Internal Audit of the Library of the Supreme Court of Canada

The Library of the Supreme Court of Canada had not been audited in the last ten years; as a result, the Library was identified as being due for a cyclical audit.

The objective of this audit was to provide assurance services to the Registrar as to the management of the Library and its information management practices. The audit, conducted by Interis Consulting Inc. between January 5, 2006 and February 24, 2006, was designed to provide a moderate level of assurance on the effectiveness of management controls based on interviews and documentation review. The audit did not include transaction testing on a sample basis, or compliance testing of policies and practices.

The auditors' conclusion is that many aspects of the Library's management control framework are exemplary and there were indications that the Library has been providing Technical and Reader Services that are deemed to be of very high quality by its clients. However, a key weakness in the financial controls relating to the segregation of duties in the expenditure process for new acquisitions and serials was observed. Other areas where the management control framework should be strengthened include: priority setting and delegation for managers, added clarity to roles and responsibilities surrounding the new Library Management System (LMS), controls for safeguarding heritage items, succession planning, monitoring the range of topics in new acquisitions, a tool to evaluate the trial of new electronic databases, a method to validate charges for use of databases, and a strategy for long term use of Library space.

With respect to performance management, the audit concludes that although data on volume of work is collected and a survey on client satisfaction is conducted, the performance framework lacked benchmarks and performance indicators linked to results that could then be used to support management decisions. A performance management framework should be developed to assist in identifying meaningful indicators.

With respect to Risk Management, the audit concludes that the risk assessment conducted for the Library and Information Services Sector was adequate and at an appropriate level to address risks related to the Library. However, the risk management regime did not identify timelines for completion of mitigation actions, and there was no evidence of a continuous risk management regime.

The Director of the Library has agreed with all but oneFootnote 1 of the audit recommendations and has committed to their implementation through the approval of an action plan.

Footnotes

Footnote 1

The Director of the Library did not agree with Recommendation #9 relating to monitoring and validating database usage reported by vendors because she considers that the Library follows industry standards in that regard. Instead, the Library intends to query other Canadian libraries to compare practices.

Return to footnote 1 referrer