Performance results for the internal audit function - November 30, 2025

The following are questions that stakeholders may have about the oversight of public resources, and the corresponding Communications Security Establishment (CSE) performance results.

Do internal auditors in departments have the training required to do the job effectively?

  • 36% of staff within the Internal Audit (IA) team have a financial designation and/or Certified Internal Auditor (CIA) certification
  • 45% of staff is currently pursuing a financial designation and/or CIA certification
  • 9% of staff have other types of certifications
  • Training is provided annually to all staff members

Are multidisciplinary teams in place to address diverse risks?

  • Multidisciplinary teams are in place when and where required

Is IA work performed in conformance with the international standards for the profession of IA as required by Treasury Board Secretariat (TBS) policy?

  • Yes – The last results of an External Quality Review in May 2022 provided the IA function with the highest possible overall result of "Generally Conforms"

Are the risk-based audit plans (RBAP) submitted to audit committees and approved by deputy heads implemented as planned with resulting reports published?

  • The RBAP is submitted to CSE’s Departmental Audit Committee (DAC) and approved by Deputy Head (Chief) and the resulting reports are shared and published internally
  • CSE does not publicly report audits

Is management acting on audit recommendations for improvements to departmental processes?

  • In 2024-25, 4 engagements were planned: 1 was advisory and 3 were assurance
    • All began in Q4
    • All continued into fiscal year 2025-2026
  • Open actions are closely monitored, and action status reporting occurs twice a year
  • Results are shared with the DAC as part of our management accountability framework

Is IA credible and adding value in support of the mandate and strategic objectives of the organization?

  • Formal feedback received from assistant deputy minister (ADM)-level clients and key stakeholders post-engagement as well as at informal feedback received during DAC meetings indicated that audit results added value and were supporting the organization in the achievement of objectives
  Search our events, information and resources

Mission

Mission

Discover CSE's impactful mission

Careers

Careers

Join our team and help keep Canadians safe

Culture and community

Culture and community

Learn how we support our employees and our community

Date modified: