Cyber Security NSW
2022-23
Contents

Overview

Audit background

Cyber Security NSW (CS NSW) was established in 2019 in response to the 2018 performance audit report, Detecting and Responding to Cyber Security Incidents. That audit found that there was no whole-of-government capability to detect and respond effectively to cyber security incidents. CS NSW is relatively new and operates within the Department of Customer Service (DCS) with a large scope of responsibilities. As such, the focus of this audit is on examining whether it has established the necessary planning and governance processes to enable it to meet its objectives, and whether it has established a clear role in the sector.

Audit objective

This audit will assess the effectiveness of CS NSW’s arrangements in contributing to the NSW Government’s commitments under the NSW Cyber Security Strategy, in particular, increasing the NSW Government’s cyber resiliency.

Lines of inquiry:

  • Are internal planning and governance processes in place to support CS NSW meet its objectives?
  • Are CS NSW roles and responsibilities defined and understood across the public sector?

Estimated tabling period

January 2023

Agencies audited

Department of Customer Service