Reports
Regional Assistance Programs
Infrastructure NSW effectively manages how grant applications for regional assistance programs are assessed and recommended for funding. Its contract management processes are also effective. However, we are unable to conclude whether the objectives of these programs have been achieved as the relevant agencies have not yet measured their benefits, according to a report released today by the Auditor-General for New South Wales, Margaret Crawford.
In 2011, the NSW Government established Restart NSW to fund new infrastructure with the proceeds from the sale and lease of government assets. From 2011 to 2017, the NSW Government allocated $1.7 billion from the fund for infrastructure in regional areas, with an additional commitment of $1.3 billion to be allocated by 2021. The NSW Government allocates these funds through regional assistance programs such as Resources for Regions and Fixing Country Roads. NSW councils are the primary recipients of funding provided under these programs.
The NSW Government announced the Resources for Regions program in 2012 with the aim of addressing infrastructure constraints in mining affected communities. Infrastructure NSW administers the program, with support from the Department of Premier and Cabinet.
The NSW Government announced the Fixing Country Roads program in 2014 with the aim of building more efficient road freight networks. Transport for NSW and Infrastructure NSW jointly administer this program, which funds local councils to deliver projects that help connect local and regional roads to state highways and freight hubs.
This audit assessed whether these two programs (Resources for Regions and Fixing Country Roads) were being effectively managed and achieved their objectives. In making this assessment, we answered the following questions:
- How well are the relevant agencies managing the assessment and recommendation process?
- How do the relevant agencies ensure that funded projects are being delivered?
- Do the funded projects meet program and project objectives?
The audit focussed on four rounds of Resources for Regions funding between 2013–14 to 2015–16, as well as the first two rounds of Fixing Country Roads funding in 2014–15 and 2015–16.
The project selection criteria are consistent with the program objectives set by the NSW Government, and the RIAP applied the criteria consistently. Probity and record keeping practices did not fully comply with the probity plans.
The assessment methodology designed by Infrastructure NSW is consistent with2 the program objectives and criteria. In the rounds that we reviewed, all funded projects met the assessment criteria.
Infrastructure NSW developed probity plans for both programs which provided guidance on the record keeping required to maintain an audit trail, including the use of conflict of interest registers. Infrastructure NSW and Transport for NSW did not fully comply with these requirements. The relevant agencies have taken steps to address this in the current funding rounds for both programs.
NSW Procurement Board Directions require agencies to ensure that they do not engage a probity advisor that is engaged elsewhere in the agency. Infrastructure NSW has not fully complied with this requirement. A conflict of interest arose when Infrastructure NSW engaged the same consultancy to act as its internal auditor and probity advisor.
While these infringements of probity arrangements are unlikely to have had a major impact on the assessment process, they weaken the transparency and accountability of the process.
Some councils have identified resourcing and capability issues which impact on their ability to participate in the application process. For both programs, the relevant agencies conducted briefings and webinars with applicants to provide advice on the objectives of the programs and how to improve the quality of their applications. Additionally, Transport for NSW and the Department of Premier and Cabinet have developed tools to assist councils to demonstrate the economic impact of their applications.
The relevant agencies provided feedback on unsuccessful applications to councils. Councils reported that the quality of this feedback has improved over time.
Recommendations
- By June 2018, Infrastructure NSW should:
- ensure probity reports address whether all elements of the probity plan have been effectively implemented.
- By June 2018, Infrastructure NSW and Transport for NSW should:
- maintain and store all documentation regarding assessment and probity matters according to the State Records Act 1998, the NSW Standard on Records Management and the relevant probity plans
Infrastructure NSW is responsible for overseeing and monitoring projects funded under Resources for Regions and Fixing Country Roads. Infrastructure NSW effectively manages projects to keep them on track, however it could do more to assure itself that all recipients have complied with funding deeds. Benefits and outcomes should also start to be measured and reported as soon as practicable after projects are completed to inform assessment of future projects.
Infrastructure NSW identifies projects experiencing unreasonable delays or higher than expected expenses as 'at‑risk'. After Infrastructure NSW identifies a project as 'at‑risk', it puts in place processes to resolve issues to bring them back on track. Infrastructure NSW, working with Public Works Advisory regional offices, employs a risk‑based approach to validate payment claims, however this process should be strengthened. Infrastructure NSW would get better assurance by also conducting annual audits of compliance with the funding deed for a random sample of projects.
Infrastructure NSW collects project completion reports for all Resources for Regions and Fixing Country Roads funded projects. It applies the Infrastructure Investor Assurance Framework to Resources for Regions and Fixing Country Roads at a program level. This means that each round of funding (under both programs) is treated as a distinct program for the purposes of benefits realisation. It plans to assess whether benefits have been realised once each project in a funding round is completed. As a result, no benefits realisation assessment has been done for any project funded under either Resources for Regions or Fixing Country Roads. Without project‑level benefits realisation, future decisions are not informed by the lessons from previous investments.
Recommendations
- By December 2018, Infrastructure NSW should:
- conduct annual audits of compliance with the funding deed for a random sample of projects funded under Resources for Regions and Fixing Country Roads
- publish the circumstances under which unspent funds can be allocated to changes in project scope
- measure benefits delivered by projects that were completed before December 2017
- implement an annual process to measure benefits for projects completed after December 2017
- By December 2018, Transport for NSW and Infrastructure NSW should:
- incorporate a benefits realisation framework as part of the detailed application.
Appendix one - Response from agencies
Appendix two - Maps of funded projects
Appendix three - About the audit
Appendix four - Performance auditing
Parliamentary reference - Report number #300 - released 17 May 2018
Grants to non-government schools
The NSW Department of Education could strengthen its management of the $1.2 billion provided to non-government schools annually. This would provide greater accountability for the use of public funds, according to a report released today by the Auditor-General for New South Wales, Margaret Crawford.
Non‑government schools educate 418,000 school children each year, representing 35 per cent of all students in NSW. The NSW Department of Education administers several grant schemes to support these schools, with the aim of improving student learning outcomes and supporting parent choice. To be eligible for NSW Government funding, non‑government schools must be registered with the NSW Education Standards Authority (NESA) and not operate 'for profit' as per section 83C of the NSW Education Act 1990 (the Act). Non‑government schools can either be registered as independent or part of a System Authority.
In 2017–18, non‑government schools in NSW will receive over $1.2 billion from the NSW Government, as well as $3.4 billion from the Australian Government. Recently, the Australian Government has changed the way it funds schools. The NSW Government is assessing how these changes will impact State funding for non‑government schools.
This audit assessed how effectively and efficiently NSW Government grants to non‑government schools are allocated and managed. This audit did not assess the use of NSW Government grants by individual non‑government schools or System Authorities because the Auditor‑General of New South Wales does not have the mandate to assess how government funds are spent by non‑government entities.
Conclusion
The Department of Education effectively and efficiently allocates grants to non‑government schools. Clarifying the objectives of grants, monitoring progress towards these objectives, and improving oversight, would strengthen accountability for the use of public funds by non‑government schools.
We tested a sample of grants provided to non‑government schools under all major schemes, and found that the Department of Education consistently allocates and distributes grants in line with its methodology. The Department has clear processes and procedures to efficiently collect data from schools, calculate the level of funding each school or System should receive, obtain appropriate approvals, and make payments.
We identified three areas where the Department could strengthen its management of grants to provide greater accountability for the use of public funds. First, the Department’s objectives for providing grants to non‑government schools are covered by legislation, intergovernmental agreements and grant guidelines. The Department could consolidate these objectives to allow for more consistent monitoring. Second, the Department relies on schools or System Authorities to engage a registered auditor to certify the accuracy of information on their enrolments and usage of grants. Greater scrutiny of the registration and independence of the auditors would increase confidence in the accuracy of this information. Third, the Department does not monitor how System Authorities reallocate grant funding to their member schools. Further oversight in this area would increase accountability for the use of public funds.
The Department effectively and efficiently allocates grants to non‑government schools. Strengthening its processes would provide greater assurance that the information it collects is accurate.
The Department provides clear guidelines to assist schools to provide the necessary census information to calculate per capita grants. Schools must get an independent external auditor, registered with ASIC, to certify their enrolment figures. The Department checks a sample of the auditors to ensure that they are registered with ASIC. Some other jurisdictions perform additional procedures to increase confidence in the accuracy of the census (for example, independently checking a sample of schools’ census data).
The Department accurately calculates and distributes per capita grants in accordance with its methodology. The previous methodology, used prior to 2018, was not updated frequently enough to reflect changes in schools' circumstances. Over 2014 to 2017, the Department provided additional grants to non‑government schools under the National Education Reform Agreement (NERA), to bring funding more closely in line with the Australian Department of Education and Training's Schooling Resource Standard (SRS). From 2018, the Department has changed the way it calculates per capita grants to more closely align with the Australian Department of Education and Training's approach.
The Department determines eligibility for grants by checking a school's registration status with NESA. However, NESA's approach to monitoring compliance with the registration requirements prioritises student learning and wellbeing requirements over the requirement for policies and procedures for proper governance. Given their importance to the appropriate use of government funding, NESA could increase its monitoring of policies and procedures for proper governance through its program of random inspections. Further, the Department and NESA should enter into a formal agreement to share information to more accurately determine the level of risk of non‑compliance at each school. This may help both agencies more effectively target their monitoring to higher‑risk schools.
By December 2018, the NSW Department of Education should:
- Strengthen its processes to provide greater assurance that the enrolment and expenditure information it collects from non‑government schools is accurate. This should build on the work the Australian Government already does in this area.
- Establish formal information‑sharing arrangements with the NSW Education Standards Authority to more effectively monitor schools' eligibility to receive funding.
By December 2018, the NSW Education Standards Authority should:
- Extend its inspection practices to increase coverage of the registration requirement for policies and procedures for the proper governance of schools.
- Establish formal information‑sharing arrangements with the NSW Department of Education to more effectively monitor schools' continued compliance with the registration requirements.
The Department’s current approach to managing grants to non‑government schools could be improved to provide greater confidence that funds are being spent in line with the objectives of the grant schemes.
The NSW Government provides funding to non‑government schools to improve student learning outcomes, and to support schooling choices by parents, but does not monitor whether these grants are achieving this. In addition, each grant program has specific objectives. The main objectives for the per capita grant program is to increase the rate of students completing Year 12 (or equivalent), and to improve education outcomes for students. While non‑government schools publicly report on some educational measures via the MySchool website, these measures do not address all the objectives. Strengthened monitoring and reporting of progress towards objectives, at a school level, would increase accountability for public funding. This may require the Department to formalise its access to student level information.
The Department has listed five broad categories of acceptable use for per capita grants, however, provides no further guidance on what expenditure would fit into these categories. Clarifying the appropriate use of grants would increase confidence that funding is being used as intended. Schools must engage an independent auditor, registered with ASIC, to certify that the funding has been spent. The Department could strengthen this approach by improving its processes to check the registration of the auditor, and to verify their independence.
The Department has limited oversight of funding provided to System Authorities (Systems). The Department provides grants to Systems for all their member schools. The Systems can distribute the grants to their schools according to their own methodology. Systems are not required to report to the Department how much of their grant was retained for administrative or centralised expenses. Increased oversight over how the Systems distribute this grant could provide increased transparency for the use of public funds by systems.
By December 2018, the NSW Department of Education should:
- Establish and communicate funding conditions that require funded schools to:
- adhere to conditions of funding, such as the acceptable use of grants, and accounting requirements to demonstrate compliance
- report their progress towards the objectives of the scheme or wider Government initiatives
- allow the Department to conduct investigations to verify enrolment and expenditure of funds
- provide the Department with access to existing student level data to inform policy development and analysis.
- Increase its oversight of System Authorities by requiring them to:
- re‑allocate funds across their system on a needs basis, and report to the Department on this
- provide a yearly submission with enough detail to demonstrate that each System school has spent their State funding in line with the Department's requirements.
Appendix one - Response from agencies
Appendix two - NESA's risk-based compliance monitoring
Appendix three - About the audit
Appendix four - Performance auditing
Parliamentary reference - Report number #299 - released 3 May 2018
Managing risks in the NSW public sector: risk culture and capability
The Ministry of Health, NSW Fair Trading, NSW Police Force, and NSW Treasury Corporation are taking steps to strengthen their risk culture, according to a report released today by the Auditor-General, Margaret Crawford. 'Senior management communicates the importance of managing risk to their staff, and there are many examples of risk management being integrated into daily activities', the Auditor-General said.
We did find that three of the agencies we examined could strengthen their culture so that all employees feel comfortable speaking openly about risks. To support innovation, senior management could also do better at communicating to their staff the levels of risk they are willing to accept.
Effective risk management is essential to good governance, and supports staff at all levels to make informed judgements and decisions. At a time when government is encouraging innovation and exploring new service delivery models, effective risk management is about seizing opportunities as well as managing threats.
Over the past decade, governments and regulators around the world have increasingly turned their attention to risk culture. It is now widely accepted that organisational culture is a key element of risk management because it influences how people recognise and engage with risk. Neglecting this ‘soft’ side of risk management can prevent institutions from managing risks that threaten their success and lead to missed opportunities for change, improvement or innovation.
This audit assessed how effectively NSW Government agencies are building risk management capabilities and embedding a sound risk culture throughout their organisations. To do this we examined whether:
- agencies can demonstrate that senior management is committed to risk management
- information about risk is communicated effectively throughout agencies
- agencies are building risk management capabilities.
The audit examined four agencies: the Ministry of Health, the NSW Fair Trading function within the Department of Finance, Services and Innovation, NSW Police Force and NSW Treasury Corporation (TCorp). NSW Treasury was also included as the agency responsible for the NSW Government's risk management framework.
In assessing an agency’s risk culture, we focused on four key areas:
Executive sponsorship (tone at the top)
In the four agencies we reviewed, senior management is communicating the importance of managing risk. They have endorsed risk management frameworks and funded central functions tasked with overseeing risk management within their agencies.
That said, we found that three case study agencies do not measure their existing risk culture. Without clear measures of how employees identify and engage with risk, it is difficult for agencies to tell whether employee's behaviours are aligned with the 'tone' set by the executive and management.
For example, in some agencies we examined we found a disconnect between risk tolerances espoused by senior management and how these concepts were understood by staff.
Employee perceptions of risk management
Our survey of staff indicated that while senior leaders have communicated the importance of managing risk, more could be done to strengthen a culture of open communication so that all employees feel comfortable speaking openly about risks. We found that senior management could better communicate to their staff the levels of risk they should be willing to accept.
Integration of risk management into daily activities and links to decision-making
We found examples of risk management being integrated into daily activities. On the other hand, we also identified areas where risk management deviated from good practice. For example, we found that corporate risk registers are not consistently used as a tool to support decision-making.
Support and guidance to help staff manage risks
Most case study agencies are monitoring risk-related skills and knowledge of their workforce, but only one agency has addressed the gaps it identified. While agencies are providing risk management training, surveyed staff in three case study agencies reported that risk management training is not adequate.
NSW Treasury provides agencies with direction and guidance on risk management through policy and guidelines. In line with better practice, NSW Treasury's principles-based policy acknowledges that individual agencies are in a better position to understand their own risks and design risk management frameworks that address those risks. Nevertheless, there is scope for NSW Treasury to refine its guidance material to support a better risk culture in the NSW public sector.
Recommendation
By May 2019, NSW Treasury should:
- Review the scope of its risk management guidance, and identify additional guidance, training or activities to improve risk culture across the NSW public sector. This should focus on encouraging agency heads to form a view on the current risk culture in their agencies, identify desirable changes to that risk culture, and take steps to address those changes.
Appendix one - Response from agencies
Appendix three - About the audit
Appendix four - Performance auditing
Parliamentary reference - Report number #298 - released 23 April 2018
Internal Controls and Governance 2017
Agencies need to do more to address risks posed by information technology (IT).
Effective internal controls and governance systems help agencies to operate efficiently and effectively and comply with relevant laws, standards and policies. We assessed how well agencies are implementing these systems, and highlighted opportunities for improvement.
1. Overall trends
|
New and repeat findings |
The number of reported financial and IT control deficiencies has fallen, but many previously reported findings remain unresolved. |
|
High risk findings |
Poor systems implementations contributed to the seven high risk internal control deficiencies that could affect agencies. |
|
Common findings |
Poor IT controls are the most commonly reported deficiency across agencies, followed by governance issues relating to cyber security, capital projects, continuous disclosure, shared services, ethics and risk management maturity. |
2. Information Technology
|
IT security |
Only two-thirds of agencies are complying with their own policies on IT security. Agencies need to tighten user access and password controls. |
|
Cyber security |
Agencies do not have a common view on what constitutes a cyber attack, which limits understanding the extent of the cyber security threat. |
|
Other IT systems |
Agencies can improve their disaster recovery plans and the change control processes they use when updating IT systems. |
3. Asset Management
|
Capital investment |
Agencies report delays delivering against the significant increase in their budgets for capital projects. |
|
Capital projects |
Agencies are underspending their capital budgets and some can improve capital project governance. |
|
Asset disposals |
Eleven per cent of agencies were required to sell their real property through Property NSW but didn’t. And eight per cent of agencies can improve their asset disposal processes. |
4. Governance
|
Governance arrangements |
Sixty-four per cent of agencies’ disclosure policies support communication of key performance information and prompt public reporting of significant issues. |
|
Shared services |
Fifty-nine per cent of agencies use shared services, yet 14 per cent do not have service level agreements in place and 20 per cent can strengthen the performance standards they set. |
5. Ethics and Conduct
|
Ethical framework |
Agencies can reinforce their ethical frameworks by updating code‑of‑conduct policies and publishing a Statement of Business Ethics. |
|
Conflicts of interest |
All agencies we reviewed have a code of conduct, but they can still improve the way they update and manage their codes to reduce the risk of fraud and unethical behaviour. |
6. Risk Management
|
Risk management maturity |
All agencies have implemented risk management frameworks, but with varying levels of maturity. |
|
Risk management elements |
Many agencies can improve risk registers and strengthen their risk culture, particularly in the way that they report risks to their lead agency. |
This report covers the findings and recommendations from our 2016–17 financial audits related to the internal controls and governance of the 39 largest agencies (refer to Appendix three) in the NSW public sector. These agencies represent about 95 per cent of total expenditure for all NSW agencies and were considered to be a large enough group to identify common issues and insights.
The findings in this report should not be used to draw conclusions on the effectiveness of individual agency control environments and governance arrangements. Specific financial reporting, controls and service delivery comments are included in the individual 2017 cluster financial audit reports tabled in Parliament from October to December 2017.
This new report offers strategic insight on the public sector as a whole
In previous years, we have commented on internal control and governance issues in the volumes we published on each ‘cluster’ or agency sector, generally between October and December. To add further value, we then commented more broadly about the issues identified for the public sector as a whole at the start of the following year.
This year, we have created this report dedicated to internal controls and governance. This will help Parliament to understand broad issues affecting the public sector, and help agencies to compare their own performance against that of their peers.
Without strong control measures and governance systems, agencies face increased risks in their financial management and service delivery. If they do not, for example, properly authorise payments or manage conflicts of interest, they are at greater risk of fraud. If they do not have strong information technology (IT) systems, sensitive and trusted information may be at risk of unauthorised access and misuse.
These problems can in turn reduce the efficiency of agency operations, increase their costs and reduce the quality of the services they deliver.
Our audits do not review every control or governance measure every year. We select a range of measures, and report on those that present the most significant risks that agencies should mitigate. This report divides these into the following six areas:
- Overall trends
- Information technology
- Asset management
- Governance
- Ethics and conduct
- Risk management.
Internal controls are processes, policies and procedures that help agencies to:
- operate effectively and efficiently
- produce reliable financial reports
- comply with laws and regulations.
This chapter outlines the overall trends for agency controls and governance issues, including the number of findings, level of risk and the most common deficiencies we found across agencies. The rest of this volume then illustrates this year’s controls and governance findings in more detail.
|
Issues |
Recommendations |
|
1.1 New and repeat findings |
|
|
The number of internal control deficiencies reduced over the past three years, but new higher-risk information technology (IT) control deficiencies were reported in 2016–17. Deficiencies repeated from previous years still make up a sizeable proportion of all internal control deficiencies. |
Recommendation Agencies should focus on emerging IT risks, but also manage new IT risks, reduce existing IT control deficiencies, and address repeat internal control deficiencies on a more timely basis. |
|
1.2 High risk findings |
|
|
We found seven high risk internal control deficiencies, which might significantly affect agencies. |
Recommendation Agencies should rectify high risk internal control deficiencies as a priority |
|
1.3 Common findings |
|
|
The most common internal control deficiencies related to poor or absent IT controls. We found some common governance deficiencies across multiple agencies. |
Recommendation Agencies should coordinate actions and resources to help rectify common IT control and governance deficiencies. |
Information technology (IT) has become increasingly important for government agencies’ financial reporting and to deliver their services efficiently and effectively. Our audits reviewed whether agencies have effective controls in place over their IT systems. We found that IT security remains the source of many control weakness in agencies.
| Issues | Recommendations |
2.1 IT security |
|
|
User access administration While 95 per cent of agencies have policies about user access, about two-thirds were compliant with these policies. Agencies can improve how they grant, change and end user access to their systems. |
Recommendation Agencies should strengthen user access administration to prevent inappropriate access to sensitive systems. Agencies should:
|
|
Privileged access Sixty-eight per cent of agencies do not adequately manage who can access their information systems, and many do not sufficiently monitor or restrict privileged access. |
Recommendation Agencies should tighten privileged user access to protect their information systems and reduce the risks of data misuse and fraud. Agencies should ensure they:
|
|
Password controls Forty-one per cent of agencies did not meet either their own standards or minimum standards for password controls. |
Recommendation Agencies should review and enforce password controls to strengthen security over sensitive systems. As a minimum, password parameters should include:
|
2.2 Cyber Security |
|
|
Cyber security framework Agencies do not have a common view on what constitutes a cyber attack, which limits understanding the extent of the cyber security threat. |
Recommendation The Department of Finance, Services and Innovation should revisit its existing framework to develop a shared cyber security terminology and strengthen the current reporting requirements for cyber incidents. |
|
Cyber security strategies While 82 per cent of agencies have dedicated resources to address cyber security, they can strengthen their strategies, expertise and staff awareness. |
Recommendations The Department of Finance, Services and Innovation should:
Agencies should ensure they adequately resource staff dedicated to cyber security. |
2.3 Other IT systems |
|
|
Change control processes Some agencies need to improve change control processes to avoid unauthorised or inaccurate system changes. |
Recommendation Agencies should consistently perform user acceptance testing before system upgrades and changes. They should also properly approve and document changes to IT systems. |
|
Disaster recovery planning Agencies can do more to adequately assess critical business systems to enforce effective disaster recovery plans. This includes reviewing and testing their plans on a timely basis. |
Recommendation Agencies should complete business impact analyses to strengthen disaster recovery plans, then regularly test and update their plans. |
Agency service delivery relies on developing and renewing infrastructure assets such as schools, hospitals, roads, or public housing. Agencies are currently investing significantly in new assets. Agencies need to manage the scale and volume of current capital projects in order to deliver new infrastructure on time, on budget and realise the intended benefits. We found agencies can improve how they:
- manage their major capital projects
- dispose of existing assets.
| Issues | Recommendations or conclusions |
3.1 Capital investment |
|
|
Capital asset investment ratios Most agencies report high capital investment ratios, but one-third of agencies’ capital investment ratios are less than one. |
Recommendation Agencies with high capital asset investment ratios should ensure their project management and delivery functions have the capacity to deliver their current and forward work programs. |
|
Volume of capital spending Most agencies have significant forward spending commitments for capital projects. However, agencies’ actual capital expenditure has been below budget for the last three years. |
Conclusion The significant increase in capital budget underspends warrant investigation, particularly where this has resulted from slower than expected delivery of projects from previous years. |
3.2 Capital projects |
|
|
Major capital projects Agencies’ major capital projects were underspent by 13 percent against their budgets. |
Conclusion The causes of agency budget underspends warrant investigation to ensure the NSW Government’s infrastructure commitment is delivered on time. |
|
Capital project governance Agencies do not consistently prepare business cases or use project steering committees to oversee major capital projects. |
Conclusion Agencies that have project management processes that include robust business cases and regular updates to their steering committees (or equivalent) are better able to provide those projects with strategic direction and oversight. |
3.3. Asset disposals |
|
|
Asset disposal procedures Agencies need to strengthen their asset disposal procedures. |
Recommendations Agencies should have formal processes for disposing of surplus properties. Agencies should use Property NSW to manage real property sales unless, as in the case for State owned corporations, they have been granted an exemption. |
Governance refers to the high-level frameworks, processes and behaviours that help an organisation to achieve its objectives, comply with legal and other requirements, and meet a high standard of probity, accountability and transparency.
This chapter sets out the governance lighthouse model the Audit Office developed to help agencies reach best practice. It then focuses on two key areas: continuous disclosure and shared services arrangements. The following two chapters look at findings related to ethics and risk management.
| Issues | Recommendations or conclusions |
4.1 Governance arrangements |
|
|
Continuous disclosure Continuous disclosure promotes improved performance and public trust and aides better decision-making. Continuous disclosure is only mandatory for NSW Government Businesses such as State owned corporations. |
Conclusion Some agencies promote transparency and accountability by publishing on their websites a continuous disclosure policy that provides for, and encourages:
|
4.2 Shared services |
|
|
Service level agreements Some agencies do not have service level agreements for their shared service arrangements. Many of the agreements that do exist do not adequately specify controls, performance or reporting requirements. This reduces the effectiveness of shared services arrangements. |
Conclusion Agencies are better able to manage the quality and timeliness of shared service arrangements where they have a service level agreement in place. Ideally, the terms of service should be agreed before services are transferred to the service provider and:
|
|
Shared service performance Some agencies do not set performance standards for their shared service providers or regularly review performance results. |
Conclusion Agencies can achieve better results from shared service arrangements when they regularly monitor the performance of shared service providers using key measures for the benefits realised, costs saved and quality of services received. Before agencies extend or renegotiate a contract, they should comprehensively assess the services received and test the market to maximise value for money. |
All government sector employees must demonstrate the highest levels of ethical conduct, in line with standards set by The Code of Ethics and Conduct for NSW government sector employees.
This chapter looks at how well agencies are managing these requirements, and where they can improve their policies and processes.
We found that agencies mostly have the appropriate codes, frameworks and policies in place. But we have highlighted opportunities to improve the way they manage those systems to reduce the risks of unethical conduct.
| Issues | Recommendations or conclusions |
5.1 Ethical framework |
|
|
Code of conduct All agencies we reviewed have a code of conduct, but they can still improve the way they update and manage their codes to reduce the risk of fraud and unethical behaviour. |
Recommendation Agencies should regularly review their code-of-conduct policies and ensure they keep their codes of conduct up-to-date. |
|
Statement of business ethics Most agencies maintain an ethical framework, but some can enhance their related processes, particularly when dealing with external clients, customers, suppliers and contractors. |
Conclusion Agencies can enhance their ethical frameworks by publishing a Statement of Business Ethics, which communicates their values and culture. |
5.2 Potential conflicts of interest |
|
|
Conflicts of interest All agencies have a conflicts-of-interest policy, but most can improve how they identify, manage and avoid conflicts of interest. |
Recommendation Agencies should improve the way they manage conflicts of interest, particularly by:
|
|
Gifts and benefits While all agencies already have a formal gifts-and-benefits policy, we found gaps in the management of gifts and benefits by some that increase the risk of unethical conduct. |
Recommendation Agencies should improve the way they manage gifts and benefits by promptly updating registers and providing annual training to staff. |
Risk management is an integral part of effective corporate governance. It helps agencies to identify, assess and prioritise the risks they face and in turn minimise, monitor and control the impact of unforeseen events. It also means agencies can respond to opportunities that may emerge and improve their services and activities.
This year we looked at the overall maturity of the risk management frameworks that agencies use, along with two important risk management elements: risk culture and risk registers.
| Issues | Recommendations or conclusions |
6.1 Risk management maturity |
|
|
All agencies have implemented risk management frameworks, but with varying levels of maturity in their application. Agencies’ averaged a score of 3.1 out of five across five critical assessment criteria for risk management. While strategy and governance fared best, the areas that most need to improve are risk culture, and systems and intelligence. |
Conclusion Agencies have introduced risk management frameworks and practices as required by the Treasury’s:
However, more can be done to progress risk management maturity and embed risk management in agency culture. |
6.2 Risk management elements |
|
|
Risk culture Most agencies have started to embed risk management into the culture of their organisation. But only some have successfully done so, and most agencies can improve their risk culture.
|
Conclusion Agencies can improve their risk culture by:
|
|
Risk registers and reporting Some agencies do not report their significant risks to their lead agency, which may impair the way resources are allocated in their cluster. Some agencies do not integrate risk registers at a divisional and whole-of-enterprise level. |
Conclusion Agencies not reporting significant risks at the cluster level increases the likelihood that significant risks are not being mitigated appropriately. |
Effective risk management can improve agency decision-making, protect reputations and lead to significant efficiencies and cost savings. By embedding risk management directly into their operations, agencies can also derive extra value for their activities and services.
Transport 2017
The following report focuses on key observations and findings from the most recent financial statement audits of agencies in the Transport cluster.
Unqualified audit opinions were issued for all agencies' financial statements. However, the report notes the agencies can improve their asset revaluation processes.
Report on Education 2017
The Auditor-General, Margaret Crawford released her report on the results of the financial audits of agencies in the Education cluster. The report focuses on key observations and findings from the most recent audits of these agencies.
'I am pleased to report that unqualified audit opinions were issued on the financial statements for all agencies in the Education cluster', the Auditor-General said. 'The quality and timeliness of financial reporting remains strong'.
Managing demand for ambulance services 2017
NSW Ambulance has introduced several initiatives over the past decade to better manage the number of unnecessary ambulance responses and transports to hospital emergency departments. However, there is no overall strategy to guide the development of these initiatives nor do NSW Ambulance's data systems properly monitor their impact. As a result, the Audit Office was unable to assess whether NSW Ambulance's approach to managing demand is improving the efficiency of ambulance services.
NSW Ambulance uses a telephone referral system to manage triple zero calls from people with medical issues that do not require an ambulance. This has the potential to achieve efficiency improvements but there are weaknesses in NSW Ambulance's use and monitoring of this system. Paramedics are now able to make decisions about whether patients need transport to a hospital emergency department. NSW Ambulance does not routinely measure or monitor the decisions paramedics make, so it does not know whether these decisions are improving efficiency. Extended Care Paramedics who have additional skills in diagnosing and treating patients with less urgent medical issues were introduced in 2007. NSW Ambulance analysis indicates that these paramedics have the potential to improve efficiency, but have not been used as effectively as possible.
Our 2013 audit of NSW Ambulance found that accurate monitoring of activity and performance was not being conducted. More than four years later, this remains the case.
NSW Ambulance has recognised the need to change the way it manages demand and has developed initiatives that have the potential to improve efficiency. However, there are significant weaknesses in the strategy for and implementation of its demand management initiatives.
NSW Ambulance has identified the goal of moving from an emergency transport provider to a mobile health service and developed several initiatives to support this. Its demand management initiatives have the potential to contribute to the broader policy directions for the health system in New South Wales. However, there is no clear overall strategy guiding these initiatives and their implementation has been poor.
NSW Ambulance's reasons for changing its approach to demand management have not been communicated proactively to the community. Demand management initiatives that have been operating for over a decade still do not have clear performance measures or targets. Project management of new initiatives has been inadequate, with insufficient organisational resources to oversee them and inadequate engagement with other healthcare providers.
NSW Ambulance uses an in-house Vocational Education and Training course to recruit some paramedics, as well as recruiting paramedics who have completed a university degree. No other Australian ambulance services continue to provide their own Vocational Education and Training qualifications. Paramedics will need more support in several key areas to be able to fulfil their expanded roles in providing a mobile health service. Performance and development systems for paramedics are not used effectively. Up to date technology would help paramedics make better decisions and improve NSW Ambulance's ability to monitor demand management activity.
There are gaps in NSW Ambulance's oversight of the risks of some of the initiatives it has introduced, particularly its lack of information on the outcomes for patients who are not transported to hospital. Weaknesses in the way NSW Ambulance uses its data limit its ability to properly assess the risks of the demand management initiatives it has introduced.
Parliamentary reference - Report number #295 - released 13 December 2017
Health 2017
The following report highlights results of the financial audits of entities in the NSW health cluster. The report focuses on key observations and findings from the most recent audits of these entities.
The report also includes a range of findings on service delivery. Overall, NSW Health is achieving most of their targets. Some local health districts are continuing to experience increased demand for their services and are finding it more difficult to meet their targets. For example, three local health districts had not achieved some emergency department response time targets for three consecutive years.
1. Financial reporting and controls
| Financial Reporting |
All health cluster entities received unqualified audit opinions and the quality of financial reporting remains high across the cluster. Early close procedures were largely completed and all financial statements were submitted by the deadlines. |
| Financial performance |
Overall, NSW Health recorded an operating surplus of $407 million in 2016–17. Eleven local health districts/specialty networks recorded operating deficits in 2016–17, four more than 2015–16. Expenses across NSW Health increased by 4.4 per cent in 2016–17 (6.0 per cent in 2015–16), lower than the expected long term annual expense growth rate. |
| Excess annual leave | Managing excess annual leave is a continual challenge for NSW Health, with thirty–five per cent of the workforce having excess balances. |
| Overtime payments | NSW Health entities are generally managing overtime well; however NSW Ambulance’s overtime payments, $74.6 million in 2016–17, remain significantly higher than other health entities. |
| Time and leave recording practices | Unapproved employee timesheets continue to be a problem for health entities. Weak timesheet approval controls increase the risk of staff claiming and being paid for hours they have not worked. There is also an increased risk of high volumes of roster adjustments, manual pays, salary overpayments and leave not being recorded accurately. |
2. Service Delivery
| Service Agreements | Most of the service agreements between the Secretary of NSW Health and health entities were signed earlier than prior years. |
| Performance monitoring | Five NSW Health entities are not meeting the Ministry of Health’s performance expectations at 30 June 2017. |
| Emergency department performance | Data provided by the Ministry indicates NSW Health, on average, met emergency department triage response time targets across all triage categories for the fourth consecutive year. |
| Ambulance response times | Data provided by the Ministry shows NSW Ambulance response times for imminently life‑threatening incidents of 7.5 minutes in 2016–17 was within the Ministry’s target of 10.0 minutes. Data provided by the Ministry indicates NSW Ambulance response times for potentially life‑threatening incidents did not improve in 2016–17. The median response time of 11.1 minutes in 2016–17 was similar to 2015–16 (11.0 minutes). This is despite the number of Priority 1 responses reducing by 4.3 per cent. |
| Unplanned hospital re-admissions | Data provided by the Ministry shows eight local health districts achieved the Ministry of Health’s unplanned hospital re‑admissions target in 2016–17. The target is for local health districts to reduce re‑admission rates from the previous financial year. |
This report sets out the results of the 30 June 2017 financial statement audits of Health cluster entities.
The report has been structured into two chapters focusing on:
- Financial reporting and controls
- Service delivery.
This chapter outlines audit observations, conclusions and recommendations related to financial reporting and internal controls of entities for 2016-17.
| Observation | Conclusion or recommendation |
|
2.1 Quality of financial reporting |
|
| All cluster entities received unqualified audit opinions and misstatements identified in financial statements fell. | The quality of financial reporting remains high across the cluster. |
|
2.2 Timeliness of financial reporting |
|
| Early close procedures were largely completed and all financial statements were submitted by the deadlines. | Health entities controlled by the Ministry of Health continued submitting their financial statements well ahead of the statutory deadlines. |
|
2.4 Financial and sustainability analysis |
|
|
NSW Health recorded an operating surplus of $407 million in 2016–17.
|
The statewide operating surplus was $84 million higher than 2015–16. Net surpluses contribute to NSW Health’s ability to invest in new facilities, upgrades and redevelopments. The 2016–17 financial results were once again impacted by the NSW Government initiative to improve cash management across the sector. |
| 2.5 Performance against budget | |
| Ten local health districts/specialty networks’ expense budget variance was outside performance expectations agreed with the Ministry at the beginning of 2016–17. | The Ministry continues to manage performance across NSW Health to improve the accuracy of budgeting practices. |
| 2.7 Human Resources | |
|
Thirty-five per cent of NSW Health’s workforce have excess annual leave balances.
NSW Ambulance had the highest average sick leave rate in NSW Health of 85.2 hours per FTE in 2016–17 (78.7 hours in 2015–16). This was higher than the statewide average of 62.1 hours (62.0 hours in 2015–16).
Unapproved employee timesheets continue to be a problem for health entities. Weak timesheet approval controls increase the risk of staff claiming and being paid for hours they have not worked.
|
Managing excess annual leave is a continual challenge for health entities.
Recommendation: NSW Ambulance should further review the effectiveness of its rostering practices to identify strategies to reduce excessive overtime payments. Recommendation: Health entities should conduct a risk‑based review of time and leave recording practices to ensure control weaknesses are identified and fixed. |
This chapter outlines our audit observations, conclusions and recommendations relating to service delivery for 2016–17.
| Observation | Conclusion or recommendation |
| 3.1 Service agreements in NSW Health | |
|
Most of the service agreements between the Secretary of NSW Health and health entities were signed earlier than prior years. Thirteen local health districts/specialty networks signed their service agreements by the 31 July 2017 due date. This is a significant improvement with only seven local health districts/specialty networks meeting the date in 2015–16. |
Having service agreements signed as close as possible to the start of each year provides the Ministry and NSW Health entities with clarity around roles, responsibilities, performance measures, budgets, and service volumes and levels. |
| 3.2 Performance of NSW Health entities | |
| Five NSW Health entities were not meeting the Ministry’s performance expectations at 30 June 2017. | The Ministry is managing the five entities in accordance with its performance review process. |
| 3.4 Emergency department response times | |
|
Data provided by the Ministry indicates NSW Health again, on average, met emergency department triage response time targets across all triage categories for the fourth consecutive year. The Ministry manages performance across NSW Health to ensure patients presenting at emergency departments receive care in a clinically appropriate timeframe. |
Based on the Ministry’s data, local health districts/specialty networks are, on average, meeting triage targets despite increasing emergency department attendances. The data shows eleven local health districts met all triage targets in 2016–17, compared to eight in |
| 3.5 Emergency treatment performance | |
|
The Ministry manages public patient access to emergency services in public hospitals. It has an emergency treatment performance target of 81 per cent of patients leaving emergency departments within four hours. |
Data provided by the Ministry indicates NSW Health maintained its overall emergency treatment performance in 2016–17, but did not achieve its target. The State average emergency treatment performance was 74.2 per cent (74.2 per cent in 2015–16). Based on the Ministry’s data, only four local health districts achieved the target in 2016–17, five in |
| 3.6 Ambulance response times | |
| NSW Ambulance has a response time target of 10.0 minutes for imminently life‑threatening incidents in New South Wales. | Data provided by the Ministry indicates NSW Ambulance response times for imminently life-threatening incidents of 7.5 minutes in 2016–17 was within the Ministry’s target. |
| 3.7 Transfer of care | |
| The Ministry has a target of 90 per cent for the number of ambulance arrivals within a 30 minute ‘transfer of care’ timeframe. | Data provided by the Ministry indicates the rate of ambulance arrivals within a 30 minute 'transfer of care' timeframe improved from 87.6 per cent in 2015–16 to 91.7 per cent in 2016–17, exceeding the Ministry’s target. |
| 3.8 Average length of stay in hospital | |
| Based on the Ministry’s 2016–17 data, the average length of stay for acute episodes was 3.0 days. The average length of stay in New South Wales hospitals is lower than the national average of 3.2 days (in 2015–16). | The Ministry’s data shows the average length of stay by patients for acute episodes has remained stable in New South Wales hospitals for four years. |
| 3.9 Elective surgery access performance | |
| Data provided by the Ministry indicates NSW Health continues to manage waiting times for elective surgery in public hospitals. | The Ministry’s data shows NSW Health improved on‑time admission of patients for elective surgery in 2016–17 despite a 1.8 per cent increase in admissions. While the result improved, only one of the three targets for elective surgery waiting times was met in 2016–17. |
| 3.10 Unplanned hospital re-admissions | |
|
Data provided by the Ministry indicates NSW Health, on average, did not reduce the rate of unplanned hospital re‑admissions in 2016–17. The Ministry has a target of reducing unplanned hospital re‑admissions compared to the previous financial year. Low re‑admission rates may indicate good patient management practices and post-discharge care. |
The Ministry’s data shows eight local health district met the target to reduce the rate of re‑admissions compared to the previous financial year. The statewide average rate increased from 6.3 per cent to 6.4 per cent. |
| 3.11 Post discharge care for acute mental health patients | |
| NSW Health has a goal to increase community-based care to acute mental health patients after they are discharged. Continuity of care in the community can lead to reduced symptom severity, lower re‑admission rates, and improved quality of life. | The Ministry’s 2016–17 data shows the statewide average for post discharge follow-up of acute mental health patients within seven days was 70.0 per cent (66.0 per cent in 2015–16). The statewide average improved and met the NSW Health target of 70 per cent. Nine local health districts exceeded the NSW Health target. |
| 3.12 Mental health acute re-admissions | |
| NSW Health has a goal to reduce acute public sector mental health re-admissions. High re‑admission rates may indicate deficiencies in inpatient treatment and follow up care. | The Ministry’s data shows twelve local health districts did not achieve the NSW Health target of 13 per cent mental health acute re‑admissions in 2016–17. |
| 3.13 Unplanned and emergency re‑presentations | |
|
NSW Health aims to reduce the number of unplanned and emergency re‑presentations to emergency departments. The Ministry’s 2016–17 data shows the State average of emergency department re‑presentations decreased marginally from 5.0 per cent in 2015–16 to 4.9 per cent. |
Patients attending rural emergency departments are more likely to re‑present within 48 hours of being discharged than those in regional or metropolitan emergency departments. |
| 3.14 Healthcare associated infection | |
| The national target for the rate of Staphylococcus aureus (golden staph) bloodstream infection is two cases per 10,000 bed days. | Data provided by the Ministry indicates the rate of golden staph bloodstream infection in New South Wales hospitals continues to be well below the target and national benchmark at 0.72 cases per 10,000 bed days in 2016–17 (0.75 in 2015–16). |
| 3.15 Patient experience and satisfaction | |
|
The Bureau of Health Information analyses and reports on the results of patient surveys. The Bureau’s survey shows 65 per cent of adult admitted patients rated the care they received in hospital as ‘very good’ and 29 per cent rated it as ‘good’. |
NSW Health recognises that patient surveys are an important feedback mechanism on the health care system that can only come from personal experiences. |
Agency compliance with NSW Government travel policies
Overall, agencies materially complied with NSW Government travel policies.
However, the Auditor-General found some agencies:
- did not always book official travel through the approved supplier
- had weaknesses in their travel approval processes
- had travel policies that were inconsistent with the NSW Government policy
- did not adequately manage their travel records.
We asked the 15 participating agencies to complete a self assessment of the processes they have implemented to comply with the new policy. The key observations are summarised below.
Sharing school and community facilities
Schools and the community would benefit if school facilities were shared more often.
The Department of Education’s ‘Community Use of School Facilities Policy’ encourages but does not require schools to share facilities. Sharing depends heavily on the willingness of school principals and there are few incentives. There are many challenges in developing agreements with community users and there is only limited support available from the Department.
There are strategies and plans to support the sharing of facilities between schools and the wider community, but none are backed up with budgets, specific plans or timeframes.
Governments should strive for the best use of assets. This is particularly important in the context of a growing New South Wales population, fiscal constraints and increasing demand for services.
Lack of available land, rising land costs and population growth highlighted in our April 2017 'Planning for school infrastructure' performance audit report mean that new and existing schools will need to share their facilities with communities more than is currently the case.
This audit assessed how effectively schools share facilities with each other, local councils and community groups. In making this assessment, the audit examined whether the Department of Education (Department):
- has a clear policy to encourage and support facilities sharing
- is implementing evidence-based strategies and procedures for facilities sharing
- can show it is realising an increasing proportion of sharing opportunities.
Facilities sharing is the use of a physical asset, such as a building, rooms, or open spaces, by more than one group for a range of activities at the same time or at different times. For the purposes of this audit, we have divided sharing arrangements into two types: shared use and joint use.
Shared use refers to arrangements where existing school assets are hired out for non-school purposes, usually for a limited time. The assets remain under the control of the school. Generally, there is little alteration or enhancement to the asset required to enable shared use. Shared use can also refer to schools using external facilities, such as council pools, but these arrangements are not included within the scope of this audit.
Joint use refers to arrangements where new or upgraded school and non-school facilities or community hubs are planned, funded, built and jointly shared between a school and other parties, usually involving significant investment.
Both shared use and joint use agreements are governed by contractual obligations.
The sharing of school facilities with the community is not fully effective. The Department of Education is implementing strategies to increase shared and joint use but several barriers, some outside the Department’s direct control, must be addressed to fully realise benefits to students and the community of sharing school facilities. In addition, the Department needs to do more to encourage individual schools to share facilities with the community.
A collaborative, multi-agency approach is needed to overcome barriers to the joint use of facilities, otherwise, the Department may need significantly more funds than planned to deliver sufficient fit-for-purpose school facilities where and when needed.
Since the early 2000’s, several reviews in NSW and other jurisdictions have commented on the benefits of and need to increase the sharing of school facilities.
Several NSW Government strategies and plans support shared and joint use of facilities between schools and the wider community, but none are backed up with financial incentives, or specific plans with implementation timeframes. In Victoria and Queensland whole-of-government processes are in place to support a more coordinated approach to planning, building and sharing community facilities. For example, Victoria has a comprehensive policy framework encompassing both existing and future use of community facilities and a $50 million program to seed the development of community facilities on school sites over the next four years.
There are examples of successful shared use, but more can be done. Information about the available facilities is not readily available to potential community users. Schools should work more closely with councils and other stakeholders to leverage shared use.
Currently, the administrative burden, costs and risks associated with shared use can exceed the perceived benefits to schools, leading to reluctance amongst some Principals to share. In addition, a substantial backlog of school-initiated infrastructure proposals awaiting Departmental approval means that schools that raise money from sharing their facilities find it difficult to use the funds they raise on improved infrastructure. Some of these proposals have been waiting for approval for more than 12 months.
The Department could do more to support Principals by ensuring the fees charged for facilities cover the costs incurred by schools, that Principals can access help with negotiating and managing contracts, and that infrastructure proposals initiated and funded by schools are approved in a timely manner.
The Department is not monitoring shared use across the State, and does not evaluate different approaches as evidence to influence policies and procedures.
Recommendations
By December, 2018, the Department should:
- increase incentives and reduce impediments for school Principals to share school facilities, including:
- review the methodology for calculating fees charged for facilities to ensure that shared use of school facilities does not result in a financial burden to schools or the Department
- improve support provided to Principals by School Infrastructure NSW, including reducing the backlog of school-initiated infrastructure proposals awaiting approval
- develop service standards, including timeframes, for assessing and approving school-initiated infrastructure proposals.
- provide readily-accessible information about available school facilities to community groups and local councils
- implement processes to monitor and regularly evaluate the implementation of the shared use policy and promote better practice to drive improvements.
As discussed in our 2017 audit report on ‘Planning for school infrastructure’, joint use agreements are a key direction of the School Assets Strategic Plan. Joint use of school facilities will be necessary to ensure that there will be enough fit-for-purpose learning spaces for students when and where needed. Under the ‘Community Use of School Facilities Policy’ Principals play the leading role in identifying opportunities, and developing and managing agreements for sharing school facilities. This is impractical for joint use projects which involve substantial investment in new or refurbished assets, in particular for joint use projects in schools that are yet to be built. In addition, the policy does not address joint-use facilities built on land not owned by the Department. For these reasons, the Department is developing a new policy.
The Department is planning to develop joint use agreements in a more systematic way as part of school community planning, previously known as cluster planning, with a special focus on local councils. Several agreements are currently being piloted, and will be evaluated to provide an evidence-based foundation for this new approach.
To develop or refurbish school facilities for joint use, the Department, councils and other key stakeholders must work together and prioritise joint use from the earliest stages of any project. A collaborative, multi-agency approach is needed to ensure sufficient fit-for-purpose facilities are available for school students within the funding framework proposed in the School Assets Strategic Plan.
To increase shared and joint use, the Department is recruiting specialist staff in its Asset Division to assist with the brokerage, community engagement and development of agreements, but these staff are not dedicated to joint use projects and their available time may not be sufficient to provide the necessary support in the timeframes required.
Recommendations
By December, 2018, the Department of Education should:
- ensure that the implementation of the new ‘Joint Use of School Facilities and Land Policy’ is adequately resourced, and has the support of Principals
- implement processes to monitor and regularly evaluate the implementation of joint use policy and promote better practice to drive improvements.
Appendix one - Response from agency
Appendix two - About the audit
Appendix three - Victoria's 30-Year Infrastructure Strategy
Appendix four - Not-for-profit hire changes
Appendix five - Performance Auditing
Parliamentary reference - Report number #293 - released 1 November 2017
