regulatory requirements. (Sources: Whitepaper on Plan Governance-7 and Core Management Controls—ST-7)
- A process is in place to ensure that the DI Plan is in compliance with legislative and regulatory
requirements.[9]
(Sources: Whitepaper on Plan Governance-7 and Core Management Controls—ST-7)
|
3. Is there a formal and systematic approach for identifying and assessing risks facing the DI Plan, and are
there mitigation strategies to respond to identified risks?
|
- A process is in place to ensure risks are identified, monitored and mitigated. (Sources: Whitepaper on
Plan Governance-7 and Core Management Controls—RM-2, RM-4, RM-5)
|
4. Is there appropriate administration of the insurance policy (contract) between Sun Life and Treasury Board?
|
- Contract and amendments are supported by documented justification and are approved by the appropriate
authority. (Sources: Core Management Controls—AC-1, CFS-1)
- Appropriate oversight of contractor activities is conducted (e.g., monitoring, ensuring deliverables are
met, review of contractor performance, etc.). Periodic briefings are made to senior management regarding the
contract, as appropriate. (Sources: Core Management Controls—AC-3, G-6, ST-20, ST-22)
- Pensions and Benefits Sector monitors and analyzes payments to the contractor related to the DI Plan
contract (i.e., examination of the processes used to verify payments.) (Sources: Core Management
Controls—ST-16, ST-20)
- Key documentation is on file to support contract management. (Sources: Core Management
Controls—ST-12)
|