Skip to main content
Perspective:
Perspective
12 Jan 2026
4 minute read

Canadian governments need more impactful internal audits. How can you uncover more value for citizens?

Deloitte’s internal audit leaders share key findings and challenges from provincial and federal government executives.

Nina Grimes
Darren Liviniuk

Chat with a leader

Get in touch Get in touch

Key takeaways:

  • Internal audit (IA) can help Canada's government bodies find more operational efficiencies and improve citizen trust.
  • Deloitte surveyed federal and provincial audit executives in Canada to identify challenges and priorities surrounding their IA functions, which include risk management, talent challenges, and AI innovation.
  • Government audit executives can improve their IA function by identifying areas of strategic importance, creating a continuous culture of upskilling, and improving cross-government and cross-ministry collaboration.  

Internal audit (IA) is a key function that promotes efficiency, accountability, and transparency across an organization’s many departments and processes. In governments, it’s often housed in a central agency like the Treasury Board Secretariat. Building more value into your IA delivers a trickle-down effect that can improve the public sector's reputation and increase citizen trust.

We chatted with chief audit executives across Canada’s federal and provincial governments. We’ll share common challenges public sector leaders face in their existing IA processes, as well as how they can improve their IAs to create more value.

What we heard from federal and provincial internal audit executives

Naturally, the onus of trust and importance of accountability are higher for governments than the private sector. But our work and recent conversations reveal that both public and private organizations share similar trends and challenges affecting the IA function.

Here’s what we heard from various IA executives across Canada’s federal and provincial governments:

1. Risks are evolving.

Risks are becoming more complex, and they’re hitting governments at a higher velocity. With increased risks in areas such as technology, economy, and geopolitics, multiple audit executives expressed risk management as a key consideration in their IAs.

One executive cited capacity and knowledge constraints in addressing fraud and integrity risks during busy times of technology change and integration. Leading provincial governments are investing in analytics tools to continuously monitor transactions, detect anomalies, and prevent fraud. Others cite a need and willingness to explore technology platforms, but aren’t sure which technologies best suit their needs.

Some organizations said they are considering more data-driven key risk indicators to better track and manage risks. Others are investing in resources to support areas of risk management and organizational resilience.

2. Data governance is top of mind.

Audit executives cite an increased focus on data governance, especially where data is used across functions for data analytics, cybersecurity monitoring, risk management, and the use of artificial intelligence (AI).

Data governance specifically will have interactions and direct effects on the efficiencies and accuracy of reporting and related decisions. Some executives cited accessible and high-quality data analytics as a key function to continue to innovate their IA processes.

3. Talent needs are expanding to reflect new trends.

Some executives cited talent challenges in their IA function. Staff don’t always have the knowledge needed to address changing trends, including AI, financial crime, data analytics, and emerging information technology.

This will call for government organizations to partner with subject matter experts to implement new protocols and talent strategies to attract and retain varying skill sets or to launch upskilling programs.

What governments can do to improve internal audits

1. Identify areas in the internal audit to create value of strategic importance

IAs have multiple moving parts, which can cause many in the IA function to revert to more of a checklist approach. Governments will miss key opportunities for value creation if they don’t zoom out to view the bigger picture.

Our IA specialists advise governments of all levels to focus on the areas that are of the highest risk and present the most value to the broader organization. These are otherwise known as areas of the most strategic importance. These may include:

  • Creating or protecting value for money
  • Reducing third-party risk
  • Enhancing technology adoption to create efficiencies
  • Speeding up IA to identify and report on issues in a faster, more agile manner

IA functions not only provide assurance, but also can help advise, anticipate, and even help the organization accelerate in the areas of most importance.

2. Create a continuous culture of upskilling within the internal audit function

Leading audit executives are thinking about the skills of the future. These skills might relate to using emerging technologies like AI in audit work, or auditing the use of these same technologies in government processes.

A successful IA function requires a culture of innovation with safe spaces to learn, fail fast, and iterate. This environment can improve both productivity and the talent experience within IA.

3. Improve cross-government and cross-ministry collaboration

In the name of security, some audit executives shared that they keep data breaches, incidents, and other risks “close to the vest.” While this approach intends to manage risk, it could actually result in slower progress.

Since your broader team and ministerial counterparts don’t hear about the occurrence or subsequent lessons learned, they can’t leverage those learnings. Risk is interactive. Sharing risks and lessons learned can help your organization address threats and inform audit plan development.

Elevate your internal audit with Deloitte

Your IA is only useful if it can directly respond to Canadians’ expectations for affordability, cost containment, and relevance. While many governments have taken great strides toward stronger data governance and more impactful audits, there’s always room to continue to learn, improve, and create more value.

Deloitte’s industry experience and subject matter expertise spans audit and assurance, as well as cybersecurity, ESG, AI, and other multidisciplinary models. You can tap on us for all your organization’s strategy and transformation needs so you can deliver a more impactful IA.

We’re here to help. Call a leader below to discover ways to improve your internal audit—and in turn, citizen trust.  

Did you find this useful?

Yes
No

Thanks for your feedback

Chat with our leaders

Nina Grimes

Nina Grimes

Audit and Assurance Leader for Government and Public Sector
Darren Liviniuk

Darren Liviniuk

Partner Audit & Assurance
780-421-3685

Explore more insights

Now is a pivotal time for payments

Payments are the lifeblood of our country and economy. As some of the largest payment originators and receivers, governments play a crucial role in developing and offering modern payments systems.
Perspective
9 minute read

Role of the Deputy Minister

Generative AI presents significant opportunity to the future of the Public Service — and to the role of Deputy Minister itself.
Perspective
2 minute read

Reshaping expertise using Gen AI

In the evolving landscape of artificial intelligence, it's easy to assume that AI only affects repetitive, mundane work. After all, you can’t automate expertise. Or can you?
Perspective
8 minute read