What this report is about

Workers compensation schemes in NSW provide compulsory workplace injury insurance. The effective management of workers compensation is important to ensure injured workers are provided with prompt support to ensure timely, safe and sustainable return to work.

Insurance and Care NSW (icare) manages workers compensation insurance. The State Insurance Regulatory Authority (SIRA) regulates workers compensation schemes. NSW Treasury has a stewardship role but does not directly manage the schemes.

This audit assessed the effectiveness and economy of icare’s management of workers compensation claims, and the effectiveness of SIRA’s oversight of workers compensation claims.

Findings

icare is implementing major reforms to its approach to workers compensation claims management - but it is yet to demonstrate if these changes are the most effective or economical way to improve outcomes.

icare’s planning and assurance processes for its reforms have not adequately assessed existing claims models or analysed other reform options.

icare's activities have not focused enough on its core responsibilities of improving return to work and maintaining financial sustainability.

SIRA has improved the effectiveness of its workers compensation regulatory activities in recent years. Prior to 2019, SIRA was mostly focussed on developing regulatory frameworks and was less active in its supervision of workers compensation schemes.

NSW Treasury's role in relation to workers compensation has been unclear, which has limited its support for performance improvements.

Recommendations

icare should:

• Ensure that its annual Statement of Business Intent clearly sets out its approach to achieving its legislative objectives.
• Monitor and evaluate its workers compensation scheme reforms.
• Develop a quality assurance program to ensure insurance claim payments are accurate.

NSW Treasury should:

• Work with relevant agencies to improve public sector workers compensation scheme outcomes.
• Engage with the icare Board to ensure icare's management is in line with relevant NSW Treasury policies.

SIRA should:

• Address identified gaps in its fraud investigation.
• Develop a co-ordinated research strategy.

Read the PDF report

Parliamentary reference - Report number #393 - released 2 April 2024

What this report is about

NSW local councils provide a wide range of essential services and infrastructure to their communities and are increasingly reliant on digital technologies.

Councils need to manage cyber security risks to ensure their information, data and systems are appropriately safeguarded. Councils also need to be prepared to detect, respond and recover when a cyber security incident occurs.

The audit assessed how effectively three selected councils identified and managed cyber security risks.

The audit also included the Department of Planning, Housing and Infrastructure (Office of Local Government) and Department of Customer Service (Cyber Security NSW), due to their roles in providing guidance and support to local councils.

Audit findings

The audit found that the selected councils are not effectively identifying and managing cyber security risks. Each of the councils undertook activities to improve their cyber security during the audit period, but this audit found significant gaps in their cyber security risk management and cyber security processes.

Such gaps result in unmitigated risks to the security of information and assets which, if compromised, could impact their local communities, service delivery and public infrastructure.

Cyber Security NSW and the Office of Local Government recommend that councils adopt requirements in the Cyber Security Guidelines for Local Government, but could do more to monitor whether the Guidelines are enabling better cyber security risk management in the sector.

Audit recommendations

In summary, the councils should:

• integrate assessment and monitoring of cyber security risks into corporate governance processes
• self-assess their performance against Cyber Security NSW's guidelines for local government
• develop and implement a risk-based cyber security improvement plan and program of activities
• develop, implement and test a cyber incident response plan.

Cyber Security NSW and the Office of Local Government should regularly consult on cyber security risks facing local government, and review the effectiveness of guidelines and related resources for the sector.

While this report focuses on the performance of the selected councils, the findings and recommendations should be considered by all councils to better understand their risks and challenges relevant to managing cyber security risks.

Local councils in New South Wales (NSW) provide a wide range of essential services and infrastructure to their communities and are increasingly reliant on digital technologies for this.

Councils use various information systems and software to manage significant amounts of information and data relevant to their corporate functions, infrastructure and service delivery. This may include sensitive information about residents, customers and staff.

Audit Office of New South Wales reports to Parliament have highlighted gaps in councils' cyber security risk management approaches since 2020. The Local Government 2023 report, tabled in March 2024, found that 50 councils were yet to implement cyber security governance frameworks and related internal controls.

The threat from cyber security incidents continues to rise. Such incidents can harm local government service delivery and may include the theft of information, denial of access to critical technology, or even the hijacking of systems for profit or malicious intent.

It is important that councils are effectively identifying and managing cyber security risks to:

• protect their information, data and systems
• be prepared to detect, respond to and recover from cyber security incidents 
• ensure confidence in the services they are providing for their communities.

This report outlines important findings and recommendations from a performance audit of three councils: City of Parramatta Council, Singleton Council and Warrumbungle Shire Council. This audit report has deidentified findings for each council, but the specific findings have been directly shared with each council to enable them to remediate and improve cyber safeguards. The findings and recommendations in this report are likely to be relevant to most local councils in NSW and councils are encouraged to ensure they have sufficient cyber safeguards.

This audit assessed how effectively the selected councils identified and managed cyber security risks. The audit considered whether the councils:

• effectively identify and plan for cyber security risks
• have controls in place to effectively manage identified cyber security risks
• have processes in place to detect, respond to, and recover from cyber security incidents.

This audit also included the Department of Customer Service and the Office of Local Government (OLG) within the Department of Planning and Environment (DPE) due to their roles in providing guidance and support to local government.¹

Cyber Security NSW, part of the Department of Customer Service, supports local councils to improve their cyber resilience through a range of services and guidance, including the Cyber Security Guidelines – Local Government issued in December 2022.

The OLG is responsible for strengthening the sustainability, performance, integrity, transparency and accountability of the local government sector.

¹ The OLG was part of DPE up to 1 January 2024, when DPE was abolished and the OLG became part of the Department of Planning, Housing and Infrastructure (DPHI).

Local councils in New South Wales (NSW) provide a wide range of essential services and infrastructure to their communities. In doing so, councils use a range of information technology (IT) systems, assets, and digital services.

This audit follows several audit reports by the Audit Office of New South Wales that have considered how effectively NSW Government entities, including local councils have managed cyber security risks (see Appendix three).

The Audit Office of New South Wales has reported on how councils have managed cyber security risks since 2020. In the Local Government 2023 report, tabled in March 2024, gaps in cyber security frameworks and related internal controls were reported in 50 councils.

This chapter includes a summary of thematic key findings for the selected councils.

Cyber Security NSW is responsible for supporting local councils to improve their cyber resilience through a range of services and guidance and published its Local Government Engagement Plan in 2023 (discussed below).

The Office of Local Government (OLG) is responsible for strengthening the sustainability, performance, integrity, transparency and accountability of the local government sector. It does this through a range of activities including monitoring sector-wide and council-specific risks, issuing guidance, engaging with councils to build capacity and supporting the Minister for Local Government’s discretionary intervention powers.

Appendix one - Response from entities Cyber security in LG

Appendix two - Glossary-  Cyber security in local government

Appendix three – Overview of Audit Office of New South Wales reports that consider cyber security - Cyber security in local government

Appendix four – Cyber Security Guidelines – Local Government foundational requirements- Cyber security in local government

Appendix five – About the audit- Cyber security in local government

Appendix six – Performance auditing -Cyber security in local government

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Parliamentary reference - Report number #392- released 26 March 2024

What this report is about

WestInvest is a $5 billion funding program announced in September 2021 to provide ‘local infrastructure to help communities hit hard by COVID-19’ in 15 local government areas (LGAs) selected by the government. It was divided into three parts: $3 billion for NSW government agency projects; $1.6 billion for competitive grants to councils and community groups; and $400 million for non-competitive grants to councils.

Following the change of government at the 2023 election, the program was renamed the Western Sydney Infrastructure Grants Program. Funding decisions made for the community and local government grants were retained, but multiple funding decisions for the NSW government projects were changed.

The audit objective was to assess the integrity of the design and implementation of the program and the award of program funding.

Findings

The design of the program lacked integrity because it was not informed by robust research or analysis to justify the commitment of public money to a program of this scale.

The then government did not have sufficient regard to the implications for the state's credit rating. A risk to the credit rating arose because the government may have been perceived to be using proceeds from major asset sales to fund new expenditure, rather than pay down its debt.

Decisions about program design were made by the then Treasurer's office without consultation with affected communities. The rationale for these decisions was not documented or made public.

For the NSW government projects, funding allocations did not follow advice from departments. Many funded projects did not meet the objectives of the program.

The two other rounds of the program were administered effectively, except for some gaps in documentation and quality assurance. The program guidelines did not require an equitable or needs-based distribution of funding across LGAs and there was a significant imbalance in funding between the 15 LGAs.

Recommendations

Our recommendations for the administration of future funding programs included:

• considering whether competitive grants are the best way to achieve the program's purpose
• completing program design and guidelines before announcements
• ensuring adequate quality assurance.

We also recommended that when providing advice for submissions by Ministers to Cabinet, agencies should ensure that departmental advice is clearly identified and is distinct from other advice or political considerations. 

WestInvest is a $5 billion funding program that was announced in September 2021. The program was established with the stated aim of building ‘new and improved facilities and local infrastructure to help communities hit hard by COVID-19’.

WestInvest was divided into three funding streams:

• $3 billion NSW government projects round open to NSW government agencies
• $1.6 billion community projects competitive round administered as a competitive grant program that was open to local councils, non-government organisations, Local Aboriginal Land Councils, and educational institutions in the 15 eligible LGAs
• $400 million local government projects round administered as a non-competitive grant round only open to the 15 eligible councils, with each council receiving a pre-determined share of the $400 million.

The WestInvest program was administered by NSW Treasury and the Premier's Department (previously the Department of Premier and Cabinet). Decisions about funding allocations were made by the former Treasurer in his role as the statutory decision-maker and announced by the former government in the lead up to the March 2023 NSW State election, but no funding was paid prior to the election.

Following the change of government, the funding decisions for the community projects competitive round and local government projects round were confirmed and negotiation of funding deeds commenced. The current government reviewed the decisions for the NSW government projects round and made changes to multiple decisions as part of the 2023–24 NSW Budget process. The current government has also changed the name of the program to the Western Sydney Infrastructure Grants Program.

The objective of the audit was to assess the integrity of the design and administration of the WestInvest program. This included assessing the processes used in the design and implementation of the program and award of funding.

The audit did not re-assess the merits of individual projects that were submitted for funding consideration and did not examine the implementation of projects that were allocated funding.

Decisions about the objectives and focus areas for the program were made without advice or analysis from the agencies that administered the program

The WestInvest program involved the commitment of $5 billion as a stimulus measure linked to economic recovery from the COVID-19 pandemic. However, there was no business case or other economic analysis conducted to support consideration of the potential benefits and costs of the program. Media releases and the public guidelines for WestInvest stated that western Sydney was affected by the COVID-19 pandemic more severely than other parts of Sydney and regional NSW. These assertions were not supported by evidence or analysis.

Evidence from NSW Treasury provided for this audit indicates that it was asked to prepare the initial proposal for the WestInvest program within a very short timeframe. This limited its ability to conduct research, analysis and consultation that could have informed the development of the program. This is particularly important for the integrity of decisions involving large-scale spending. Staff from NSW Treasury and the Premier's Department advised the audit team that the areas of focus for WestInvest were decided by Ministers and their staff without advice from the audited agencies. There is no documented analysis justifying the decision to focus the program on community infrastructure, or the six ‘areas of focus’ that were selected. The Premier's Department commissioned research from Western Sydney University after the areas of focus for the program had been decided. This did not inform decisions about the program focus but aimed to provide baseline information about community infrastructure in the 15 eligible LGAs which could be used in program evaluation.

The rationale for making 15 LGAs eligible for the program was not clear

It is not clear how the government decided which LGAs would be eligible for WestInvest funding. Public communication about the program referred to the western Sydney region and commented on areas that had been ‘hit hard’ by the COVID-19 pandemic. The specific factors that were used to decide which LGAs were eligible were not explained publicly or documented.

In the 2019–20 NSW Budget papers, "western Sydney" was defined as 12 LGAs. All of these were included as eligible for the WestInvest program. The additional three LGAs that were made eligible for the WestInvest program (Burwood, Canterbury-Bankstown, and Strathfield) were not within the NSW Budget papers definition but were designated "areas of concern" during the COVID-19 pandemic, which meant they were subject to more restrictions than other LGAs at certain points.

Georges River and Bayside LGAs both made public statements that drew attention to the fact that they were not made eligible for the WestInvest program despite being designated areas of concern. Several of the 15 LGAs that were made eligible for WestInvest had not been designated areas of concern during the pandemic, including Penrith, The Hills, and Blue Mountains. 

There was no consultation with eligible councils or other key stakeholders before the program design was decide

The program design had not been subject to consultation with councils or other relevant organisations in western Sydney. This meant that the views of eligible councils and community organisations on strategic priorities in their respective communities were not considered before decisions on program design were made.

Staff from some councils interviewed by the audit team indicated that while funding for community infrastructure is welcome, some councils had other priority areas for infrastructure development that were at least as high as new community infrastructure. As independent entities, each council has its own strategic planning processes to identify and plan for infrastructure projects and other areas of need. These were not considered in the design of the WestInvest program.

Staff at several councils we spoke to highlighted delivery risks to the projects for which they had been allocated funding. These included:

• the short timetable set by the then government (considering the amount of funding available and the requirements for applications) meant that full project development and assurance processes were not completed for most applications when they were submitted
• difficulty complying with the government’s administrative and assurance requirements for funding recipients, such as detailed planning and reporting.

When early planning for WestInvest was being done, both NSW Treasury and the Premier's Department identified the risk that applicants may not be able to deliver funded projects on time or within budget. The absence of consultation, research and analysis before the program design was finalised meant that these factors were not considered before the government had committed to the program. We did not see evidence that the then government had considered the cumulative impact of an additional $5 billion in infrastructure projects on the costs of materials and skilled labour concentrated in the eligible LGAs.

The Premier's Department conducted an online survey (WestInvest 'Have Your Say'), between 23 February 2022 and 31 March 2022. This was open to the public and asked questions about which of the six ‘areas of focus’ were most important to them and what type of community infrastructure projects they would like to see. This found higher levels of community support for two of the six areas (community infrastructure and green and open space).

On 18 April 2022, the Premier's Department released a summary report on the findings of the WestInvest ‘Have Your Say’ Survey. The Premier's Department noted that the survey was for consultation purposes only and did not form part of the application process for the WestInvest program. The Premier's Department stated in its summary report that the survey results 'will feed into the assessment process across the WestInvest Program'.

However, the Premier's Department staff interviewed by the audit team told us that the survey results did not play any formal role in the assessment process or funding recommendations for projects. The survey did not provide data that could be used to inform assessment decisions because:

• responses could be submitted by any member of the public who accessed the survey, not just those living in the LGAs that were eligible for the program, so the data could not be taken as representative of the views of the residents of eligible LGAs
• many survey responses were ruled ineligible as they were deemed to be associated with a community campaign that related to projects outside the focus areas of WestInvest.

The government did not have sufficient regard to risks to the State's credit rating when establishing the WestInvest program

The NSW Government has a policy of maintaining a AAA credit rating for the State of New South Wales. This is codified in the Fiscal Responsibility Act 2012. The NSW Government did not have sufficient regard to the implications and risks of committing $5 billion of funding to the WestInvest program to its credit rating. A risk to the State's credit rating arose because the government may have been perceived to be using proceeds from major asset sales to fund new expenditure, rather than paying down State debt.

The $3 billion NSW government projects round was open to NSW government agencies and administration of the round was led by NSW Treasury. Funding allocated through this round was not subject to the NSW Grants Administration Guide. This is because the funding was awarded to NSW government agencies rather than organisations external to government, so it did not meet the definition of a grant program. Projects were submitted by NSW government agencies to NSW Treasury and were assessed against program criteria by staff from NSW Treasury and the Premier's Department. Each project received a score and advice on whether it was suitable for funding or not. The WestInvest steering committee considered these and provided advice to the then Treasurer.

NSW Treasury prepared guidelines for the $3 billion NSW government projects round, but these were not approved by the then Treasurer until after the program assessment had commenced

NSW Treasury prepared guidelines for the NSW government projects round in September 2021. These were submitted to the then Treasurer for approval in December 2021 but were not approved. This meant that the process for assessing applications for NSW government projects was not agreed between government agencies and the then Treasurer, who was the statutory decision-maker of the allocations of funding. NSW Treasury subsequently prepared an assessment plan based on the unapproved guidelines, which set out more details about the process to be used for assessing applications for the NSW government projects round. The program guidelines were not published, which meant there was no public information about the process for assessing the largest component of the WestInvest program.

In May 2022, the then Treasurer’s Office requested that NSW Treasury make changes to the unapproved guidelines so that projects that delivered 'business as usual' state government infrastructure such as schools, roads, and health infrastructure were no longer considered ineligible for the program. These revised guidelines were approved in June 2022, but were not published. The changes were not consistent with the initial purpose of the WestInvest program which was to fund ‘transformational’ community infrastructure.

The funding advice from the WestInvest steering committee was not followed by the then Treasurer and the justifications for the funding allocation decisions were not documented

One-third of the projects that were allocated funding (9 out of 27) had been assessed by the WestInvest steering committee as having low or moderate merit. These projects were allocated combined funding of $1.1 billion. Reasons that the steering committee gave for assessing these projects as not suitable for funding through the WestInvest program included the absence of completed business cases, incomplete project development, and poor alignment to the objectives and criteria for the WestInvest program as outlined in the original program guidelines.

Staff from NSW Treasury and the Premier's Department put considerable resources into preparing guidelines and assessing and providing advice on the merits and eligibility of applications against these guidelines, but in most cases the advice was not followed by the then Treasurer. There was no documentation of reasons for the departures from steering committee advice. The NSW government projects round was not subject to the NSW Grants Administration Guide, so the requirement under those guidelines for documenting reasons for departures from advice on funding decisions did not apply. However, when the WestInvest program was established, it was noted that any departures from the funding advice from the steering committee would be documented by the then Treasurer. This applied to the entire WestInvest program. None of the projects that were allocated funding through the NSW government projects round were actually given funding, as only allocations of funding were approved by the then Treasurer.

Most of the funding was allocated to projects that did not align with the purpose of WestInvest or meet the assurance requirements of the program

Of the 27 projects that were allocated funding (Exhibit 3), 12 were from the Department of Education and seven from Transport for NSW. This resulted in over $2 billion, or 69% of the funding available through the NSW government projects round, being allocated to state school and road projects. Most of these projects were not aligned with any of the six focus areas of the WestInvest program. In addition, these projects were examples of ‘business as usual’ activities of NSW government agencies that did not clearly align with the initial purpose of the program to deliver transformational community infrastructure that would improve liveability in the 15 eligible LGAs.

Source: NSW Treasury documents.

Conditions were attached to the approval of funding allocations for 21 of the 27 projects. Most of these conditions related to the completion of a business case and other project assurance requirements, which were required under the program guidelines.

Projects approved through the WestInvest program were to receive funding from the Community Services and Facilities Fund (CSFF), which is a legislative fund created under the NSW Generations Funds Act 2018 (the Act). The Act states that the purpose of the CSFF is to provide funding for ‘cost-effective facilities and services’ (s.12(1)). The absence of business cases and other assurance requirements from most of the projects approved created the risk of legislative non-compliance, as many of the projects that had been allocated funding could not clearly demonstrate that they would be cost-effective.

NSW Treasury and the Premier's Department’s assessment of the first group of projects submitted for the NSW government projects round indicated that agencies applying for funding did not understand the purpose or requirements of the program. NSW Treasury and the Premier's Department received 153 applications after the first call for proposals. Most did not align with the stated purpose of WestInvest or meet the assurance requirements that had been set for the program. For example:

• 90 project proposals (59% of those submitted) were assessed as ineligible. Thirty-five of the 90 did not include any infrastructure, which was the main purpose of the WestInvest program. The other 55 proposed infrastructure projects were not consistent with any of six areas of focus for the program.
• 118 proposals (77% of proposals submitted) did not have a business case, which was a requirement of the WestInvest program guidelines.

As the first request for project proposals did not generate enough suitable applications, the then Treasurer made a second request to NSW government agencies in August 2022 seeking additional project proposals. This occurred after the guidelines for the NSW government projects round had been broadened to allow more projects to be considered for funding (discussed above).

Multiple state school projects were allocated funding after being assessed by the WestInvest steering committee as ineligible or unsuitable for funding

The Westmead Education Campus project, valued at $308 million, was rated as ineligible by NSW Treasury and the Premier's Department because it did not address any of the six specified focus areas for the WestInvest program. This meant it did not go through a full assessment against the program criteria and was not submitted to the then Treasurer for funding consideration.

The project was later re-submitted and the then Treasurer subsequently approved it for funding allocation. This occurred after the guidelines for the NSW government projects round had been broadened (discussed above). NSW Treasury's advice on this submission noted that the project had not been fully developed, with key decisions about the delivery model not made, and it did not have a final business case.

The Box Hill (Terry Road) new school project, valued at $112 million was rated as ‘moderate – not suitable for funding consideration at this time’ by the WestInvest steering committee. It was subsequently approved for funding by the then Treasurer.

Nine school upgrade projects with a total value of $478 million were allocated funding by the then Treasurer. Each of these had been assessed as ineligible by NSW Treasury and the Premier's Department against the original program guidelines because they did not meet any of the WestInvest focus areas and were not considered 'transformational'. There were a further 14 similar proposals for school upgrades that were also assessed as ineligible but were not allocated funding.

Funding allocations from the WestInvest program were changed after the 2023 NSW State election

Following the change of government at the 2023 NSW state election, most of the funding decisions announced by the former government were changed. The new government had announced during the election campaign that, if elected, it would redirect some WestInvest funding 'to rebuild Western Sydney schools and Western Sydney hospitals'. Eleven of the 27 projects that had been announced by the former government were not funded by the new government. The combined value of these projects was at around $1.5 billion (Exhibit 4). The seven roads projects that had been allocated funding through WestInvest, valued at $1 billion, were also removed from the WestInvest funding allocation but these still received funding from a different source.

Source: NSW Treasury documents.

The funding was reallocated to 17 projects that the new government had announced as election commitments during the 2023 State election campaign. This comprised ten school infrastructure projects, five health infrastructure projects, and two transport infrastructure projects. All of these projects had a cost of more than $10 million each, which means they are subject to NSW Government business case and gateway assurance requirements. Business cases had been completed for the two transport projects. The other 15 projects did not have business cases.

Source: NSW Treasury documents.

After these changes, the $3 billion NSW government projects round funding distribution was:

• Nine school upgrades, valued at $478 million, that had been allocated funding by the former government (see Exhibit 3).
• 17 new projects, with a total value of around $2.3 billion, that had been announced as election commitments by the new government (Exhibit 5). All of these are state school, health, or transport infrastructure.
• Three projects that covered administrative costs associated with the WestInvest program, with a total value of around $230 million (not previously announced).

The $1.6 billion community project grants - competitive round was open to local councils, NGOs, Local Aboriginal Land Councils, and educational institutions, across 15 eligible LGAs in western Sydney. Exhibit 6 shows a timeline of key dates for the community project grants - competitive round.

The $400 million local government projects round was administered as a non-competitive grant round that was only open to the 15 eligible councils. Each council was allocated a portion of the $400 million funding via a formula that provided a base allocation and an additional amount based on the population of each LGA. Each council received between $21 million and $35 million.

Applications for funding were submitted to the Premier's Department for assessment. Proposed projects were required to be eligible for the program and be rated as having merit against the published program criteria, which were the same as those for the competitive round. Exhibit 12 shows a timeline of key dates for the Local government projects competitive round.

Appendix one – Responses from audited agencies

Appendix two – About the audit

Appendix three – Performance auditing

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Parliamentary reference - Report number #391 - released 28 February 2024.

What this report is about 

This report assesses how effectively SafeWork NSW, a part of the Department of Customer Service (DCS), has performed its regulatory compliance functions for work health and safety in New South Wales. 

The report includes a case study examining SafeWork NSW's management of a project to develop a realtime monitoring device for airborne silica in workplaces. 

Findings 

There is limited transparency about SafeWork NSW's effectiveness as a regulator. The limited performance information that is available is either subsumed within DCS reporting (or other sources) and is focused on activity, not outcomes. 

As a work health and safety (WHS) regulator, SafeWork NSW lacks an effective strategic and data-driven approach to respond to emerging WHS risks. 

It was slow to respond to the risk of respirable crystalline silica in manufactured stone. 

SafeWork NSW is constrained by an information management system that is over 20 years old and has passed its effective useful life. 

While it has invested effort into ensuring consistent regulatory decisions, SafeWork NSW needs to maintain a focus on this objective, including by ensuring that there is a comprehensive approach to quality assurance. 

SafeWork NSW's engagement of a commercial partner to develop a real-time silica monitoring device did not comply with key procurement obligations. 

There was ineffective governance and process to address important concerns about the accuracy of the real-time silica monitoring device. 

As such, SafeWork NSW did not adequately manage potential WHS risks. 

Recommendations 

The report recommended that DCS should: 

• ensure there is an independent investigation into the procurement of the research partner for the real-time silica detector 
• embed a formal process to review and set its annual regulatory priorities 
• publish a consolidated performance report 
• set long-term priorities, including for workforce planning and technology uplift 
• improve its use of data, and start work to replace its existing complaints handling system 
• review its risk culture and its risk management framework 
• review the quality assurance measures that support consistent regulatory decisions

Read the PDF report.

Parliamentary reference - Report number #390 - released 27 February 2024
 

What this report is about

Transport for NSW (TfNSW) uses the Driver vehicle System (DRIVES) to support its regulatory functions. The system covers over 6.2 million driver licences and over seven million vehicle registrations.

DRIVES first went live in 1991 and has been significantly extended and updated since, though is still based around the same core system. The system is at end of life but has become an important service for Service NSW and the NSW Police Force.

DRIVES now includes some services to other parts of government and non-government entities which have little or no connection to transport. There are 141 users of DRIVES in total, including commercial insurers, national regulators, and individual citizens.

This audit assessed whether TfNSW is effectively managing DRIVES and planning to transition it to a modernised system.

Audit findings

TfNSW has not effectively planned the replacement of DRIVES.

It is now working on its third business case for a replacement system but has failed to learn lessons from its past attempts.

In the meantime, TfNSW has not taken a strategic approach to managing DRIVES’ growth.

TfNSW has been slow to reduce the risk of misuse of personal information held in DRIVES. With its delivery partner Service NSW, TfNSW has also been slow to develop and implement automatic monitoring of access.

TfNSW uses recognised processes for managing most aspects of DRIVES, but has not kept the system consistently available for users. TfNSW has lacked accurate service availability information since June 2022, when it changed its technology support provider.

TfNSW needs to significantly prioritise cyber security improvements to DRIVES. TfNSW is seeking to lift DRIVES’ cyber defences, but it will not achieve its stated target safeguard level until December 2025.

Even then, one of the target safeguards will not be achieved in full until DRIVES is modernised.

Audit recommendations

TfNSW should:

• implement a service management framework including insight into the views of DRIVES users, and ensuring users can influence the service
• ensure it can accurately and cost effectively calculate when DRIVES is unavailable due to unplanned downtime
• ensure implementation of a capability to automatically detect anomalous patterns of access to DRIVES
• ensure that DRIVES has appropriate cyber security and resilience safeguards in place as a matter of priority
• develop a clear statement of the future role in whole of government service delivery for the system
• resolve key issues currently faced by the DRIVES replacement program including by:
  • clearly setting out a strategy and design for the replacement
  • preparing a specific business case for replacement.

The DRIver VEhicle System_¹ (often known as DRIVES) is the Transport for NSW (TfNSW) system which is used to manage over 6.2 million driver licences and over seven million vehicle registrations in New South Wales.

DRIVES first went live in 1991 and has been significantly extended and enhanced over the past 33 years. DRIVES is a significant NSW Government information system — containing personal information such as home addresses for most of the NSW adult population, sensitive health information such as medical conditions, and biometric data in photographs.

Service NSW, part of the Department of Customer Service, is the NSW Government's 'one stop shop' for services to NSW citizens and businesses. It uses DRIVES when it delivers many transport-related services to NSW citizens such as licence renewals and checks the identity information stored in DRIVES as part of other services delivered to NSW citizens, such as a 'working with children check'.

DRIVES supports TfNSW's regulatory functions and the collection of more than $5 billion in revenue annually for the NSW Government. The system is also used by many organisations outside of the NSW Government including commercial insurers and national regulators, as well as individual citizens who access DRIVES for services such as 'Renew my registration' or 'Book a driver knowledge test'.

TfNSW owns and manages DRIVES. It intends to replace DRIVES with a modernised system to improve its cost, performance, and security.

The objective of this performance audit was to assess whether TfNSW is effectively:

• managing the current system, and 
• planning to transition DRIVES to a modernised system.

The auditee is TfNSW. We have consulted with the Department of Customer Service as a key stakeholder during the audit process.

This part of the report considers whether Transport for NSW (TfNSW) is effectively managing the current system. It considers DRIVES’:

• role in NSW Government service delivery
• ease of use and appropriateness for a modern system
• mechanisms to ensure the service is available for users.

This part of the report considers whether Transport for NSW (TfNSW) is effectively planning to transition DRIVES to a modernised system. It makes findings on the:

•  effort to develop a business case to fund the replacement of DRIVES
• issues which have contributed to the slow progress of the replacement program.

Appendix one – Response from entity 

Appendix two – Statutory and regulatory framework related to DRIVES 

Appendix three – About the audit 

Appendix four – Performance auditing 

Parliamentary reference - Report number #388 - released 20 February 2024.

What this report is about

The report assesses whether the Department of Customer Service (the department) complied with legislation and NSW government policy when it directly negotiated with Duncan Solutions to procure backend services relating to the Park'nPay app.

The Park'nPay app, developed by the department, enables users to locate and pay for parking remotely using their smart mobile device.

The audit found

The department failed to establish the grounds for entering a direct negotiation procurement strategy, without any competitive tendering, for services for the Park'nPay app. It rushed a decision to trial the app in The Rocks, without considering how this might affect its procurement obligations.

There is no evidence that the procurement achieved value for money. Despite being required by legislation, as well as mandatory NSW government policy, the department did not consider how it would ensure value for money, nor did it demonstrate an adequate understanding of what is meant by value for money on this occasion.

The department failed to implement key probity requirements. There was no effective management of conflicts of interest. Key decisions were not documented. There was a lack of clarity, transparency, and oversight of the relationship between the Minister's office and staff in the department.

The audit made recommendations about

1. making and retaining complete and accurate records, particularly on decisions to commit or expend public money
2. ensuring department staff understand how to exercise their financial delegations and procurement processes
3. ensuring that only staff with appropriate delegations are committing or approving the spending of public money
4. consistency with the contract extension provisions of the NSW Government Procurement Policy Framework, particularly regarding ensuring value for money
5. protocols to guide the interactions between department staff and Minister and Minister's staff
6. the need for proper management and oversight of contingent workers, such as contractors.

On 27 February 2019 the then Minister for Finance, Services and Property announced the commencement of a Park’nPay app trial in The Rocks precinct of Sydney.

The app was intended to enable users to locate and pay for parking remotely, using their smart mobile device such as a phone or tablet, rather than needing to physically be at a parking meter.

In July 2019, following a direct negotiation procurement conducted by the then Department of Finance, Services and Innovation, a contract was executed with Duncan Solutions for an estimated value of $1,260,600 over three-years, with three single-year options to extend. The contract required Duncan Solutions to provide development services to link the Park'nPay app to its Parking Enterprise Management System platform and to provide ongoing software support services.

This audit assessed whether the department complied with the procurement obligations that applied at the time it procured these services from Duncan Solutions.

This audit focussed on the department's processes and decision-making relating to:

• the direct negotiation with Duncan Solutions at the exclusion of any other potential supplier
• the negotiation, execution and management of the contract with Duncan Solutions.

As this audit focusses on the department's procurement and contract management processes, it does not comment on the activities of Duncan Solutions. The detailed audit objective, criteria and audit approach are in Appendix three.

The auditee is the Department of Customer Service. As a result of machinery of government changes, the Department of Finance, Services, and Innovation became the Department of Customer Service from 1 July 2019. To avoid confusion, this report simply uses ‘the department’ to refer to either. Where the report refers to the Minister, it relates to the former Minister in office at the time.

Appendix one – Response from auditee

Appendix two – Key requirements of the department's procurement manual 

Appendix three – About the audit 

Appendix four– Performance auditing

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Parliamentary reference - Report number #387 - released 14 December 2023

What this report is about

Around one-third of the state’s population lives in regional NSW, but deaths on regional roads make up around two-thirds of the state’s road toll.

Transport for NSW (TfNSW) is responsible for managing road safety outcomes across the NSW road network. This audit assessed the effectiveness of TfNSW’s delivery of road safety strategies, plans and policies in regional areas.

The NSW Road Safety Action Plan 2022–2026 has the stated goal of ‘no death or serious injury occurring on the road transport network’ by 2050.

What we found

There is a disproportionate amount of trauma on regional roads, but there are no specific road safety plans or trauma reduction targets for regional NSW.

TfNSW advises that the setting of state-wide road safety targets is consistent with other jurisdictions and international best practice. However, the proportion of road fatalities and serious injuries in regional NSW is almost the same as ten years ago.

There is no regional implementation plan to assist TfNSW to target the Road Safety Action Plan 2026 to regional areas.

TfNSW considers that local road safety outcomes should be managed by councils, but only 52% of regional councils participated in its Local Government Road Safety Program (LGRSP) in 2022–23. This program has not been updated since 2014, despite commitments to do so in 2021 and 2022.

TfNSW has not undertaken a systematic and integrated analysis of the combined impact of its road safety strategies and plans in regional NSW since 2012.

TfNSW reports against the Community Road Safety Fund (CRSF) annually but there is no consolidated, public reporting on total road safety funding allocated to regional NSW. The Fund underspend increased from 12% in 2019–20 to 20% in 2022–23.

What we recommended

We recommended TfNSW:

• develop a regional implementation plan to support the NSW Road Safety Action Plan, including a framework to annually measure, analyse and publicly report on progress
• develop a plan to measure and mitigate risks causing underspend in the CRSF
• expedite the review of the LGRSP including recommendations to increase involvement of regional councils.

Disclosure of confidential information

Under the Government Sector Audit Act 1983 (the Act), the Auditor-General may disclose confidential information if, in the Auditor-General’s opinion, the disclosure is in the public interest, and that disclosure is necessary for the exercise of the Auditor-General’s functions.

Confidential information in the Act means Cabinet information or information subject to legal privilege. This performance audit report contained confidential information.

The NSW Premier has certified that in his opinion the disclosure of the confidential information was not in the public interest.

The confidential information has been redacted from this report.

Under section 36A(2) of the Government Sector Audit Act 1983, the Auditor-General may authorise the disclosure of confidential information if, in the Auditor-General’s opinion, the disclosure is in the public interest and necessary for the exercise of the Auditor-General’s functions. Confidential information under the Government Sector Audit Act 1983 means Cabinet information, or information that could be subject to a claim of privilege by the State or a public official in a court of law. This performance audit report contained confidential information which, in the opinion of the Auditor-General, is in the public interest to disclose and that disclosure is necessary for the exercise of the Auditor-General’s functions.

On 26 October 2023, pursuant to section 36A(2)(b) of the Government Sector Audit Act 1983, the Auditor-General notified the NSW Premier of the intention to include this information in the published report, having formed the opinion that its disclosure is in the public interest and is necessary for the exercise of the Auditor-General’s functions.

On 23 November 2023, pursuant to section 36A(2)(c) of the Government Sector Audit Act 1983, the NSW Premier certified that, in his opinion, the proposed disclosure of the confidential information contained in this report was not in the public interest. The Premier’s certificate follows. Section 36A(4) states that a certificate of the Premier that it is not in the public interest to disclose confidential information is conclusive evidence of that fact.

The issuance of the certificate by the NSW Premier prevents the publication of this information. The relevant sections of the report containing confidential information have been redacted.

One-third of the New South Wales population resides in regional areas, but two-thirds of the state’s road crash fatalities take place on regional roads.

Between 2017 and 2021, the average number of fatalities for every 100,000 of the population living in regional New South Wales was 8.33 — approximately four times higher than the equivalent measure for Greater Sydney. Similarly, the average number of serious injuries in regional New South Wales over the same period was 75.24 per 100,000 of the population, compared with 50.53 in Greater Sydney. Further, more than 70% of people who lose their lives in accidents on regional roads are residents of regional areas.

Residents of regional areas face particular transport challenges. They often need to travel longer distances for work, health care, or recreation purposes, yet their public transport options are more limited than metropolitan residents. Vehicle safety is also an issue. According to the NSW Road Safety Progress Report 2021, of the light vehicles registered in New South Wales that were manufactured in or after 2000, 48.4% of light vehicles in regional areas had a five-star Australasian New Car Assessment Program (ANCAP) rating, compared to 54.8% in metropolitan areas. Road conditions in regional areas can also be more challenging for drivers.

Regional New South Wales covers 98.5% of the total area of the state. The road network in New South Wales is vast — spanning approximately 200,000 kilometres.

The road network includes major highways, state roads and local roads. Speed limits range from 10 km/hr in high pedestrian shared zones, up to 110 km/hr on high volume and critical road corridors. Eighty per cent of the network has a 100 km/h speed limit, which is mostly applied as a default speed limit, regardless of the presence of safety features and treatments.

Speed is the primary causal factor in more crashes in New South Wales than any other factor, and car crashes in regional areas are more likely to be fatal because of the higher average speeds involved.

The responsibility for managing road safety outcomes across the entire New South Wales road network lies with Transport for NSW (TfNSW), pursuant to Schedule 1 of the Transport Administration Act 1988.

While its safety responsibilities are state-wide, TfNSW does not own or directly manage all of the road network in regional New South Wales, which spans approximately 200,000 kilometres. Approximately 80% of the roads are classified as Local Roads and are administered and managed by local councils. Local councils also maintain Regional Roads that run through their local government areas. TfNSW is responsible for managing State Roads (approximately 20% of roads), which are major arterial roads. It also provides funding for councils to manage over 18,000 km (approximately 10%) of state-significant Regional Roads.

According to TfNSW, between 2016 and 2020, there were 9,776 people killed or seriously injured on roads in regional New South Wales. Adding to the tragic loss of life, according to TfNSW, the estimated cost to the community between 2016 and 2020 resulting from regional road trauma and fatalities was around $13.7 billion.

TfNSW also noted that the ‘risk of road trauma is pervasive, and a combination of effective road safety measures is required to systematically reduce this risk’.

TfNSW released its first long-term road-safety strategy in December 2012, which introduced the goal of ‘Vision Zero’ — a long-term goal of zero deaths or serious injuries on NSW roads. The terminology was changed to ‘Towards Zero’ in the 2021 Road Safety Plan and has been retained in the NSW Road Safety Action Plan 2022–2026. Towards Zero has the stated goal of ‘no death or serious injury occurring on the road transport network’ by 2050.

The objective of this audit is to assess the effectiveness of TfNSW’s delivery of ‘Towards Zero’ in regional areas.

In making this assessment, the audit examined whether TfNSW:

• is effectively reducing the number of fatalities and serious injuries on regional roads
• has an effective framework, including governance arrangements, for designing and refreshing the NSW Road Safety Strategy 2012–2021 and the NSW Road Safety Action Plan 2022–2026
• effectively makes use of whole-of-government and other relevant sources of data to support decision-making, and to evaluate progress and outcomes
• effectively manages accountabilities, including roles and responsibilities, with respect to road safety outcomes and the use of data.

This audit focused on the policies and strategies used by TfNSW for managing road safety outcomes in regional areas. We did not evaluate individual road safety projects, programs and initiatives as part of this audit.

Whilst Regional Roads and Local Roads (as defined by the Road Network Classifications) are owned and maintained by local councils, we included these roads in this audit as TfNSW may advise and assist councils to promote and improve road safety, as well as manage grant programs that focus on improving road safety outcomes on these roads. Hereafter, unless otherwise stated, references to ‘regional roads’ refer to all classifications of roads in the state which are in regional New South Wales, irrespective of their ownership.

Local councils in regional areas are key stakeholders for the purposes of this audit, and we interviewed eight as part of the audit process (noting that this was not intended to be a representative sample). Road asset management by local councils is also out of scope for this audit as it is the focus of a subsequent performance audit by the Audit Office of New South Wales.b

The Audit Office of New South Wales has undertaken several performance audits relating to road safety since 2009 and these have been referenced while undertaking this audit. They include:

• Condition of State Roads (August 2006)
• Improving Road Safety: Heavy Vehicles (May 2009)
• Improving Road Safety: School Zones (March 2010)
• Improving Road Safety: Speed Cameras (July 2011)
• Regional Assistance Programs (May 2018)
• Mobile speed cameras (October 2018)
• Rail freight and Greater Sydney (October 2021).

Appendix one – Response from Transport for NSW

Appendix two – The Safe Systems framework and NSW road safety strategies and plans

Appendix three – About the audit

Appendix four – Performance auditing

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Parliamentary reference - Report number #386 - released 30 November 2023

What the report is about

This audit assessed how effectively the Department of Planning and Environment (Heritage NSW) is overseeing and administering heritage assets of state significance.

Heritage that is rare, exceptional or outstanding to New South Wales may be listed on the State Heritage Register under the Heritage Act 1977. This provides assets with legal recognition and protection. Places, buildings, works, relics, objects and precincts can be listed, whether in public or private ownership.

Heritage NSW has administrative functions and regulatory powers, including under delegation from the Heritage Council of NSW, relevant to the listing, conservation and adaptive re-use of heritage assets of state significance.

In summary, the audit assessed whether Heritage NSW:

• is effectively administering relevant advice and decisions
• is effectively supporting and overseeing assets
• has established clear strategic priorities and can demonstrate preparedness to implement these.

What we found

Heritage NSW does not have adequate oversight of state significant heritage assets, presenting risks to its ability to promote the objects of the Heritage Act.

Information gaps and weaknesses in quality assurance processes limit its capacity to effectively regulate activities affecting assets listed on the State Heritage Register.

Heritage NSW has adopted a focus on customer service and recently improved its timeliness in providing advice and making decisions about activities affecting listed assets. But Heritage NSW has not demonstrated how its customer-focused priorities will address known risks to its core regulatory responsibilities.

Listed assets owned by government entities are often of high heritage value. Heritage NSW could do more to promote effective heritage management among these entities.

What we recommended

The report made eight recommendations to Heritage NSW, focusing on:

• improving quality assurance over advice and decisions
• improving staff guidance and training
• defining and maintaining data in the State Heritage Register
• clarifying its regulatory intent and approach
• sector engagement and interagency capability to support heritage outcomes.

The Heritage Act 1977 (the Heritage Act) and accompanying regulation provide the legal framework for the identification, conservation and adaptive re-use of heritage assets in New South Wales.

The Department of Planning and Environment (Heritage NSW) has responsibility for policy, legislative and program functions for state heritage matters, including supporting the Minister for Heritage to administer the Heritage Act.

Heritage assets that are rare, exceptional or outstanding beyond a local area or region may be listed on the State Heritage Register under the Heritage Act. These assets include places, buildings, works, relics, moveable objects and precincts, and assets that have significance to Aboriginal communities in New South Wales. Assets nominated for and listed on the State Heritage Register ('listed assets') may be owned privately or publicly, including by local councils and state government entities.

The Heritage Act establishes the Heritage Council of NSW (the Heritage Council) to undertake a range of functions in line with its objectives. Heritage NSW provides administrative support to the Heritage Council, for example providing advice on assets that have been nominated for listing on the State Heritage Register. Many of Heritage NSW’s core activities also relate to exercising functions and powers under delegation from the Heritage Council. These include making administrative decisions about works affecting listed assets, and exercising powers to regulate asset owners’ compliance with requirements under the Heritage Act.

Heritage NSW states that heritage:

According to Heritage NSW, an effective heritage system will facilitate the community in harnessing the cultural and economic value of heritage.

The objective of this audit was to assess how effectively the Department of Planning and Environment (Heritage NSW) is overseeing and administering heritage assets of state significance.

For this audit, ‘heritage assets of state significance’ refers to items (including a place, building, work, relic, moveable object or precinct) listed on the State Heritage Register ('listed assets'), and those which have been nominated for listing.

This chapter assesses the effectiveness of Heritage NSW's oversight of state heritage assets, including its visibility of listed assets, and its oversight of regulatory decision-making. It also assesses Heritage NSW's activities to engage with owners to meet their obligations under the Heritage Act and to support heritage outcomes.

This chapter assesses the timeliness of Heritage NSW’s provision of advice, recommendations, and decisions on heritage issues to support heritage management outcomes with respect to listed assets.

This chapter assesses whether the Department of Planning and Environment (Heritage NSW) has established clear strategic priorities to effectively oversee and administer activities related to listed assets, and its preparedness to implement reforms. It also assesses the adequacy of planning activities and governance arrangements to support the achievement of strategic directions.

Appendix one – Response from agency

Appendix two – About the audit

Appendix three – Performance auditing

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Parliamentary reference - Report number #384 - released 27 June 2023

What the report is about

Effective radio communications are crucial to NSW's emergency services organisations.

The Critical Communications Enhancement Program (CCEP) aims to deliver an enhanced public safety radio network to serve the five emergency services organisations (ESOs), as well as a range of other users.

This report assesses whether the NSW Telco Authority is effectively managing the CCEP.

What we found

Where it has already been delivered (about 50% of the state), the enhanced network meets most of the requirements of ESOs.

The CCEP will provide additional infrastructure for public safety radio coverage in existing buildings agreed to with ESOs. However, radio coverage inside buildings constructed after the CCEP concludes will be at risk because building and fire regulations do not address the need for in-building public safety radio coverage.

Around 98% of radios connected to the network can be authenticated to protect against cloning, though only 42% are.

The NSW Telco Authority has not settled with ESOs on how call encryption will be used across the network. This creates the risk that radio interoperability between ESOs will not be maximised.

When completed, the public safety radio network will be the only mission critical radio network for ESOs. It is unclear whether governance for the ongoing running of the network will allow ESOs to participate in future network operational decisions.

The current estimated capital cost for the NSW Telco Authority to complete the CCEP is $1.293 billion. This is up from an estimated cost of $400 million in 2016. The estimated capital cost was not publicly disclosed until $1.325 billion was shown in the 2021–22 NSW Budget Papers.

We estimate that the full cost to government, including costs to the ESOs, of implementing the enhanced network is likely to exceed $2 billion.

We made recommendations about

• The governance of the enhanced Public Safety Network (PSN) to support agency relationships.
• The need to finalise a Traffic Mitigation Plan for when the network is congested.
• The need to provide advice to the NSW Government about the regulatory gap for ensuring adequate network reach in future buildings.
• The need to clarify how encryption and interoperability will work on the enhanced network.
• The need for the NSW Telco Authority to comply with its policy on Infrastructure Capacity Reservation.
• Expediting measures to protect against the risk of cloning by unauthenticated radios.

Public safety radio networks are critical for operational communications among Emergency Services Organisations (ESOs), which in New South Wales include:

• NSW Ambulance
• Fire and Rescue NSW
• NSW Police Force
• NSW Rural Fire Service
• NSW State Emergency Service.¹

Since 1993, these five ESOs have had access to a NSW Government owned and operated radio communications network, the Public Safety Network (PSN), to support their operational communications. Around 60 to 70 other entities also have access to this network, including other NSW government entities, Commonwealth government entities, local councils, community organisations, and utility companies.

Pursuant to the Government Telecommunications Act 2018 ('the Act'), the New South Wales Government Telecommunications Authority ('NSW Telco Authority') is responsible for the establishment, control, management, maintenance and operation of the PSN.²

Separate to the PSN, all ESOs and other government entities have historically maintained their own radio communication capabilities and networks. Accordingly, the PSN has been a supplementary source of operational radio communications for these entities.

These other radio networks maintained by ESOs and other entities are of varying size and capability, with many ageing and nearing their end-of-life. There was generally little or no interoperability between networks, infrastructure was often co-located and duplicative, and there were large gaps in geographic coverage.

In 2016, the NSW Telco Authority received dedicated NSW Government funding to commence the Critical Communications Enhancement Program (CCEP).

According to NSW Telco Authority's 2021–22 annual report, the CCEP is a transformation program for operational communications for NSW government agencies. The CCEP '…aims to deliver greater access to public safety standard radio communications for the State’s first responders and essential service agencies'. The objective of CCEP is to consolidate the large number of separate radio networks that are owned and operated by various NSW government entities and to enhance the state’s existing shared PSN. The program also aims to deliver increased PSN coverage throughout New South Wales.

The former NSW Government intended that as the enhanced PSN was progressively rolled-out across NSW, ESOs would migrate their radio communications to the enhanced network, before closing and decommissioning their own networks.

About this Audit

This audit assessed whether the CCEP is being effectively managed by the NSW Telco Authority to deliver an enhanced PSN that meets ESOs' requirements for operational communications.

We addressed the audit objective by answering the following two questions:

1. Have agreed ESO user requirements for the enhanced PSN been met under day-to-day and emergency operational conditions?
2. Has there been adequate transparency to the NSW Government and other stakeholders regarding whole-of-government costs related to the CCEP?

In answering the first question, we also considered how the agreed user requirements were determined. This included whether they were supported by evidence, whether they were sufficient to meet the intent of the CCEP (including in considering any role for new or alternative technologies), and whether they met any relevant technical standards and compliance obligations (including for cyber security resilience).

While other NSW government agencies and entities use the PSN, we focused on the experience of the five primary ESOs because these will be the largest users of the enhanced PSN.

Both the cost and time required to complete the CCEP roll-out have increased since 2016. While it was originally intended to be completed in 2020, this is now forecast to be 2027. Infrastructure NSW has previously assessed the reasons for the increases in time and cost. A summary of the findings made by Infrastructure NSW is presented in Chapter 1 of this report. Accordingly, as these matters had already been assessed, we did not re-examine them in this performance audit.

The auditee for this performance audit is the NSW Telco Authority, which is a statutory authority within the Department of Customer Service portfolio.

In addition to being responsible for the operation of the PSN, section 5 of the Act also prescribes that the NSW Telco Authority is:

• to identify, develop and deliver upgrades and enhancements to the government telecommunications network to improve operational communications for government sector agencies
• to develop policies, standards and guidelines for operational communications using telecommunications networks.

The NSW Telco Authority Advisory Board is established under section 10 of the Act. The role of the board is to advise the NSW Telco Authority and the minister on any matter relating to the telecommunications requirements of government sector agencies and on any other matter relating to the functions of the Authority. As of 2 June 2023, the responsible minister is the Minister for Customer Service and Digital Government.

The five identified ESOs are critical stakeholders of the CCEP and therefore they were consulted during this audit. However, the ESOs were not auditees for this performance audit.

The NSW Telco Authority established and tracked its own costs for the CCEP

Over the course of the program from 2016, the NSW Telco Authority prepared a series of business cases and program reviews that estimated its cost of implementing the program in full, including those shown in Exhibit 6 below.

In response to the 2016 CCEP business case, the then NSW Government approved the NSW Telco Authority implementing the CCEP in full, with funding provided in stages. The NSW Telco Authority tracked its costs against approved funding, with monthly reports provided to the multi-agency Program Steering Committee

Throughout the program, the NSW Government was informed of increasing costs being incurred by the NSW Telco Authority for the CCEP

The various business cases, program updates, and program reviews prepared by the NSW Telco Authority were provided to the NSW Government through the required Cabinet process when seeking approval for the program proceeding and requests for both capital and operational funding. These provided clear indication of the changing overall cost of the CCEP to the NSW Telco Authority, as well as the delays that were being experienced.

There was no transparency to the Parliament and community about changes in the capital cost of the CCEP until the 2021–22 NSW Budget

As the business cases for the CCEP were not publicly available, the only sources of information about capital cost were NSW Budget papers and media releases. The information provided in the annual Budget papers prior to the 2021–22 NSW Budget provided no visibility of the estimated full capital cost to complete all stages of the CCEP. As shown in Exhibit 7 below, this information was fragmented and complex.

Media releases about the progress of the CCEP did not provide the estimated total cost to the NSW Telco Authority of $1.325 billion to complete all stages of the CCEP until June 2021. Prior to this date, media releases only provided funding for the initial stages of the program or for the stages subject to a funding announcement.

Even during the September 2019 and March 2020 Parliamentary Estimate Committee hearings where the costings and delays to the CCEP were raised, the estimated full cost of the CCEP was not revealed.

The original business case for the CCEP included estimated ESO costs, though these costs were not tracked throughout the program

Estimates for ESO costs for operating and maintaining their own radio networks over the four years from 2016–17 were included in the original March 2016 business case. They included $75.2 million for capital expenditure and $95 million for one-off operating costs. These costs, as well as costs incurred by ESOs due to the delay in the program, were not subsequently tracked by the NSW Telco Authority.

In January 2017, Infrastructure NSW reviewed the CCEP business case of March 2016. In this review, Infrastructure NSW recommended that the NSW Telco Authority identify combined and apportioned costs and cashflow for all ESOs over the CCEP funding period reflecting all associated costs to deliver the CCEP. These to include additional incidental capital costs accruing to ESOs, transition and migration to the new network and the cost (capital and operational) of maintaining existing networks. This recommendation was implemented in the November 2017 program review, with ESO capital costs estimated as $183 million.

In 2019, Infrastructure NSW conducted a Deep Dive Review on the progress of the CCEP. In this review, Infrastructure NSW made what it described as a 'critical recommendation' that the NSW Telco Authority:

It should be noted that the delay to CCEP completion now is seven years and that further ‘operational bridging solutions’ have been needed by the ESOs.

'Stay Safe and Keep Operational' costs incurred by ESOs will be significantly higher than originally estimated

Stay Safe and Keep Operational (SSKO) funding was established to provide funding to ESOs to maintain their legacy networks while the CCEP was refreshing and enhancing the PSN. This recognised that much of the network infrastructure relied on by ESOs had reached – or was reaching – obsolescence and would either require extensive maintenance or replacement before the PSN was available for ESOs to migrate to it. ESOs may apply to NSW Treasury for SSKO funding, with their specific proposals being reviewed (and endorsed, where appropriate) by the NSW Telco Authority. Accordingly, SSKO expenditure does not fall within the CCEP budget allocation.

As shown in the table below, extracted from the March 2016 CCEP business case, the total expected cost for SSKO purposes over the course of the CCEP was originally $40 million, assuming the enhanced PSN would be fully available by 2020.

In October 2022, the expected completion date for the CCEP was re-baselined to August 2027. Accordingly, ESOs will be required to continue to maintain their radio networks using legacy equipment for seven years longer than the original 2020 forecast. This will likely become progressively more expensive and require additional SSKO funding. For example, NSW Telco Authority endorsed SSKO bids for 2022–23 exceeded $35 million for that year alone.

Compared to the original forecast made in the March 2016 CCEP business case of $40 million, we found ESOs had estimated SSKO spending to 2027 will be $292.5 million.

A refresh of paging network used by ESOs and the decommissioning of redundant sites were both removed from the original 2016 scope of the CCEP

Paging

A paging network is considered an important user requirement by the Fire and Rescue NSW, NSW Rural Fire Service, and NSW State Emergency Service. The 2016 CCEP business case included a paging network refresh within the program scope of works. This was reiterated in the November 2017 internal review of the program. These documents did not estimate a cost for this refresh. The March 2020 and October 2020 business cases excluded paging from the program scope. The audit is unable to identify when, why or by whom the decision was made to remove paging from the program scope, something that was also not well communicated to the affected ESOs.

In 2021, after representations from the affected ESOs, the NSW Telco Authority prepared a separate business case for a refresh of the paging network at an estimated capital cost of $60.31 million. This program was subsequently approved by the NSW Government and included in the 2022–23 NSW Budget.

In determining an estimated full whole-of-government cost of delivering the enhanced PSN, we have included the budgeted cost of the paging network refresh on the basis that:

• it was expressly included in the original approved March 2016 business case
• the capability is deemed essential to the needs of three ESOs.

Decommissioning costs

The 2016 CCEP business case included cost estimates for decommissioning surplus sites (whether ‘old’ GRN sites or sites belonging to ESOs’ own networks). These estimates were provided for both the NSW Telco Authority ($38 million) and for the ESOs ($55 million). However, while these estimates were described, they were not included as part of the NSW Telco Authority's estimated capital cost ($400 million) or (more relevantly) operating cost ($37.3 million) for the CCEP. This is despite decommissioning being included as one of eight planned activities for the rollout of the program.

In the October 2020 business case, an estimate of $201 million was included for decommissioning agency networks based on a model whereby:

• funding would be coordinated by the NSW Telco Authority
• scheduling and reporting through an inter-agency working group and
• where appropriate, agencies would be appointed as the most appropriate decommissioning party.

This estimated cost is not included in the CCEP budget.

In determining an estimated full whole-of-government cost of the enhanced PSN, we have included the estimated cost of decommissioning on the basis that:

• decommissioning was included in the 2016 CCEP business case as one of eight 'planned activities for the rollout of the program'
• effective decommissioning of surplus sites and equipment (including as described in the business case as incorporating asset decommissioning, asset re-use, and site make-good) is an inherent part of the program management for an enhanced PSN
• costs incurred in decommissioning are entirely a consequence of the CCEP program.

The estimated minimum cost of building an enhanced PSN consistent with the original proposal is over $2 billion

We have derived two estimated minimum whole-of-government costs for delivering an enhanced PSN. These are:

• $2.04 billion when calculated from NSW Telco Authority data – shown as estimate A in Exhibit 9 below.
• $2.26 billion when calculated from ESO supplied data – shown as estimate B in Exhibit 9.

Both totals include:

• budgeted amounts for both CCEP capital expenditure ($1,292.8 million) and operating expenditure ($139 million)
• the NSW Telco Authority's 2020 estimated cost for decommissioning ($201 million)
• the NSW Telco Authority's approved funding for paging refresh ($60.3 million).

The two estimated totals primarily vary around the capital expenditure of ESOs (particularly SSKO funding). To determine these costs, we used ESO provided actual SSKO costs to date, as well as their estimates for maintaining their legacy radio networks through to 2027.

The equivalent cost estimates from the NSW Telco Authority were sourced from the November 2017 internal review and the October 2020 business case for CCEP. It should be noted that the amounts for both estimates are not audited, or verified, but do provide an indication of how whole-of-government costs have grown over the course of the program.

The increase in and reasons for the increase in total CCEP costs (capital and one-off operating) incurred or forecast by the NSW Telco Authority (from $437.3 million in 2016 to $1,431.8 million in 2022) have been provided to the NSW Government through various business cases and reviews prepared by the NSW Telco Authority, as well as by reviews conducted by Infrastructure NSW as part of its project assurance responsibilities.

However, the growth in ESO costs and other consequential costs, such as paging and decommissioning, from around $263 million in the 2016 CCEP business case to between $600 million and $800 million, has to a large degree remained invisible and unexplained to the NSW Government and other stakeholders

Appendix one – Response from agency

Appendix two – Trunked public safety radio networks

Appendix three – About the audit

Appendix four – Performance auditing

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Parliamentary reference - Report number #383 - released 23 June 2023

Introduction

The Auditor-General's financial and performance audits of local councils aim to improve financial management, governance and public accountability across the local government sector.

Annual Local Government reports to Parliament have consistently highlighted risks and weaknesses across the sector in relation to financial management and governance. We will continue to focus on these matters as a priority area in our forward work program.

While this report focuses on MidCoast Council, the findings should be considered by all councils to better understand the challenges and opportunities when addressing financial sustainability and financial management needs.

Findings and recommendations around the effectiveness of long-term financial planning, comprehensive and timely financial reporting and financial management governance arrangements are relevant for all councils.

What this report is about

The Local Government Act 1993 requires councils to apply sound financial management principles, including sustainable expenditure, effective financial management and regard to intergenerational equity.

This audit assessed whether MidCoast Council has effective financial management arrangements that support councillors and management to fulfill their responsibilities as financial stewards.

What we found

MidCoast Council has not met all legislative and policy requirements for long-term financial planning.

From FY2019–20 to FY2020–21, the Council had financial management and governance gaps. Some gaps were addressed throughout FY2021–22.

MidCoast Council experienced significant challenges in its implementation of a consolidated financial management system following amalgamation in 2016 and the merging of MidCoast Water in 2017. This led to gaps in finance processes and data quality.

What we recommended

The report recommends that MidCoast Council should:

• ensure its long-term financial plan meets legislative and policy requirements
• undertake service reviews to better understand net costs to inform budget and financial planning decisions
• improve the quality of asset management information to inform budget and financial planning decisions
• use the financial management components of the MC1 system to its full potential
• address control and process gaps identified in audits and reviews
• ensure competency of those responsible for finance and budget
• ensure financial sustainability initiatives account for the cost of services and asset management information.

Effective financial management is important in ensuring that councils achieve their long-term objectives, remain financially viable and deliver intended benefits to the community.

Sustainable financial management has been a priority for the local government sector since 2013 and continues to be one of the highest rated risks and priorities among councils in 2023.

According to data provided by the Department of Planning and Environment, during FY2020–21, NSW local councils:

• collected $7.8 billion in rates and annual charges
• received $5.8 billion in grants and contributions
• incurred $4.8 billion of employee benefits and on costs
• held $16.8 billion of cash and investments
• managed $175.2 billion in infrastructure, property plant and equipment
• entered into $3.7 billion of borrowings.

The Local Government Act 1993 (LG Act) requires local councils to apply sound financial management principles including responsible and sustainable expenditure, investment, and effective financial and asset management. Under the LG Act and the Local Government Regulation 2021 (LG Regulation) councils are required to:

• establish and monitor their budget position
• clearly establish approaches to raise revenue, including from rates and other sources
• develop and implement integrated planning to ensure financial sustainability in line with community priorities and needs
• regularly report on their financial performance through financial statements.

The objective of the audit is to assess whether MidCoast Council (the Council) has effective financial management arrangements that support councillors and management to fulfil their financial stewardship responsibilities. It considers whether:

• the Council has an effective governance framework for financial management, through the existence of governance, risk management, internal controls and provision of adequate financial management training, including whether:
  • governance, risk management and internal controls are in place for financial management
  • adequate financial management and governance training and support has been provided to councillors, management and operational managers.
• the Council has quality and comprehensive internal financial management reporting, including whether:
  • councillors and management have identified and implemented essential internal financial management reporting elements
  • council’s financial systems and data have integrity, and support identified financial management report production requirements
  • council reports are relevant, consistent, reliable, understandable, and tailored towards the requirements of key users (appendix two provides more information about the characteristics of effective financial management reporting).
• the financial management governance and reporting arrangements support councillors and management to fulfil their financial stewardship responsibilities, including whether councillors and management use internal financial management reporting to:
  • support budget decisions, resource allocation and cost setting (for example fees and charges)
  • monitor financial sustainability
  • assess operational efficiency, financial services and investments
  • make improvements where necessary.

This audit completed fieldwork during November 2022 to February 2023. The audit period of review was from 1 July 2019 to 30 June 2022.

Appendix one – Response from agency

Appendix two – Characteristics of effective financial management reporting

Appendix three – About the audit 

Appendix four – Performance auditing

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Parliamentary reference - Report number #381 - released 16 June 2023