Volume One 2013 focusing on themes from 2012

Governance and project management issues on the rise

The taxpayer is being exposed to unnecessary financial risks with some key decisions and projects proceeding without proper governance and project management. Projects sometimes proceed with no business case and with poor risk management. Some service providers are being engaged with no service level agreements.

“Governance and project management need more focus. There was a significant increase in the number of recommendations I made in this area in 2012. Effective project governance is critical to ensuring project success and prudent use of taxpayer money,” said Mr Achterstraat.

On a positive note, government agencies are addressing significant recommendations in previous financial audit reports to Parliament.

“I am pleased to note that more than 85 per cent of the recommendations in my 2011 financial audit reports to Parliament were implemented in 2012. Whilst this is less than 100 per cent, NSW government agencies clearly acted on my significant recommendations,” said Mr Achterstraat.

However, NSW government agencies need to do more to follow up more detailed recommendations that are made directly to management.

Common issues included: 

  • poor review of assets useful lives

  • failure to physically verify an asset’s existence and condition

  • incomplete property, plant and equipment registers

  • excessive annual leave balances

  • excessive overtime

  • incorrect leave balances 

“One in three of my 2011 management letter recommendations were not actioned by agencies in 2012. This must improve. Agencies need to have the same level of commitment to addressing these recommendations as those reported to Parliament,” said Mr Achterstraat.

Information systems audit issues on the rise

The Auditor-General, Mr Peter Achterstraat noted there was a 12 per cent increase in the average number of information systems audit issues reported in 2012 compared to 2011. A substantial proportion of these were repeat issues.
“By not addressing these issues in a timely manner agencies are not effectively managing their IT risk which could result in data or systems integrity issues,” said Mr Achterstraat.

Poor information security and disaster recovery planning continue to be the areas of greatest concern across many agencies, accounting for 75 per cent of all information systems audit issues raised in 2012.

Common issues included:

  • weak password security

  • the absence of disaster and data recovery plans for financial systems

  • terminated employees’ ability to continue accessing systems and files 

  • inadequate policies around IT security.

Significant shortcomings were also identified in IT project management and agencies’ shared service arrangements.

“I observed poor project management practices resulting in information technology systems not meeting user needs, exceeding planned budgets and not providing expected service delivery” said Mr Achterstraat.
“I am concerned that both the agencies and shared service providers do not understand their responsibilities and accountabilities; especially in managing risks in their shared service arrangements” he added.
The Auditor-General is recommending agencies focus more on better IT risk management and governance processes.

“Agencies can improve their IT risk management and governance by better understanding their IT risk landscape and applying appropriate controls to mitigate those risks” said Mr Achterstraat.

More timely reporting but quality of financial reporting has a way to go

The Auditor-General, Mr Peter Achterstraat, noted the timeliness of New South Wales government agencies financial reporting improved significantly in 2012. However, the quality of financial reporting needs to improve to be more useful to Parliament, Government decision making and enhanced public sector accountability.

“Accounting misstatements were common in financial reports submitted by NSW Government agencies for audit,” said Mr Achterstraat. 
The main causes impacting the quality of financial statements were:

  • insufficient quality reviews in agencies’ financial reporting processes

  • insufficient financial accounting expertise when applying accounting standards

  • delays in identifying and resolving accounting issues arising from significant transactions

  • lack of strategic financial management capability.

“I am looking forward to agencies embedding better processes, aimed at reducing errors,” said Mr Achterstraat.

Further information

Barry Underwood, Executive Officer, on 9275 7220 or 0403 073 664, barry.underwood@audit.nsw.gov.au