Upgrades to core policing technology
Justice
Information technology
Internal controls and governance
Procurement
Project management
Risk
Workforce and capability
Contents
1. Report snapshot
Click to expand
Fast facts
2. Executive summary
Click to expand
Context
Audit objective
Conclusion
Key findings
Recommendations
3. Introduction
Click to expand
3.1. Overview of the NSW Police Force
3.2. ICT and procurement frameworks
3.3. Core policing technology systems
4. Initial business case and procurement
5. Transitional delivery
6. Program reset
Appendices
Download PDF
Report snapshot PDF

1. Report snapshot

Objective

This audit assessed whether the NSW Police Force efficiently and effectively planned and sourced key components to upgrade core policing technology systems.

Key findings

The NSW Police Force did not effectively plan and has not yet delivered the program

By December 2025, the NSW Police Force had spent over $155 million delivering some essential technology upgrades and replacing only 1 of 5 core systems in full, with most functions still dependent on outdated platforms.

The contract was awarded to a supplier that posed a high delivery risk

The NSW Police Force conducted a structured and competitive procurement that complied with NSW Government requirements. However, despite warnings from advisers and gateway reviews, it proceeded with a supplier whose solution promised operational benefits even though it posed known capability and delivery risks.

Supplier non‑performance caused delays and costs with no ongoing benefit

The selected supplier was unable to deliver key system components. The NSW Police Force terminated the contract in 2022 after significant delays and expenditure.

There was no effective oversight of timelines, budget controls or risks

Following contract termination, the NSW Police Force did not maintain effective governance, capability or appropriate financial controls. This slowed decision making and prolonged reliance on legacy systems. 

The NSW Police Force reset the program in mid-2024, reducing program delivery risks

Since mid-2024, there have been significant improvements to governance and program management, and the NSW Police Force has developed an enterprise digital strategy. These have stabilised the program.

The NSW Police Force estimates it needs additional funding to deliver the program

The program delivery date is now June 2031, 4 years later than originally planned. The NSW Police Force estimates that it will need an additional $78 million in capital funding and $415 million in recurrent funding to deliver the program.

Recommendations

The NSW Police Force should demonstrate effective program governance throughout the remaining life of the program and incorporate lessons learnt to manage risks to ensure program success.

Fast facts

2. Executive summary

Context

As of June 2025, the NSW Police Force, Australia's largest law enforcement agency, had nearly 16,000 sworn officers and 4,500 civilian staff serving almost 8.5 million people across 801,600 square kilometres. The NSW Police Force requires robust technology systems to give frontline officers timely information at incidents and to process crime records efficiently to support judicial process and improved community safety.

The Computerised Operational Policing System (COPS) is the NSW Police Force’s primary system to support police operations. It was implemented in 1994 and is hosted on outdated mainframe technology, using an obsolete programming language. COPS supports day-to-day policing by recording incidents and maintaining information to support case management and investigative activity. Other core policing technology systems that support activities include computer aided dispatch (CAD), forensics and exhibits management, custody management, and major investigations and intelligence gathering. These systems are critical for effective policing in NSW.

The NSW Police Force has made several attempts to upgrade or replace its core systems since 2006. This audit focuses on the activities of the NSW Police Force to replace core systems from 2018 to 2025. The program to replace core policing systems was known as the Integrated Policing Operating System (IPOS) from 2018 until 2024, when it was renamed the Police Technology Program (PTP). The audit did not review administrative systems used for staffing, rostering or finance, or other technology and equipment used by frontline staff, such as body-worn video.

On 20 November 2024, the Law Enforcement Conduct Commission (LECC) referred a complaint to the Audit Office of New South Wales under section 162 of the Law Enforcement Conduct Commission Act 2016, concerning the NSW Police Force’s administration of the IPOS project. The Auditor-General accepted this referral and began the audit in 2025.

Audit objective

This audit assessed whether the NSW Police Force has efficiently and effectively planned and sourced key components to upgrade technology systems that support core policing functions. The audit assessed this with the following questions:

  1. Did the NSW Police Force effectively plan for upgrades to technology to support core policing functions?
  2. Was the procurement of core policing technology systems transparent, competitive and compliant with NSW Government policies and procedures?
  3. Did the NSW Police Force establish and maintain effective governance of core policing technology upgrades?

Conclusion

The NSW Police Force has not efficiently or effectively planned and sourced key components to upgrade core policing technology systems.

The NSW Police Force did not adequately plan critical system upgrades. Despite spending over $155 million (47% of the $328 million allocated program budget) between March 2021 and December 2025, several replacement systems are still outstanding. The NSW Police Force has upgraded essential supporting technology infrastructure and delivered 1 of the 5 core systems. The slow progress has required the NSW Police Force to allocate program funds to extend the life of its legacy systems. In the meantime, the delay in delivery has resulted in technology and operational risks and reduced operational effectiveness. The NSW Police Force has identified it has insufficient funding to deliver the program and will not complete it until 4 years later than originally planned.

The NSW Police Force conducted a structured and competitive procurement process in 2019, which included external assurance, to select suppliers for the program. In 2020, the NSW Police Force awarded the contract through a competitive process to a US technology firm whose product best met operational requirements. This was despite uncertainty about the supplier’s capability. Ultimately, the supplier was unable to deliver, which resulted in lengthy delays to the program and waste of public resources.

The NSW Police Force did not establish and maintain effective governance to support timely and coordinated program delivery. However, following an external review of the program in 2024, both governance and program management have improved significantly.

Key findings

Operational, financial and technology risks identified in the 2018 strategic business case remain unaddressed due to program delays

For more than a decade, the NSW Police Force recognised that its core policing technology systems, particularly COPS, had reached or exceeded end of life. The strategic business case for the program prepared in 2018 documented operational, financial and technology risks arising from continued reliance on legacy systems, including reduced frontline efficiency, rising maintenance costs and difficulty recruiting staff with specialist skills. In the 2025 updated business case, the NSW Police Force noted escalating risks to service continuity, cyber security and public safety.

The NSW Police Force received funding for the program in February 2021, which included upgrades to technology infrastructure. By December 2025, the NSW Police Force had spent around $155 million of the approved $328 million capital allocation for the core technology program. Program delays and underspend occurred because the supplier selected by the NSW Police Force was unable to deliver the product in accordance with the contract.

While essential technology infrastructure and the forensics and exhibits system have been upgraded, other core systems identified in the original business case remain dependent on legacy platforms. This requires ongoing funding, increases technology risk and reduces operational effectiveness.

Despite a thorough procurement process, the NSW Police Force selected a supplier identified as high risk, and developed mitigation strategies to reduce contract risk

The NSW Police Force conducted a comprehensive and competitive procurement process for IPOS between 2018 and 2020. The process included extensive scenario testing, site visits, external probity advice and gateway reviews. It complied with NSW Government procurement requirements. The procurement process identified 3 viable suppliers to deliver the product.

The NSW Police Force selected an overseas start-up technology firm ahead of 2 other viable suppliers because the preferred supplier scored higher on operational criteria. It accepted risks associated with this supplier, supported by a series of contractual risk mitigation measures. Gateway reviews and external advisers had warned NSW Police Force decision makers about delivery optimism and the program's resourcing constraints. They also warned about capability risks for the highest ranked supplier. In addition, the NSW Police Force’s legal and procurement advisers raised concerns about the preferred company’s financial position, limited experience delivering systems of comparable scale, and the absence of key capabilities, such as forensics and exhibits.

In June 2022, the supplier advised the NSW Police Force that it could not deliver a forensics and exhibits system, and that delivery of a minimum viable CAD capability would be delayed by several years. The NSW Police Force terminated the contract when it became clear that the supplier could not meet contractual milestones. Up until then, the NSW Police Force had spent close to $20 million in expenditure on work that delivered no ongoing benefit.

To reduce the likelihood of repeating this experience, the NSW Police Force has since changed its procurement approach, moving away from a single vendor delivery model and applying stricter requirements for supplier capability and experience.

The NSW Police Force has delivered several systems and upgraded essential information and communications technology infrastructure

Since funding was approved in 2021, the NSW Police Force has delivered or partially delivered several systems, including a replacement for the forensics and exhibits system. It has also made improvements to critical information and communications technology (ICT) infrastructure such as cloud hosting, security and systems integration. These investments support operational policing and enable capability for future core systems.

The NSW Police Force has delivered upgrades to mobile policing tools, including streamlining the recording of inspections and domestic violence incidents. It has also introduced a system that allows police to interact directly with the public through location sharing and live video.

The NSW Police Force went out to tender for a new CAD system in early 2024 and expects to deliver the upgrade in 2027. In late 2024 it re-started the procurement process for a replacement for COPS.

The NSW Police Force reset program governance and delivery arrangements in 2024, addressing weaknesses experienced earlier in the program, but key person reliance remains a risk

Between 2022 and 2024, the program steering committee did not provide consistent business leadership or effective oversight of timelines, budgets or risks. Internal audits, gateway reviews and external reviews during this period consistently highlighted weaknesses in program management, decision making and financial control.

At the same time, the NSW Police Force found it difficult to recruit and retain staff with specialist ICT and program management capability, including staff with legacy system knowledge required to maintain COPS while planning its replacement. These factors delayed the program.

In mid-2024, the NSW Police Force initiated a program reset. Senior leaders clarified accountability, strengthened governance structures and introduced more consistent project reporting and financial tracking. The NSW Police Force revised the program strategy and operating model, introduced a phased implementation approach and improved program assurance. The NSW Police Force has also developed a digital strategy that provides clarity to the program.

These changes have stabilised the program and improved decision-making transparency. Independent health check reviews conducted in 2024 and 2025 acknowledged improvements in governance and program management and assessed overall delivery confidence as medium, while noting the importance of ensuring continuity of key personnel. The program remains vulnerable to setbacks if the capability of key personnel is diminished.

Full delivery is not expected until 2031, 4 years after the originally identified end date

Critical components of the core technology program remain outstanding. In the 2020 final business case, the NSW Police Force had planned to upgrade core policing systems by June 2027. The 2024 program reset revised the program end date to 2031, 4 years later than originally planned. Phase 1 of the program is now scheduled for completion in 2029, with phase 2, including COPS modules for intelligence management and custody management, due in 2031.

In the meantime, the NSW Police Force has maintained end-of-life legacy systems for significantly longer than expected, increasing both capital and recurrent expenditure on systems that do not contribute to future capability. Continued reliance on legacy systems also exposes the NSW Police Force to technology risk and reduces operational effectiveness.

The NSW Police Force estimates it will require additional capital and recurrent funding to complete the program due to rising costs, a change in strategy and earlier incorrect assumptions

The NSW Police Force prepared a revised program business case in late 2025, which estimates it will require an additional $78 million in capital funding (additional to the $328 million allocated in 2020). It also estimates it will require $415 million in recurrent funding to deliver the remaining program components from 2026 through to 2031.

The revised business case attributes the additional funding need to rising costs of ICT salaries, less favourable contract terms than it was able to secure in 2020, the move to a multi-vendor strategy and incorrect assumptions made in the 2020 business case. The NSW Police Force had previously expected that decommissioning the mainframe systems and moving to ‘software-as-a-service’ would reduce recurrent expenditure by around $25 million per year from 2027–28 to 2038–39.

Recommendations

Throughout the remaining life of the program, the NSW Police Force should:

  1. demonstrate effective program governance arrangements that:
    1. support delivery of the Police Technology Program in line with planned milestones
    2. maintain robust budget controls to align spending with approved funding and scope, and to ensure early identification and management of variances
    3. achieve intended outcomes by driving clear accountability, effective oversight of delivery risks and assessment of value for money
    4. ensure effective management of technology‑enabled transformation and organisational change
    5. ensure the required capability is maintained
  2. apply lessons learned from the early procurement and program management experience to the program, particularly in relation to procurement capability, supplier selection and early intervention where delivery risks emerge.

3. Introduction

3.1. Overview of the NSW Police Force

The NSW Police Force is organised through a statewide command structure made up of metropolitan and regional police areas that are divided into local police area commands and police districts. Frontline policing is supported by specialist commands and central corporate functions that provide services across the organisation and support consistent operations across the state. The Technology and Communication Services Command provides information and communications technology (ICT), data, cyber security and communications services that support frontline policing, specialist operations and corporate functions across the NSW Police Force.

The organisation is led by the Commissioner of Police and governed through senior executive governance groups. The NSW Police Force has a mixed workforce made up of sworn police officers – in frontline policing and specialist law enforcement roles – and civilian staff who support these activities by providing corporate, professional and specialist services. In June 2025, the NSW Police Force comprised nearly 16,000 sworn officers and 4,500 civilian staff.

3.2. ICT and procurement frameworks

ICT strategies and frameworks

The NSW Police Force operates within a whole‑of‑government policy environment that sets expectations for digital investment, cyber security, and the protection of people, information and assets.

The NSW Digital Strategy sets out the NSW Government’s approach to digital transformation, including improving service delivery, modernising legacy systems, and strengthening data and technology capabilities across government agencies. It emphasises user‑centred design, systems that work well together, effective governance, and responsible use of data to support better outcomes and value for money.

The NSW Cyber Security Policy sets mandatory requirements for NSW Government agencies to manage cyber security risks. Agencies must implement appropriate governance, risk management and technical controls to protect information and systems from cyber threats, including risks from using legacy systems, integration between systems and working with third‑party service providers.

At the Commonwealth level, the Australian Protective Security Policy Framework (PSPF) provides principles and minimum requirements for safeguarding government people, information and assets, both within Australia and internationally. It is the Australian Government’s overarching framework for managing security risks, and covers 6 security domains, including personnel, information, technology and governance. The framework applies to NSW Government agencies that hold or access Australian Government security classified information.

NSW Government procurement standards and oversight

NSW Government agencies must follow whole‑of‑government procurement policies and frameworks when buying goods and services to ensure value for money and manage risks. For ICT procurements, agencies are expected to use the NSW Government ICT Purchasing Framework, which sets out approved procurement methods and contract arrangements.

NSW Treasury plays a central role in overseeing major government expenditure, including setting requirements for business cases and investment decisions for significant ICT projects. Treasury guidelines inform how agencies develop and seek approval for capital and recurrent funding and ensure proposals fit within government priorities and available budgets.

The NSW Department of Customer Service (DCS) has a key role in digital and ICT governance across the NSW public sector. The DCS administers the NSW ICT Digital Assurance Framework, which applies to major ICT projects and provides a risk‑based, independent assurance process. The framework is intended to provide government decision makers with confidence that ICT initiatives are appropriately planned, governed and managed.

As part of this framework, gateway reviews are conducted at defined stages of major ICT projects, including during strategic planning, business case development and procurement. Gateway reviews provide independent assessments of project readiness, delivery confidence and key risks, and are used to inform decisions about whether projects should proceed to the next stage.

Between 2019 and 2025 there were 7 independent reviews of the NSW Police Force’s core technology program plus one internal audit. These are described in Appendix 3.

3.3. Core policing technology systems

This audit focuses on core policing technology systems that were identified as the Integrated Policing Operating System (IPOS) ecosystem in the strategic business case prepared by the NSW Police Force in 2018:

  • Computerised Operational Policing System (COPS)
  • computer aided dispatch (CAD)
  • forensics and exhibits (EFIMS)
  • custody management
  • major investigations and intelligence gathering (E@gle-i).

The strategic business case also identified that the NSW Police Force needed to improve system and data integration and take advantage of changes in technology such as cloud-based systems. The 2020 final business case addendum provided a schedule for critical infrastructure upgrades to support core policing systems.

During the audit period, the NSW Police Force also delivered projects under the Integrated Connected Officer (ICO) program. The ICO initiative aims to equip frontline police with real-time information and digital tools to boost efficiency, support better decision making and enhance officer safety in the field. Projects included improvements to data collection and storage from body-worn video, in-car video and automated number plate recognition. However, ICO projects fall outside the scope of this audit, as they are not considered ‘core policing technologies’ and were not funded through the IPOS program.

History of COPS upgrade attempts from 2007 to 2017

While this audit considers activities from 2018 to 2025, the NSW Police Force had previously attempted to upgrade core policing technology systems.

The NSW Police Force first attempted to replace COPS in 2006. Then, the NSW Police Force deemed commercially available systems too expensive, so focused on modernising the existing COPS. The operational policing program (OPP) began in 2007. It was divided into 4 phases but was only partially delivered.

OPP phases delivered between 2011 and 2014:

  • 2011 ‒ improved user interface known as WebCOPS, developed by an external provider
  • 2013 ‒ enhanced reports and search functionality in COPS, plus data security framework, also developed by an external provider
  • 2014 ‒ updated COPS custody management system, developed in-house.

The next phase of OPP included COPS event, intelligence and case management modules, as well as a community portal. The NSW Police Force engaged external providers to design and build the system, with design work beginning in 2013 and building activities starting in 2016. The community portal went live in 2016, and a proof of concept for the COPS modules was completed in 2017.

The NSW Police Force was allocated $45 million capital funding in 2013 to update COPS (later increased to $49 million). The NSW Police Force prepared a revised business case in 2017 after the proof of concept for COPS modules was delivered. The business case requested $187 million over 7 years to 2020–21 for a new COPS mainframe system, an increase of $138 million (280%) over previous funding. The funding was not approved, so this attempt to replace COPS was abandoned in 2018, after $36 million had been spent on the custody management system, community portal and COPS proof of concept.

Core policing systems in use in 2018

The NSW Police Force prepared a strategic business case in October 2018 that set out the need for investment in improved technology systems. It noted that there were over 300 systems and sub-systems supporting operational policing activities and 207 interfaces between COPS and internal or external systems. Figure 1 shows key policing systems in use in 2018.

Diagram of core policing systems with COPS at the centre, surrounded by ten other systems. The diagram's two-way arrows representing integrated subsystems. The subsystems are CAD for incident management; MobiPOL apps on Police mobile devices; body-worn video; custody management system; LIVESCAN digital fingerprinting; VIEWIMS multimedia image management; Eagle-I investigation management; community portal for online public reporting; Chimera intelligence records and FIMS exhibits and forensic information.
Figure 1: Core policing systems in use at the time of the 2018 business case

Source: Adapted by the Audit Office of New South Wales from the NSW Police Force’s 2018 strategic business case.

IPOS and Police Technology Program time periods

This audit covers a 7-year period from late 2018 to December 2025 in 3 phases:

  • Initial business case and procurement – IPOS program, from October 2018 up to the termination of the primary supplier contract in June 2022 (Chapter 4)
  • Transitional delivery – IPOS program, following the termination of the primary supplier contract, up to the review of program management and governance in May 2024 (Chapter 5)
  • Program reset – IPOS program following program management and governance review, then re-branding as the Police Technology Program; this chapter also considers future risks to program delivery (Chapter 6).

Appendix 2 provides a summary diagram of key activities through the program phases.

4. Initial business case and procurement

In 2017, the NSW Police Force established the Integrated Police Operating System (IPOS) program to replace the Computerised Operational Policing System (COPS) and the computer aided dispatch (CAD) system, as well as forensics, investigations and custody management systems. The NSW Police Force estimated the cost to replace the COPS mainframe hardware and systems would be at least $400 million, so instead decided to procure a ‘software-as-a-service’ solution by choosing the most suitable commercial off-the-shelf product.

This chapter considers the period from 2018 to June 2022, which spans procurement activities until the NSW Police Force terminated the primary supplier contract. Subsequent chapters in this report consider the later time periods.

The NSW Police Force identified the risk of maintaining legacy systems and the need for investment in core policing systems

The NSW Police Force prepared a strategic business case in October 2018 that identified the risk of maintaining legacy systems and the need for investment in core policing systems. The business case noted that the software and hardware costs were high and increasing, that the skilled programmers who maintained the existing systems were approaching retirement and that recruiting new programmers was difficult. Core policing systems were assessed as having a medium to high risk of system failure, which would have a serious impact on operational policing activities.

The strategic business case presented 3 options:

  1. do the minimum – maintain existing platforms
  2. IPOS – a commercial modular system provided as a suite of packages
  3. hybrid – a bespoke rebuild of COPS and key satellite systems plus purchase of a commercial system for CAD.

The NSW Police Force identified option 2 as the preferred option. It assessed the technology and police operational risks as low risk, and the implementation risk as medium. The gateway review of the strategic business case concluded that IPOS was a large-scale transformation program and that the NSW Police Force needed to undertake further work to identify, assess and mitigate major risks.

The NSW Police Force conducted a thorough assessment to identify a suitable replacement for its core systems

The NSW Police Force went to market for a commercial modular system in late 2018. Between October and December 2018, the NSW Police Force narrowed down 23 proposals to 3 possible vendors through short-listing, detailed assessments and requests for additional information. The IPOS procurement documents stated that proposals should be submitted by a prime contractor and consortium partners (if required).

At the beginning of the procurement process, the NSW Police Force developed a detailed evaluation framework and a Core Tender Evaluation Committee (CTEC), comprising 10 assistant commissioners responsible for front line policing and the chief information technology officer. Functional tender evaluation teams (FTET), involving around 100 operational police staff, ICT experts, and representatives from finance, procurement and legal teams, supported the CTEC.

The NSW Police Force received 23 submissions from individual vendors and consortia, 13 organisations received full Request for Proposal (RFP) materials, and 6 complying tenders were submitted in November 2018. Following scenario demonstrations and value-for-money assessments, the NSW Police Force selected 3 vendors to progress to the next stage. In March 2019, the NSW Police Force conducted ‘deep dive’ sessions with the 3 vendors, which involved scenario-based demonstrations and hands-on testing.

All 3 vendors demonstrated potential efficiency savings for the NSW Police Force. One consortium was ranked first on most of the assessable factors, scoring much higher than the other 2 vendors on operational factors. The NSW Police Force decided to continue assessing all 3 vendors, because the deep dive demonstrations only accounted for 35% of the overall evaluation weighting. The remaining 65% of the weighting applied to commercial, financial and technology criteria, which were assessed through a refined RFP evaluation stage.

Table 1 summarises the NSW Police Force’s compliance with NSW Government and internal procurement policies and guidelines.

Table 1: NSW Police Force’s compliance with relevant agency and government policies and guidelines
 IPOS procurement 2019–2020
Evaluation plans were consistent with NSW Government requirements and good practice guidanceCompliance with policies, procedures and guidelines
Evaluation processes were consistent with requirements and good practiceCompliance with policies, procedures and guidelines
Evaluation plans set out clear and specific evaluation criteriaCompliance with policies, procedures and guidelines
Evaluation methodologies were consistent with NSW Police Force guidanceCompliance with policies, procedures and guidelines
Multi-level governance structures consistent with good practice were establishedPartial compliance with policies, procedures and guidelines
Expressions of interest evaluation plan and tender evaluation plan were followedCompliance with policies, procedures and guidelines
Independent assurance reviews consistent with the NSW ICT Digital Assurance Framework occurred at key stagesCompliance with policies, procedures and guidelines
Due diligence checks were completed on the preferred proponentCompliance with policies, procedures and guidelines

Source: Audit Office of New South Wales analysis of IPOS procurement documents and NSW Government procurement policies, procedures and guidelines.

In May 2019, the NSW Police Force released its refined RFP and assessed vendors though site visits and reference checks, looking at products in use in other policing agencies. Following the site visits, the consortium that scored highest during deep-dive sessions was ranked first. The evaluation also included an independent financial assessment, which rated this consortium as third. All 3 proposals were non-complying with some of the NSW Police Force’s commercial requirements, for example by not agreeing to all the responsibilities of the prime contractor. However, following independent probity advice, the NSW Police Force decided to proceed with procurement.

The NSW Police Force engaged external reviewers to support decision making and identify key risks

During the IPOS procurement process, the NSW Police Force engaged external probity advisers who reviewed documents and attended vendor demonstrations. External reviewers and evaluators identified risks in contracting with an overseas start-up firm with current and forecast losses, and no experience of contracts as large as the NSW Police Force. While the firm had delivered records management and computer aided dispatch systems to police services in the US, these were for much smaller police services with fewer functions compared with the NSW Police Force. In addition, the product did not include an existing forensics and exhibits system, which would require development of a new module rather than adapting existing software.

In September 2019, the NSW Police Force conducted a whole-of-government review focused on vendor engagement risk and invited representatives from the NSW Department of Customer Service (DCS), the NSW Department of Finance, Services and Innovation (DFSI), and the NSW Chief Procurement Officer to participate. The reviewers considered the procurement risks and how to reduce the likelihood of the risks occurring, and recommended further negotiation with the prime contractor and consortium partner before entering into contracts.

Following this review, the core tender evaluation committee concluded that the proposal from supplier A as prime contractor and supplier B as a consortium partner was the best option, scoring much higher than the other 2 viable solutions on operational criteria. The NSW Police Force considered options for contracting and sought additional legal advice. In November 2019, the NSW Police Force considered going back out to market to find a complying solution but the program steering committee decided that this would create an unacceptable delay for the project.

The NSW Police Force extended the due diligence period after risks were identified in the choice of suppliers, while changing the technical requirements caused further delays

In March 2020, the NSW Police Force selected supplier A as the prime contractor and systems integrator, with responsibility to manage end-to-end delivery of the program, including coordinating program streams, testing the product developed by supplier B and providing system security. As the prime contractor, supplier A was responsible for supplier B’s performance and took on the commercial risk for the contract. The NSW Police Force entered into short-term phase 0 contracts with both suppliers to validate the RFP response, confirm scope, provide updated pricing and negotiate the final contract schedules. Before beginning phase 0 the NSW Police Force negotiated ‘term sheets’ with the suppliers, which set out the key commercial terms to be agreed before the contracts were signed.

The NSW Police Force extended the duration of phase 0 in the procurement process to allow for extensive due diligence. Phase 0 was originally planned to finish in September 2020, but it ran until February 2021.

During phase 0, the NSW Police Force revised the technical requirements for IPOS to increase its level of control over information and technology security. These changes included reconsideration of the original data storage and hosting location, clarification of security and sovereign ownership and responsibilities, and stronger alignment with government security requirements, including the Protective Security Policy Framework (PSPF). These changes had implications for system architecture and contractual arrangements. As a result, the NSW Police Force undertook extensive negotiations with supplier B to reassess security controls, hosting arrangements and delivery responsibilities.

Exhibit 1: Variations to supplier B’s standard operations

The NSW Police Force required Supplier B to vary its standard approach.

  • System and data location – supplier B’s standard approach was to host the system and store data on servers located in the US. While this was suitable for its existing US-based clients, it did not meet the PSPF's security requirements. The vendor agreed to develop a NSW Police Force specific instance of the system and store it in an Azure cloud environment located in Australia.
  • Location of staff – supplier B agreed to set up a team based in Sydney to work alongside NSW Police Force staff and support delivery, rather than rely only on US-based personnel.
  • System source code – under supplier B’s normal commercial arrangements, customers did not control the source code. The NSW Police Force required a copy of the program code to be stored in its cloud environment as a safeguard in case there were problems with the supplier.
  • Delivery approach – supplier B was required to adapt its standard agile development and delivery approach by incorporating more formal planning, approval processes and milestones, consistent with NSW Government governance and assurance requirements.

Source: Audit Office of New South Wales review of NSW Police Force documents.

During the due diligence process, supplier A resigned from the prime contractor role, reducing its responsibilities and level of accountability for IPOS delivery, and proposed to continue with the systems integrator role. This increased the risk for the NSW Police Force because supplier A would no longer be responsible for supplier B’s performance. The NSW Police Force accepted supplier A's resignation from the prime contractor role but did not accept the proposal for supplier A to continue in the systems integrator role. This did not constitute a breach of contract because the program was still in the due diligence phase.

The NSW Police Force entered into a phase 1 contract for program delivery with supplier B, but not with supplier A

The NSW Police Force decided that the involvement of supplier A increased the complexity and risk of the program, especially in solution architecture. The NSW Police Force concluded that supplier A was not sufficiently familiar with supplier B’s products, was not working well with supplier B, and was not providing the expected leadership in solution design and risk management. The NSW Police Force removed supplier A as systems integrator in June 2020 and took on this role itself.

The NSW Police Force implemented proactive risk management strategies in the final contract with supplier B. This included:

  • a bank guarantee from supplier B
  • quarterly financial health checks to provide early warning of solvency issues
  • payment for actual deliverables based on milestones
  • relocating staff from supplier B to Australia to deliver the program
  • NSW Police Force ICT staff learning the programming code.

To limit potential financial losses, the NSW Police Force built 5 exit points into the final contract with a ‘go/no-go’ decision required at each stage.

The NSW Police Force prepared business cases that were informed by operational needs

The NSW Government Business Case Guidelines, administered by Treasury, assist NSW Government agencies to seek approval for capital and recurrent funding. The guidelines set out the criteria that agencies should consider, including the case for change, economic and financial analysis, and benefits expected from the proposal.

Following the 2018 strategic business case, the NSW Police Force prepared a final business case in November 2019. This identified that critical information was not available to police and partner agencies in real time and noted that ICT systems were slow and limited collaboration. The final business case concluded that legacy systems were unnecessarily complex and inhibited operational policing.

In November 2020, the NSW Police Force prepared an addendum to the final business case (FBCA). This set out the expected costs and benefits of contracting with supplier B and presented a schedule for implementing core system upgrades. The FBCA estimated that IPOS would allow operational staff to create incident records more quickly, reduce data entry into different systems and provide reliable information on mobile devices. The NSW Police Force had selected supplier B based partly on the deep-dive assessments, where supplier B scored much higher than the other 2 vendors on operational factors.

Gateway reviews had identified the risks of remaining with existing ICT systems and the risks of contracting with an overseas start-up technology firm

The NSW ICT Digital Assurance Framework, administered by the DCS, applies to major ICT projects in NSW Government agencies. Gateway reviews occur at different points through the planning and procurement of major ICT projects and provide an independent assessment of activities. Appendix 3 provides more information on reviews and health checks throughout the audit period.

The Department of Finance, Services and Innovation (DFSI) conducted 2 gateway reviews in mid-2019. The Gate 1 review, which considered strategic alignment, assessed the 3 options for replacing core systems and found that the strategic business case understated the risk of maintaining the existing platforms. The review concluded that IPOS was the only viable option. The DFSI rated delivery confidence as medium.

The DFSI conducted the next gate review (Gate 3A and Gate 4A) in July 2019. This review, which was focused on procurement, tendering approach and evaluation, assessed delivery confidence as low. It noted that the program plan was inadequately resourced and based on overly optimistic timeframes. The DFSI raised concerns that the NSW Police Force planned to select the preferred provider before finalising key commercial terms.

The DCS conducted a Gate 2 review of the IPOS final business case and addendum in December 2020, once the costs and benefits of contracting with the selected suppliers were clear. The review assessed delivery confidence as medium, which was:

driven primarily by the risks around the “new” hybrid agile/waterfall delivery approach with the NSW Police Force as the systems integrator (SI), the travel challenges imposed on the US-based supplier by the COVID-19 pandemic and the challenges of complying with [the] Protective Security Policy Framework (PSPF) when engaging a foreign vendor. 

The DCS Gate 2 review of the IPOS business case raised concerns about the contract with supplier B, including a concern about fixed pricing throughout the contract duration. The review noted that ‘the IPOS Program Team needs to be vigilant to ensure that the contractual framework does not negatively impact [the supplier’s] preferred behaviours as an innovative supplier of contemporary software’. The review recommended that the NSW Police Force consider reward-sharing in future contracts.

Weaknesses in early governance and program management arrangements increased risks and hindered early program momentum

The NSW Police Force set up regular meetings from the start of the program in January 2019 for both the IPOS Program Control Group and the IPOS Steering Committee. However the gateway review during procurement in July 2019 found that the organisation did not operate effective decision making or program governance across much of the program. The review identified weaknesses in resourcing, risk and issue reporting, and overall program oversight. In response to these weaknesses, the NSW Police Force finalised a IPOS governance plan in November 2020.

The NSW Police Force also finalised a program management plan in November 2020 but did not establish a program management office until late 2021. The NSW Police Force engaged consultants to set up the program management office and to provide program management services at a cost of $3 million from July 2021 to June 2022. The delays contributed to poor program management in the early stages of the program. The NSW Police Force advised that it had not established a program management office earlier because it was focused on procurement activities in 2019 and 2020, before funding was approved in February 2021.

In December 2021, an internal audit health check found that leadership of the IPOS program was driven by the Technology Command and not led by the business. This had reduced the delivery focus on systems that directly supported operational policing. At that time, the program steering committee included 2 deputy commissioners, one acting as the program sponsor and the other as the business owner.

The NSW Police Force did not introduce a reliable process to prioritise changes to legacy systems until 2023. During 2021 and 2022, COPS enhancements were not logged and tracked in a single system. In 2023, the NSW Police Force introduced a prioritisation board and required issues papers to accompany each request.

The NSW Police Force's inflexible recruitment processes and challenges in recruiting and retaining skilled staff affected program delivery

The IPOS risk register created in July 2019 noted that ‘an inflexible and cumbersome internal bureaucracy (i.e. HR approvals) is prohibitive to timely recruiting’; it assessed this risk as almost certain to occur. The risk register also noted that the NSW Police Force was undertaking 2 large technology projects at the same time, with higher remuneration packages for staff working on the human resource management upgrade than on IPOS.

In July 2021, the program identified challenges in recruiting business and change analysts, project managers and testing staff. In December 2021, both the chief information and technology officer and the IPOS program director resigned. By June 2022, the program risk register had recorded that ‘Multiple project resources have left the NSW Police Force, and this has caused a gap in the project resourcing and has impacted project timelines’.

The NSW Police Force received capital funding for IPOS, but this was offset by reductions in its future recurrent budget

The final business case completed in November 2019 adopted a self-funding approach, described in the DCS Gate 2 review as a ‘unique cost-neutral financing model’ drawing on existing forward allocations over 17 years.

In May 2020, the final business case was approved and in February 2021, NSW Treasury approved the release of funds. Under this model, the NSW Police Force received $328 million in capital funding on the condition that its recurrent budget would be reduced for 11 years from 2027–28 to 2038–39.

As a result, the NSW Police Force faces a reduced recurrent expenditure budget of $25 million in 2027–28 and $26 million for each of the next 4 years, with these reductions already reflected in forward operating budgets. Unless the NSW Police Force receives additional funding, it will need to find savings from other operational areas to meet both these ongoing reductions and the program’s funding needs.

The NSW Police Force attempted to limit losses by terminating the contract when it was clear that supplier B could not deliver the systems

In June 2022, supplier B advised that it could not deliver a forensics and exhibits system, and that it could not deliver the minimum viable product for CAD until 2029, 6 years later than the original date in the signed contract. The NSW Police Force terminated the contract, relying on early termination clauses. This limited the contract duration and payments to the supplier, which had reached $15 million before the contract was terminated.

In addition to payments to supplier B, the NSW Police Force had spent $5 million on project management that provided no ongoing benefit. The total lost investment from the contract was almost $20 million.

After the contract was terminated, supplier B began legal action against the NSW Police Force. In August 2023, the NSW Police Force and supplier B reached a legal settlement that is subject to a non-disclosure clause.

5. Transitional delivery

This chapter considers the Integrated Policing Operations System (IPOS) program after the NSW Police Force terminated its contract with supplier B in June 2022. The chapter concludes in April 2024 when the NSW Police Force reviewed the program.

After the termination of supplier B’s contract, the program lacked direction and momentum

From 2022 to 2024, the IPOS steering committee met regularly, but the program lacked direction and coordination. Project teams worked largely in silos and the steering committee did not maintain sufficient oversight of timelines or budgets. During this period the NSW Police Force continued to upgrade its computer aided dispatch (CAD) system and found a suitable forensics and exhibits system but did not look for a replacement for the Computerised Operational Policing System (COPS).

Internal and external reviews also concluded that the IPOS program was unlikely to succeed. In September 2023, the Department of Customer Service (DCS) health check review rated delivery confidence as low and noted the absence of a clear delivery plan, an overarching digital policing strategy and a current business case. The review recommended that the NSW Police Force appoint a single sponsor for the program, develop a delivery plan, and update the business case and future funding model.

In September 2024, an internal audit into budget control found weaknesses in change management, budget control and executive reporting. The NSW Police Force also conducted a detailed financial reconciliation process to identify the actual capital and recurrent spending for each IPOS project, as this information had not been reported clearly to the steering committee.

The NSW Police Force hired consultants to improve program governance and project management

Following the DCS health check review, the NSW Police Force hired a member of the review team to help implement the review recommendations. This assurance and strategic adviser identified challenges with program governance and the operating model for the Technology Command, and worked with the program to clarify roles and responsibilities. The adviser worked with the program until December 2025.

In early 2024, the NSW Police Force hired consultants to review project planning and reporting. The review found that most managers for individual projects did not know or understand their budgets and were not managing them effectively. Project managers worked in silos and project plans presented different information in varied formats, which made comparison of projects difficult. The report identified that the steering committee was not maintaining effective oversight of the program budget and timelines. Exhibit 2 summarises the recommendations from the project management review.

Exhibit 2: Recommendations from the consultants’ project management review

The review interviewed project managers, sponsors and key stakeholders, and assessed program documents. The report assessed the health of each IPOS project on various measures such as milestones, deliverables, resourcing, risks and governance. The review's high-level findings included:

  • projects are IT focused with a disconnect between business and technology drivers
  • there is a lack of consensus on program vision, success measures and benefits realisation for each project
  • projects are being managed in silos rather than through an interconnected portfolio
  • the command and control structure makes decision making tedious and time consuming
  • there are poor project/program financial controls and inconsistency in financial management
  • there is low maturity and inconsistency of quality management across projects
  • there is no evidence of sourcing or ongoing assessment of project resource capability and engagement.

Source: Audit Office of New South Wales review of NSW Police Force documents.

The review recommended improving program governance so that project and program managers could make the required decisions in real time. The review team introduced consistent project management templates and provided guidance and coaching to improve the capability of project management staff.

Since 2022, the NSW Police Force has introduced only one upgraded core policing system and completed procurement for a second system upgrade

The strategic business case in 2018 identified 5 core systems to be replaced by IPOS:

  • COPS
  • CAD
  • forensics and exhibits (EFIMS)
  • custody management
  • major investigations and intelligence gathering (E@gle-i).

The final business case addendum in 2020 included a schedule for decommissioning these 5 legacy systems between 2023 and 2028.

After the IPOS contract was cancelled, the NSW Police Force needed to replace EFIMS and CAD urgently because the systems were no longer fit for purpose and existing contracts were ending. In February 2025, the NSW Police Force delivered an upgraded forensics and exhibits system (NEXUS, replacing EFIMS). By December 2025, only 1 of the 5 core policing systems had been replaced. Procurement for a new CAD system was well underway, with ‘go live’ planned for November 2027.

In 2022, the NSW Police Force used a closed procurement approach for forensics, awarding the contract to the supplier used by all other Australian jurisdictions. The NSW Police Force then went to market in late 2022 to procure a replacement exhibits system and awarded that contract to the same supplier. The combined forensics and exhibits system, NEXUS, went live in February 2025.

After determining that upgrading the existing CAD was not cost-effective, the NSW Police Force returned to market and selected a new supplier in early 2025. In June 2025, the NSW Police Force identified potential suppliers for a replacement for COPS and included a replacement for E@gle-i as a component of this procurement.

The NSW Police Force has delivered improvements to information and communications technology infrastructure that support core policing systems

In 2018, the IPOS strategic business case identified that the NSW Police Force needed to improve its system and data integration and take advantage of changes in technology such as cloud-based systems. The 2020 final business case addendum provided a schedule for critical infrastructure upgrades to support core policing systems.

During 2020 and 2021, the NSW Police Force initiated workstreams to upgrade its information and communications technology (ICT) infrastructure, including:

  • platform and security enablement (P&SE) – cloud and network services, including support for mobile devices, encryption and monitoring system usage
  • integration platform and processes – enhanced exchange of information between IPOS systems and other NSW Police Force systems such as staffing, rostering and finance, and equipment used by frontline staff, for example, body-worn video, as well as integration with other agencies, including NSW courts, Transport for NSW and the Australian Federal Police
  • IT service management – tools and processes to support the delivery of IPOS systems
  • data management capabilities – improved data integration to provide a unified single view of policing data, plus data analytics capabilities
  • testing – to ensure new and upgraded systems perform as expected.

By December 2025, the NSW Police Force had spent $49.8 million on these ‘enabling streams’ to support core policing systems. P&SE accounted for almost two-thirds of the spending ($32.1 million) and has delivered cloud data centres, secure data transfer between mobile devices and cloud data centres, and stronger identity management.

The NSW Police Force has also introduced several smaller system enhancements, which are likely to have improved the efficiency of operational policing

In 2023, the NSW Police Force initiated a number of smaller projects identified by operational and technical staff. The NSW Police Force advised that these projects were initially considered impractical to deliver until COPS was replaced, but ICT infrastructure improvements enabled their earlier development. The NSW Police Force revised the IPOS scope and budget to include these smaller projects. The systems were developed through a mixture of contracts and in-house development, and the NSW Police Force plans to retain them as part of the COPS replacement system.

Projects delivered included mCOPS, a mobile application that simplifies the recording of high-volume incidents such as inspections, traffic infringements and domestic violence incidents. The NSW Police Force estimates that the inspections functionality reduced average time on scene from 24 minutes to 12 minutes, and reduced COPS event creation to 2 minutes, saving the equivalent of 610 12-hour shifts in the first 18 months.

The NSW Police Force also adapted the GoodSam health responder app (renamed BluLink) to enable police to interact directly with the public through location sharing and live video. The NSW Police Force rolled out BluLink in 2024, estimating that it saved at least $6 million in search and rescue costs in the first year.

The level of vacancies in the program and increasing contingent labour costs contributed to poor control of budgets and delays in delivering system upgrades

During 2023 and 2024, the NSW Police Force had difficulty recruiting the technical, project management and integration specialists needed to re-establish program direction. Inflexible recruitment processes and uncompetitive salary bands limited its ability to attract scarce ICT skills in a competitive labour market. In January 2023, the IPOS program had 191 approved positions, but 82 (43%) were vacant.

Throughout the program the NSW Police Force found it difficult to recruit programmers skilled in legacy technology. Specialist developers maintained the legacy systems and were integral to the IPOS data management capability workstream. The cost of temporary developers rose from $1,000 per day in December 2021 to $1,500 per day in December 2024, equivalent to $345,000 per year. In May 2024, the project management report found that prolonged vacancies in key technical roles had impacted the design and delivery of IPOS. Steering committee papers frequently reported that program vacancies contributed to poor control of budgets and delays in delivering system upgrades.

6. Program reset

This chapter covers the time period after the Integrated Policing Operations System (IPOS) program was reviewed in mid-2024, and then rebranded as the Police Technology Program (PTP) in late 2024. The chapter also considers the state of the program in December 2025 and the risks the NSW Police Force must address as procurement progresses and systems are implemented.

In 2024, the NSW Police Force merged 2 commands and made changes to IPOS governance arrangements to improve project planning, budget control and decision-making processes

In May 2024, the NSW Police Force merged the Technology Command and the Communication Services Command. This resulted in a change of leadership for technology programs and provided an opportunity to reset the IPOS program. From July 2024, the NSW Police Force began implementing recommendations from the gateway review and project management report, including moving to a single sponsor for IPOS and making changes to governance arrangements.

Following the project management review, internal audit report and financial reconciliation exercise in mid-2024, the NSW Police Force developed consistent project plans and tracking for each IPOS project. During 2024, it also strengthened the governance of the Computerised Operational Policing System (COPS) replacement workstream and aligned it with the mainframe and application data decommissioning (MADD) project.

In September 2024, the DCS conducted a second health check review, which rated delivery confidence as medium, and noted improvements in leadership, governance structures and early delivery outcomes.

The NSW Police Force has significantly improved the governance of the program and the quality of project management

Following the merger of the Technology Command and the Communication Services Command in May 2024, the NSW Police Force improved its information and communications technology (ICT) maturity and developed a digital strategy. It strengthened governance through the PTP steering committee, which included representatives from several operational commands and the new Technology and Communication Services Command (TCSC). The committee was chaired by the PTP program sponsor, the Deputy Commissioner, Corporate Services, and had clear terms of reference.

Since April 2025, the steering committee has received more consistent and structured reporting for each PTP project, covering delivery status, financials, risks/issues/dependencies, benefits realisation and change management. The steering committee papers also detail the actions needed to move a project’s status from amber or red to green. This has improved transparency and supported better oversight of projects and decision making.

In November 2025, the NSW Department of Customer Service (DCS) conducted a health check review, which identified improvements in the program and rated overall delivery confidence as medium. The review assessed key scope areas, rating both the current phase and readiness for the next phase as high, and the delivery approach and risk management as medium.

The NSW Police Force does not expect to deliver the full suite of upgraded systems until 2031, 4 years after the program's original end date

Although the NSW Police Force identified the COPS replacement as its highest priority for the rebranded PTP, the delivery timeline for phase 1 of the core policing solution is now June 2029. The timeline for delivering future modules, including intelligence management and custody management, is June 2031, 4 years after the original IPOS end date.

When the NSW Police Force prepared the full business case for IPOS in 2020, it expected to implement 2 core policing systems: computer aided dispatch (CAD) and forensics by June 2023; and replacement COPS modules covering report writing, investigations and inspections by June 2025. The final core policing systems, including custody management, major investigations and legal process, were due by June 2027. In November 2024, the NSW Police Force determined that the program could not be delivered by June 2027 and the end date was extended to June 2029.

In June 2025, the IPOS steering committee was advised that $24.3 million had been transferred from the IPOS capital budget in 2025–26 to Infrastructure and Assets Command for the purchase of Mascot police station, with funds to be repaid in 2027–28 and 2028–29. The transfer of funds was approved by the Commissioner’s Executive Team and NSW Treasury, and extended the timeline for IPOS delivery by 2 years from June 2027 to June 2029, which better aligned with the NSW Police Force’s capacity to deliver the program.

In October 2025, the NSW Police Force prepared a revised business case for the PTP. This shows that phase 1 of the PTP, due by June 2029, includes several core policing systems, notably forensics and exhibits, CAD and 2 modules of the core policing solution (crime recording and investigation management). PTP phase 1 combines systems already delivered with systems where procurement was still underway.

Phase 2 of the PTP, due by June 2031, includes the remaining modules from the COPS replacement system, namely information and intelligence management, procedural justice, regulatory services, crime prevention and public safety. Phase 2 also includes modernisation of the firearms licensing system. Appendix 3 provides more information on the status of PTP projects at December 2025.

The NSW Police Force had spent over $155 million on core system projects and supporting ICT infrastructure, but major components are outstanding

By December 2025, the NSW Police Force had spent over $155 million of the $328 million capital budget, including: $36 million for forensics and exhibits; $32 million for cloud hosting and security; $18 million on other ICT infrastructure projects; $16 million on upgrading legacy systems; $19 million on ancillary systems, such as mCOPS; and $9 million on CAD.

The $50 million spent on cloud hosting, security and other ICT infrastructure projects was critical capital expenditure to support current delivery and future capabilities, such as CAD and the core policing solution project. While the NSW Police Force expects to deliver an upgraded CAD system in 2027, the timeline for core policing system modules cannot be determined until procurement is completed.

By December 2025, the NSW Police Force had spent $11 million on project and program management services and $9 million on system architecture services. The NSW Police Force had spent almost $18 million on consultants and contractors to support the IPOS program. The largest payments were $4.85 million to supplier A for phase 0 due diligence in 2020 and $3.6 million to consultants for program management services in 2021 and 2022.

The NSW Police Force estimates that delivering the PTP will cost an additional $78 million in capital funding by 2031

The revised PTP business case indicated that $184 million of the original $328 million capital allocation remained available for system development at 30 June 2025, but this was insufficient to fund the full program.

The DCS reviewed the business case in October 2025, and it was subsequently endorsed by the Commissioner’s executive team (CET). The NSW Police Force planned to submit it to Treasury in early 2026. At February 2026, the NSW Police Force had not presented a final business case to inform government that additional funding would be needed and that the delivery timeline is now 2031.

The NSW Police Force estimates that PTP phase 1 will cost a further $150 million to complete CAD, forensics, mobile systems and the modernisation of COPS investigation management modules. While phase 1 can be funded from within the approved capital allocation, phase 2 requires additional capital investment totalling $78 million. PTP phase 2 aims to deliver the remaining modules of the core policing solution and the firearms licensing modernisation project.

Exhibit 3 shows the capital budget presented in the 2020 business case, the actual capital expenditure incurred by the NSW Police Force from 2019–20 to 2024–25, and the revised capital expenditure forecast reported in the 2025 business case.

Bar chart comparing the 2020 IPOS capital budget with actual expenditure to 2024–25 and the revised forecast capital budget to 2030–31. The chart shows original capital budget to 2026–27 with underspend to 2024–25, and capital spending forecasts extended to 2030–31 from the 2025 business case.
Exhibit 3: IPOS capital expenditure ‒ Budget in 2020 compared with IPOS/PTP actuals to 2024–25 and revised budget to 2030–31

Source: Audit Office of New South Wales review of NSW Police Force documents.

Forecast recurrent expenditure costs have increased markedly since 2020 and the NSW Police Force will need at least $380 million in recurrent spending on core ICT solutions by June 2031

The revised business case identified high ongoing recurrent funding requirements due to software licences and data storage and access costs. It noted that as more systems move to cloud-based and subscription-based services, expected costs shift from one-off capital spending to recurrent funding models. While these subscription services improve flexibility, agencies need reliable ongoing funding to maintain service levels and avoid service gaps.

In the business case prepared in 2020, the NSW Police Force estimated that IPOS would require recurrent expenditure of $35 million per annum on IPOS products delivered by supplier B. The consistent cost resulted from the contract that NSW Police Force had negotiated, which did not include any consumer price index increases through to 2038. In addition, the NSW Police Force budgeted for recurrent expenditure on supporting ICT infrastructure and maintaining legacy systems during the IPOS rollout.

The NSW Police Force prepared new estimates of recurrent expenditure in the 2025 program business case, totalling $389.4 million from July 2026 to June 2031. In addition, it estimated recurrent costs for legacy systems of around $25 million per year.

In 2025, the NSW Police Force estimated a recurrent funding gap of $415 million up to June 2031. This included $129 million in reduced future recurrent costs from July 2027 to June 2031, approved in the 2020 IPOS business case. The funding gap also included the costs of running the legacy systems for an extra 4 years, which the NSW Police Force estimated to be $88 million more than previously budgeted. The business case restated the imperative of investing in PTP, despite the cost, and noted that doing nothing was not an option.

Exhibit 4 shows the recurrent expenditure budget presented in the 2020 business case, the actual recurrent expenditure incurred by the NSW Police Force from 2019–20 to 2024–25 and the revised recurrent expenditure forecast reported in the 2025 business case.

Bar chart comparing the 2020 IPOS recurrent expenditure budget with actual expenditure to 2024–25 and the revised forecast to 2030–31. The chart shows that the annual recurrent expenditure forecast from 2026–27 to 2030–31 is more than twice the actual recurrent expenditure each year up to 2024–25.
Exhibit 4: IPOS recurrent expenditure ‒ Budget in 2020 compared with IPOS/PTP actuals to 2024–25 and revised budget to 2030–31

Source: Audit Office of New South Wales review of NSW Police Force documents.

The NSW Police Force plans to maintain legacy systems for at least 4 years longer than expected

The NSW Police Force originally planned to replace the mainframe system by 2027, but the system is now required until at least 2031. The mainframe costs the NSW Police Force approximately $13 million per year for hardware and mainframe software, plus an additional $8 million per year for software licences. This expenditure is wholly to maintain continued operation of legacy systems and is of no benefit to future operating systems.

In 2024, the NSW Police Force spent $2.7 million replacing the mainframe hardware that supports COPS and relocating the mainframes to a new location. This was outside the scope of the original business case. The 2020 business case assumed that decommissioning the mainframe would save around $26 million per year from July 2027 onwards. The mainframe has not yet been decommissioned, and the NSW Police Force no longer expects savings when this happens.

The NSW Police Force expects to spend $6.8 million on staffing over 4 years to support the obsolete technology. The NSW Police Force advised that these roles are required to implement legislative changes and ensure continuity of critical services, regardless of the underlying technology. However, updating the COPS mainframe systems is more time-consuming than updating more modern technology. For example, in 2023, the NSW Police Force improved the reporting of bushfires, structural and other fires in COPS, including creating a separate incident category for bushfires. This COPS development work required 110 days of developer time due to the complexity of working in a legacy system.

Exhibit 5 summarises capital expenditure to June 2025 on ‘refresh and resilience’ (R&R) projects, which aimed to provide short-term improvements to legacy systems that were expected to be replaced by the COPS upgrade.

Exhibit 5: R&R projects

Delays in implementing IPOS resulted in additional costs for legacy systems. The final business case addendum from 2020 included $12 million capital funding for R&R projects, described as ‘a program of work to replace, enhance or support core IT capabilities until these systems are replaced’, that is, until IPOS was implemented. There were 4 separate R&R projects:

  1. a major investigations system (CRIME)
  2. a homicide investigations management system (HIMS)
  3. a covert operations database (COD)
  4. spatial capability.

By December 2025, the NSW Police Force had spent $13.7 million on the R&R projects and had not delivered a replacement for the major investigations system (including the HIMS). The NSW Police Force developed Power BI reports for the unsolved homicides team in early 2025 to address business needs that were unmet by the existing legacy system. COD phase 1 was delivered in January 2025 and, in August 2024, improvements in spatial capability transferred to business-as-usual.

Source: Audit Office of New South Wales review of NSW Police Force documents.

Continued reliance on legacy systems exposes the NSW Police Force to technology risk and reduces operational effectiveness

The NSW Digital Strategy identifies that government agencies must reduce legacy technology and duplication of digital solutions. Following the replacement of mainframe hardware in 2024 and relocation to a more secure location, the NSW Police Force considered that the hardware risk had been addressed in the medium term. However, the mainframe applications still in use, including COPS, result in inefficient processes for operational staff. The program business case prepared by the NSW Police Force in October 2025 identified inefficiencies including:

  • legacy systems require officers to enter the same information more than once, increasing administrative workload
  • older, non-mobile interfaces mean officers need to return to stations to input data, reducing the time available for work in the community
  • staff often use inefficient, paper-based processes to overcome problems with COPS
  • systems are not well integrated, so officers often need to switch between different systems to complete routine tasks, increasing the risk of mistakes.

The NSW Police Force concluded that continuing to rely on legacy applications increased the risks of service interruptions and cyber security incidents and could impact public safety. It also noted that because COPS underpins many policing functions, system failures could disrupt frontline policing operations.

The NSW Police Force faces continuing challenges in recruiting technical staff to support its legacy systems. In December 2024, the TCSC requested 10 temporary positions within the core policing team. These staff would learn the specialist legacy system programming language to enable them to maintain and make changes to COPS and ensure business continuity for the NSW Police Force. The total cost of these staff was $1.723 million per year.

Exhibit 6 provides a case study from 2019 summarising the challenges for operational staff using legacy systems. While the exhibits system was upgraded in February 2025, a replacement for COPS has not yet been delivered.

Exhibit 6: Case study demonstrating operational impact of legacy systems

In July 2018, detectives from the NSW Police Force Financial Crimes Squad and Organised Crime Squad, along with the Australian Government Department of Education and Training and the Australian Criminal Intelligence Commission (ACIC), established Strike Force Mercury to investigate coordinated fraudulent activities targeting family day care operations.

In May 2019, Strike Force Mercury arrested 18 people simultaneously and executed 23 search warrants in relation to a $4 million fraud. The outdated IT infrastructure used by the NSW Police Force significantly increased the resources required and time taken to input and process data. For example:

  • one master event was created in COPS with 23 search warrant incidents; only one police officer could update the event at a time
  • 18 events were created for the arrests, requiring 18 police officers to process offenders
  • 700 exhibits were seized, photographed and manually entered into 4 different systems
  • search warrant documents and operation orders were manually entered into 5 different systems, which had to be done retrospectively as there was no scope for entering the information in real time.

Source: Audit Office of New South Wales review of NSW Police Force documents.

The NSW Police Force has incorporated lessons from previous procurement experiences and updated its contracting approach

The NSW Police Force has moved away from a single vendor approach and expects to contract with multiple vendors for the remaining components of PTP. This approach was endorsed through an independent assessment in July 2025. The DCS health check in November 2025 rated confidence in the delivery approach as medium and noted that ‘PTP has pivoted to a more flexible and scalable delivery model’.

Procurement processes conducted in 2024–25 (next gen CAD and COPS replacement) required tenderers to meet minimum staff and revenue thresholds, effectively excluding start-up firms. Proposals were only accepted from companies with experience in the Westminster system of government that also complied with the Australian Protective Security Policy Framework. The NSW Police Force determined that a commercial off-the-shelf (COTS) product would not be sufficiently adaptable for COPS, given the need to implement legislative changes quickly. Revised Treasury guidelines now advise agencies to stage the delivery of large programs and request smaller funding tranches.

In November 2024, the NSW Police Force issued a premarket notice to restart the procurement process for a replacement for COPS. It included 7 capabilities, covering operational policing processes plus ICT infrastructure and data analytics.

In July 2025, the NSW Police Force presented the PTP strategic delivery approach to the CET. This identified lessons from the IPOS program, assessed changes in technology and Treasury guidelines, then outlined a different approach for PTP. Exhibit 7 summarises the lessons learnt by the program, including lessons that may be applicable to other NSW Government agencies.

Exhibit 7: Lessons learnt

NSW government agencies should:

  • adopt a multi-vendor, best-fit solution model, using the most appropriate technology for each capability rather than rely on a single vendor
  • recognise that generic COTS solutions are unlikely to scale for large NSW agencies without extensive and costly customisation
  • identify and actively manage risks arising from cross-program dependencies, including those within and outside program workstreams
  • actively challenge optimism bias, regularly reassessing assumptions about cost, timeframes, vendor capability and internal capacity
  • embed service design and user experience from the outset, with ongoing involvement of end users throughout delivery
  • build and sustain internal delivery capability and culture, so agencies are equipped to lead complex, long-running programs
  • ensure strategic trade-offs are clearly identified and documented, to balance urgent operational needs against long-term technology outcomes
  • use commercial models with clear stage gates and exit options, to manage uncertainty and protect value in large digital programs.

The NSW Police Force should:

  • select systems designed for Westminster-style policing in large, complex jurisdictions, rather than adapt products built for different policing models
  • ensure it leads program design, governance and decision making, with vendors supporting delivery rather than directing it.

Source: Audit Office of New South Wales review of NSW Police Force documents.

The NSW Police Force will require strong governance, effective decision making and senior manager support to meet PTP timeframes, with key person reliance remaining a program risk

Throughout the audit period, gateway reviews, health checks and consultant reports have raised issues about poor project management, slow decision making, and challenges in recruiting and retaining skilled staff.

Since November 2024, the NSW Police Force has made progress in addressing these issues and strengthening governance arrangements. This has been supported by experienced project sponsors and staff across the organisation. However, the program remains vulnerable to setbacks if key personnel leave or change roles.

The DCS health check review in November 2025 reported that ‘securing key resources will be essential to maintaining delivery pace and achieving program objectives on schedule’. One of the 2 critical recommendations related to recruiting appropriately skilled program staff and noted that this ‘may require remuneration decisions to meet the market’. The health check review also noted the importance of ensuring continuity of key personnel with accountability for project deliverables, through program development and implementation phases.

In November 2025, the PTP steering committee monitored risks related to ‘protracted and delayed decision-making processes’ and poor-quality project documentation, which both had high residual risk ratings after mitigation.

The NSW Police Force received funding in the 2025 NSW budget for critical network upgrades. These upgrades are expected to be delivered at the same time as PTP projects and require ICT specialists and project management staff with scarce skills. Delivering major projects on time and on budget will continue to be a significant challenge for the NSW Police Force.

The NSW Police Force has identified insufficient funding as a key risk to program delivery

In July 2024, the PTP steering committee identified insufficient capital and recurrent funding as a key risk. The risk action plan included preparing the business case addendum to request additional funding from Treasury and implementing rigorous financial oversight of project activities, but the risk rating remained high after mitigating actions. The risk remained on the PTP risk register in November 2025.

The October 2025 program business case noted that changes to the technology environment, especially the move to software-as-a-service and higher licensing costs, had resulted in increased recurrent expenditure needs to June 2031. The business case noted that wage pressures and inflation had also affected delivery costs. The original IPOS business case was approved by government in May 2020; it took the NSW Police Force over 5 years to submit a revised estimate of funding needs.

The DCS health check in November 2025 rated the business case and stakeholders key scope area as low, due to uncertainty over funding to complete the program. The DCS recommended that the NSW Police Force consult with NSW Treasury about additional funding, and update cost and benefits estimates in the business case.

If additional capital funding is not approved for the PTP, the NSW Police Force advises it will not be able to deliver all the modules of the core policing solution. If additional recurrent expenditure is not approved for cloud services and software-as-a-service, the NSW Police Force will need to fund increased recurrent expenditure for PTP by identifying savings elsewhere within the organisation.

Appendices

Appendix 1 – Response from entity

Appendix 2 – Timeline of key events

Appendix 3 – Gateway reviews and health checks

Appendix 4 – Status of PTP projects at December 2025

Appendix 5 – About the audit

Appendix 6 – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #424 - released 11 May 2026

Read similar reports