Breadcrumb

Home
Our work
Reports

Refine search

Audit progress

- Any -

Select All
(-) Published (2)

Sector

- Any -

Select All
Transport (1)
(-) Whole of Government (2)

Year

- Any -

Select All
2023 (4)
2022 (1)
(-) 2021 (2)
2020 (3)
2019 (1)
2017 (3)
2016 (3)
2010 (2)
2008 (3)
2007 (3)
2006 (3)
2005 (4)
2004 (2)
2003 (2)
2002 (1)
2001 (4)
2000 (1)
1999 (1)
1998 (2)
1997 (1)

Report type

- Any -

Select All
(-) Performance audit (2)

Topic

- Any -

Select All
Compliance (3)
(-) Cyber security (2)
Fraud (1)
Information technology (2)
Infrastructure (2)
Internal controls and governance (3)
Management and administration (8)
Procurement (1)
Project management (5)
Risk (2)
Service delivery (5)
Workforce and capability (1)

Reports

28 October 2021

Published

image of a padlock in front of an illustrated blue blackground with futuristic and abstract images of files and data scattered around it

Actions for Compliance with the NSW Cyber Security Policy

Facebook
Twitter
LinkedIn
Email

Feedback on published audit

Audit

Compliance with the NSW Cyber Security Policy

Name (optional)

Email address (optional)

Message

Send me a copy

CAPTCHA

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

When you provide us your personal information by email or through this website:

We will record your email address and other information submitted
We will use the information for the purpose for which you provide it
Your email address will not be added to a mailing list, unless provided by you specifically for that purpose.

Please refer to our privacy management plan for more information.

Download PDF

Compliance with the NSW Cyber Security Policy

Whole of Government

Compliance

Cyber security

Information technology

This audit assessed nine agencies’ compliance with the NSW Cyber Security Policy (CSP) including whether, during the year to 30 June 2020, the participating agencies: met their reporting obligations under the CSP reported accurate self-assessments of their level of maturity implementing the CSP’s requirements including the Australian Cyber Security Centre’s (ACSC) Essential 8. What we found Key elements to strengthen cyber se

13 July 2021

Published

person with building hard hat and data symbols around them

Actions for Managing cyber risks

Facebook
Twitter
LinkedIn
Email

Feedback on published audit

Audit

Managing cyber risks

Name (optional)

Email address (optional)

Message

Send me a copy

CAPTCHA

This question is for testing whether or not you are a human visitor and to prevent automated spam submissions.

When you provide us your personal information by email or through this website:

We will record your email address and other information submitted
We will use the information for the purpose for which you provide it
Your email address will not be added to a mailing list, unless provided by you specifically for that purpose.

Please refer to our privacy management plan for more information.

Download PDF

Managing cyber risks

Whole of Government

Transport

Cyber security

Information technology

Internal controls and governance

Procurement

Risk

This audit assessed how effectively Transport for NSW (TfNSW) and Sydney Trains identify and manage their cyber security risks. The NSW Cyber Security Policy (CSP) sets out 25 mandatory requirements for agencies, including implementing the Australian Cyber Security Centre’s Essential 8 strategies to mitigate cyber security incidents, and identifying the agency’s most vital systems, their ‘crown jewels’. The audited agencies h