Corporate Audit of Security
Final Summary Report

2.2 Objectives and Scope of the Audit

The overall objective of this audit was to assess the effectiveness and efficiency of the departmental security program at CIC and its compliance with the 1996 GSP and the 1994 and 1995 Operational Standards. This broad objective was examined by focusing on the effectiveness of the management structure of the security organization, security administration (the effectiveness of the security program, the adequacy of security training and education, and threat and risk assessments) and security operations (protection of information, effective personnel screening, physical safeguards for the protection of personnel and physical assets, and computer hardware and software), among other objectives.

The scope of the audit encompassed all aspects of security for all business lines of the Department, on a sample basis. This audit was directed by CIC Corporate Review and conducted under contract by Hallux Consulting Inc. between November 2000 and May 2001. Briefings were held during and after the audit field work. As a result of the events of September 11, 2001, the auditors conducted additional security briefings with CIC staff during the fall and winter of 2001–2002.

<< Contents| Previous | Next >>

Need Help? Find answers in the Help Centre