Information systems audit issues on the rise

Auditor-General's Report to Parliament

26 February 2013

Information systems audit issues on the rise

The Auditor-General, Mr Peter Achterstraat noted there was a 12 per cent increase in the average number of information systems audit issues reported in 2012 compared to 2011. A substantial proportion of these were repeat issues.

“By not addressing these issues in a timely manner agencies are not effectively managing their IT risk which could result in data or systems integrity issues,” said Mr Achterstraat.

Poor information security and disaster recovery planning continue to be the areas of greatest concern across many agencies, accounting for 75 per cent of all information systems audit issues raised in 2012.

Common issues included:

  • weak password security
  • the absence of disaster and data recovery plans for financial systems
  • terminated employees’ ability to continue accessing systems and files
  • inadequate policies around IT security.

Significant shortcomings were also identified in IT project management and agencies’ shared service arrangements.

“I observed poor project management practices resulting in information technology systems not meeting user needs, exceeding planned budgets and not providing expected service delivery” said Mr Achterstraat.

“I am concerned that both the agencies and shared service providers do not understand their responsibilities and accountabilities; especially in managing risks in their shared service arrangements” he added.

The Auditor-General is recommending agencies focus more on better IT risk management and governance processes.

“Agencies can improve their IT risk management and governance by better understanding their IT risk landscape and applying appropriate controls to mitigate those risks” said Mr Achterstraat.

Further information

Barry Underwood, on 9275 7220 or 0403 073 664 and email barry.underwood@audit.nsw.gov.au.

Download full report

Download full media release

Our vision

Making a difference through audit excellence.

Our mission

To help parliament hold government accountable for its use of public resources.

Our values

Purpose – we have an impact, are accountable and work as a team.

People – we trust and respect others, and have a balanced approach to work.

Professionalism – we are recognised for our independence and integrity and the value we deliver.

Our award-winning annual report

Annual Report 2012-2013

We won 2013 Report of the Year and a Gold Award in the 2013 Australasian Reporting Awards.