Reports
Actions for Education 2019
Education 2019
This report focuses on key observations and findings from the most recent financial audits of agencies in the Education cluster. From 1 July 2019, the Technical and Further Education Commission, the NSW Skills Board and the functions and activities associated with vocational training and skills form part of the Education cluster.
Unqualified audit opinions were issued for all cluster agencies’ financial statements. However, internal control deficiencies were identified across the cluster agencies, including 14 findings that were repeated from the previous year. Control deficiencies were also identified in a sample of the state’s 2,200 schools. Schools did not always apply the guidance in the Department of Education's ‘Finance in Schools Handbook’, resulting in control weaknesses in key areas such as governance, cash management and procurement.
'In addition, we continue to observe inconsistencies in the employee leave data reported from the Department of Education’s payroll system, which impact the reliability of estimates of the Department’s liability for employee benefits. The robustness of the Department's quality assurance over leave liability data should be improved', the Auditor-General said.
This report analyses the results of our audits of financial statements of entities within the Education cluster for the year ended 30 June 2019. The table below summarises our key observations.
1. Machinery of Government changes
The Education cluster has expanded | From 1 July 2019, the Technical and Further Education Commission, the NSW Skills Board and the functions and activities associated with vocational training and skills now form part of the Education cluster. |
2. Financial reporting
Audit opinions |
Unqualified audit opinions were issued for all cluster agencies' 30 June 2019 financial statements audits. The number of corrections to disclosures in the financial statements, which increased this year, could have been reduced by a more thorough quality assurance over the information underpinning the financial statements. Recommendation: Cluster agencies should improve their quality assurance processes for financial reporting to improve the accuracy of financial statements presented for audit. |
Preparedness for new accounting standards |
Agencies will implement four new accounting standards shortly. Three are effective from 1 July 2019 and the fourth is effective from 1 July 2020. Cluster agencies needed to do more work on their impact assessments to better prepare for their implementation from 1 July 2019. Recommendation: Cluster agencies should finalise their plans to implement the new accounting standards as soon as possible. |
Timeliness of financial reporting |
All cluster agencies met the statutory deadline for completing early close procedures and submitting their financial statements for audit. The Department of Education (the Department) delays tabling its financial statements in parliament so it can report its operational outcomes, which are aligned to the calendar year, in a single report. This reduces transparency over the Department's financial statements as they are tabled more than ten months after the end of the financial year. Recommendation: The Department should table its financial statements in parliament earlier, in line with other NSW Government agencies. |
Inconsistencies in the employee leave data | We continue to observe inconsistencies in the employee leave data reported from the Department’s payroll system, which impacts the reliability of estimates of the Department's liability for employee benefits. The robustness of the Department's quality assurance over leave liability data should be improved. |
3. Audit observations
Internal control deficiencies |
We identified 55 internal control issues, including 14 findings that were repeated from the previous year. Issues were identified with user access administration, segregation of duties in the Department's key application system and timely preparation and review of key reconciliations. Recommendation: Cluster agencies should prioritise and action recommendations to address internal control weaknesses. |
Schools review 2018 |
Our review of a selection of NSW schools identified deficiencies in how they applied the Department of Education's ‘Finance in Schools Handbook’, resulting in control weaknesses in key areas such as governance, cash management and procurement. Recommendation: The Department should ensure all schools apply the Department’s ‘Finance in Schools Handbook’ as it is a key internal control. |
This report provides parliament and other users of the Education cluster’s financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
This cluster was significantly impacted by the Machinery of Government changes. The Technical and Further Education Commission and the NSW Skills Board, part of the former Industry cluster, were transferred on 1 July 2019. This report focuses on agencies in the Education cluster from 1 July 2019. Please refer to the section on Machinery of Government changes for more details.
Machinery of Government refers to how the government organises the structures and functions of the public service. Machinery of Government changes are where the government reorganises these structures and functions, and the changes are given effect by Administrative Arrangements Orders.
Section highlights
The 2019 Machinery of Government changes significantly impacted the Education cluster. From 1 July 2019, the functions and activities associated with the administration of legislation allocated to the Minister for Skills and Tertiary Education were transferred from the former Industry cluster to the Education cluster. Aboriginal Affairs NSW was transferred from the Department of Education (the Department) to the Department of Premier and Cabinet.
The Department is the principal agency in the cluster. The Machinery of Government changes bring new responsibilities, risks and challenges to the cluster.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Education cluster for 2019.
Section highlights
Unqualified audit opinions were issued on the financial statements of cluster agencies. However, a more thorough quality review process of the financial statements submitted for audit would help reduce the number of corrections to those statements.
All cluster agencies met the statutory deadlines for completing the early close procedures and submitting the financial statements.
We continue to observe inconsistencies in the employee leave data reported from the Department of Education’s (the Department) payroll system. The robustness of the Department's quality assurance over leave liability data should be improved.
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Education cluster. It also comments on our review of the financial control framework applied by 70 schools in NSW whose financial results form part of the Department of Education's (the Department) financial statements.
Section highlights
- Audit Office management letter recommendations to address internal control weaknesses should be actioned promptly, with a focus on addressing repeat issues. The 2018–19 financial audits of cluster agencies identified 55 internal control issues, including 14 that were carried forward from the previous year.
- Application controls are procedures that operate at a business process level designed to ensure the integrity of accounting records. The Department can mitigate the risk of fraud or error in preparing its financial statements if segregation of duties are appropriately configured in their key application system.
- Our review of a selection of schools across NSW identified deficiencies in how schools apply the Department’s financial management practices and governance arrangements.
Appendix one – List of 2019 recommendations
Appendix two – Status of 2018 recommendations
Appendix three – Cluster agencies
Appendix four – Financial data
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Actions for Internal Controls and Governance 2019
Internal Controls and Governance 2019
This report covers the findings and recommendations from the 2018–19 financial audits that relate to internal controls and governance at 40 of the largest agencies in the NSW public sector. The 40 agencies selected for this report constitute around 84 per cent of total expenditure for all NSW public sector agencies.
The report provides insights into the effectiveness of controls and governance processes across the NSW public sector. It evaluates how agencies identify, mitigate and manage risks related to:
- financial controls
- information technology controls
- gifts and benefits
- internal audit
- contingent labour
- sensitive data.
The Auditor-General recommended that agencies do more to prioritise and address vulnerabilities in their internal controls and governance. The Auditor-General also recommended agencies increase the transparency of their management of gifts and benefits by publishing their registers on their websites.
This report analyses the internal controls and governance of 40 of the largest agencies in the NSW public sector for the year ended 30 June 2019.
1. Internal control trends
New, repeat and high risk findings |
There was an increase in internal control deficiencies of 12 per cent compared to last year. The increase is predominately due to a 100 per cent increase in repeat financial and IT control deficiencies. Some agencies attributed the delay in actioning repeat findings to the diversion of staff from their regular activities to implement and operationalise the recent Machinery of Government changes. As a result, actions to address audit recommendations have been deferred or re prioritised, as the changes are implemented. Agencies need to ensure they are actively managing the risks associated with having these vulnerabilities in internal control systems unaddressed for extended periods of time. |
Common findings |
A number of findings were common to multiple agencies. These findings often related to areas that are fundamental to good internal control environments and effective organisational governance, such as:
|
2. Information technology controls
IT general controls |
We examined information security controls over key financial systems that support the preparation of agency financial statements. We found:
We also found 20 per cent of agencies had deficient IT program change controls, mainly related to segregation of duties in approval and authorisation processes, and user acceptance testing of program changes prior to deployment into production environments. User acceptance testing helps identify potential issues with software incompatibility, operational workflows, absent controls and software issues, as well as areas where training or user support may be required. |
3. Gifts and benefits
Gifts and benefits registers |
All agencies had a gifts and benefits policy and 90 per cent of agencies maintain a gifts and benefits register. However, 51 per cent of the gifts and benefits registers we examined contained incomplete declarations, such as missing details for the approving officer, value of the gift and/or benefit offered and reasons supporting the decision. In some cases, gaps in recorded information meant the basis for decisions around gifts and benefits was not always clear, making it difficult to determine whether decisions in those instances were appropriate, compliant with policy and were not direct or indirect inducements to the recipients to favour suppliers or service providers. Agencies should ensure their gifts and benefits register includes all key fields specified in the Public Service Commission's minimum standards for gifts and benefits. Agencies should also perform regular reviews of the register to ensure completeness and ensure any gift or benefit accepted by a staff member meets the public's expectations for ethical behaviour. |
Managing gifts and benefits |
We found opportunities to improve gifts and benefits processes and enhance transparency. For example, only three per cent of agencies publish their gifts and benefits registers on their websites. Agencies can improve management of gifts and benefits by:
|
Reporting and monitoring |
Only 35 per cent of agencies reported trends in the number and nature of gifts and benefits recorded in their registers to the agency's senior executive management and/or a governance committee. Agencies should regularly report to the agency executive or other governance committee on trends in the offer and acceptance of gifts and benefits. |
4. Internal audit
Obtaining value from the internal audit function |
Agencies have established and maintained internal audit functions to provide assurance on the effectiveness of agency controls and governance systems. However, we identified areas where agencies' internal audit functions could improve their processes to add greater value. For example, only 73 per cent of CAEs regularly attend meetings of the agency board or executive management committee. Internal audit functions can add greater value by involving the CAE more extensively in executive forums as an observer. Internal audit functions should also consider producing an annual report on internal audit. An annual report allows the internal audit function to report on their performance and add value by drawing to the attention of audit and risk committees and senior management strategic issues, thematic trends and emerging risks. |
Role of the Chief Audit Executive |
Forty-five per cent of agencies assigned responsibilities to the Chief Audit Executive (CAE) that were broader than internal audit, but 17 per cent of these had not documented safeguards to protect the independence of the CAE. The reporting lines and status of the CAE at some agencies also needs review. At two agencies, the CAE reported to the CFO. Agencies should ensure:
|
Quality assurance and improvement program |
Thirty-five per cent of agencies did not have a documented quality assurance and improvement program for its internal audit function. The policy and the International Standards for the Professional Practice of Internal Auditing require agencies to have a documented quality assurance and improvement program. The results of this program should be reported annually. Agencies should ensure there is a documented and operational Quality Assurance and Improvement Program for the internal audit function that covers both internal and external assessments. |
5. Managing contingent labour
Obtaining value for money from contingent labour |
According to NSW Procurement data, spend on contingent labour has increased by 75 per cent over the last five years, to $1.5 billion in 2018–19. Improvements in internal processes and a renewed focus on agency monitoring and oversight of contingent labour can help ensure agencies get the best value for money from their contingent workforces. Agencies can improve their management of contingent labour by:
We also found 57 per cent of the 23 agencies we examined with contingent labour spend of more than $5 million in 2018–19 have implemented the government's vendor management system and service provider 'Contractor Central'. |
6. Managing sensitive data
Identifying and assessing sensitive data |
Sixty-eight per cent of agencies maintain an inventory of their sensitive data and where it resides. However, these inventories are not always complete and risks may be overlooked. Agencies can improve processes to manage sensitive data by:
|
Managing data breaches |
Eighty-eight per cent of agencies have established policies to respond to potential data breaches when they are identified and 70 per cent of agencies maintain a register to record key information in relation to identified data breach incidents. Agencies should maintain a data breach register to effectively manage the actions undertaken to contain, evaluate and remediate each data breach. |
This report covers the findings and recommendations from our 2018–19 financial audits that relate to internal controls and governance at 40 of the largest agencies (refer to Appendix three) in the NSW public sector. The 40 agencies selected for this volume constitute around 84 per cent of total expenditure for all NSW public sector agencies.
Although the report includes several agencies that have changed as a result of the Machinery of Government changes that were effective from 1 July 2019, its focus on sector wide issues and insights means that its findings remain relevant to NSW public sector agencies, including newly formed agencies that have assumed the functions of abolished agencies.
This report offers insights into internal controls and governance in the NSW public sector
This is the third report dedicated to internal controls and governance at NSW State Government agencies. The report provides insights into the effectiveness of controls and governance processes in the NSW public sector by:
- highlighting the potential risks posed by weaknesses in controls and governance processes
- helping agencies benchmark the adequacy of their processes against their peers
- focusing on new and emerging risks, and the internal controls and governance processes that might address those risks.
Without strong governance systems and internal controls, agencies increase the risks associated with effectively managing their finances and delivering services to citizens. For example, if they do not have strong information technology controls, sensitive information may be at risk of unauthorised access and misuse.
Areas of specific focus of the report have changed since last year
Last year's report topics included transparency and performance reporting, management of purchasing cards and taxi use, and fraud and corruption control. We are reporting on new topics this year and re-visiting agency management of gifts and benefits, which we first covered in our 2017 report. Re-visiting topics from prior years provides a baseline to show the NSW public sectors’ progress implementing appropriate internal controls and governance processes to mitigate existing, new and emerging risks in the public sector.
Our audits do not review all aspects of internal controls and governance every year. We select a range of measures and report on those that present heightened risks for agencies to mitigate. This year the report focusses on:
- internal control trends
- information technology controls, including access to agency systems
- protecting sensitive information held within agencies
- managing large and diverse workforces (controls around employing and managing contingent workers)
- maintaining an ethical culture (management of gifts and benefits)
- effectiveness of internal audit function and its oversight by Audit and Risk Committees.
The findings in this report should not be used to draw conclusions on the effectiveness of individual agency control environments and governance arrangements. Specific financial reporting, internal controls and audit observations are included in the individual 2019 cluster financial audit reports, which will be tabled in parliament from November to December 2019.
Internal controls are processes, policies and procedures that help agencies to:
- operate effectively and efficiently
- produce reliable financial reports
- comply with laws and regulations
- support ethical government.
This chapter outlines the overall trends for agency controls and governance issues, including the number of audit findings, the degree of risk those deficiencies pose to the agency, and a summary of the most common deficiencies we found across agencies. The rest of this report presents this year’s controls and governance findings in more detail.
Key conclusions and sector wide learnings
- out of date policies or an absence of policies to guide appropriate decisions
- poor record keeping and document retention
- incomplete or inaccurate centralised registers or gaps in these registers.
Policies, procedures and internal controls should be properly designed, be appropriate for the current organisational structure and its business activities, and work effectively.
This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency controls to manage key financial systems.
This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency controls to manage gifts and benefits.
Key conclusions and sector wide learnings
We found most agencies have implemented the Public Service Commission's minimum standards for gifts and benefits. All agencies had a gifts and benefits policy and 90 per cent of agencies maintained a gifts and benefits register and provided some form of training to employees on the treatment of gifts and benefits.
Based on our analysis of agency registers, we found some areas where opportunities existed to make processes more effective. In some cases, gaps in recorded information meant the basis for decisions around gifts and benefits was not always clear, making it difficult to determine whether decisions in those instances were appropriate and compliant with policy. Fifty-one per cent of the gifts and benefits registers reviewed contained declarations where not all fields of information had been completed. Seventy-seven per cent of agencies that maintained a gifts and benefits register did not include all key fields suggested by the minimum standards.
Areas where agencies can improve their management of gifts and benefits include:
- ensuring agency policies comprehensively cover the elements necessary to make it effective in an operational environment, such as identifying risks specific to the agency and actions that will be taken in the event of a policy breach
- establishing and publishing a statement of business ethics on the agency's website to clearly communicate expected behaviours to clients, customers,suppliers and contractors
- updating gifts and benefits registers to include all key fields suggested by the minimum standards, as well as performing regular reviews of the register to ensure completeness
- providing on-going training, awareness activities and support to employees, not just at induction
- regularly reporting gifts and benefits to executive management and/or a governance committee such as the audit and risk committee, focussing on trends in the number and types of gifts and benefits offered to and accepted by agency staff
- publishing their gifts and benefits registers on their websites to demonstrate a commitment to a transparently ethical environment.
This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency internal audit functions.
Key conclusions and sector wide learnings
We found agencies have established and maintained internal audit functions to provide assurance on the effectiveness of agency controls and governance systems as required by TPP15-03 'Internal Audit and Risk Management Policy for the NSW Public Sector'. However, we identified areas where agencies' internal audit functions could improve their processes to add greater value, including:
- documenting and implementing safeguards to address conflicting roles performed by the Chief Audit Executive (CAE)
- ensuring the reporting lines for the CAE comply with the NSW Treasury policy, and the CAE reports neither functionally or administratively to the finance function or other significant recipients of internal audit services
- involving the CAE more extensively in executive forums as an observer
- documenting a Quality Assurance and Improvement Program for the internal audit function and performing both internal and external performance assessments to identify opportunities for continuous improvement
- reporting against key performance indicators or a balanced scorecard and producing an annual report on internal audit to bring to the attention of the audit and risk committee and senior management strategic issues, thematic trends and emerging risks that may require further attention or resources.
This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency controls to on-board, manage and off-board contingent labour.
Key conclusions and sector wide learnings
Agencies have implemented controls to manage contingent labour and most agencies have some level of reporting and oversight of contingent labour at an executive level. However, the increasing trend in spend on contingent labour warrants a renewed focus on agency monitoring and oversight of their use of contingent labour. Over the last five years spend on contingent labour has increased by 75 per cent, to $1.5 billion in 2018–19.
There are also some key gaps that limit the ability of agencies to effectively manage contingent labour. Key areas where agencies can improve their management of contingent labour include:
- preparing workforce plans to inform their resourcing strategy, and confirm prior to engaging contingent labour, that this solution aligns with the strategy and best meets business needs
- involving agency human resources units in decisions about engaging contingent labour
- regularly reporting on contingent labour use to agency executive teams, particularly in terms of trends in agency spend, tenure and compliance with policies and procedures
- strengthening on-boarding and off-boarding processes, including establishing checklists to on-board and off-board contingent labour, making provisions for knowledge transfer, and assessing, documenting and capturing performance information.
This chapter outlines our audit observations, conclusions and recommendations, arising from our review of governance and processes in relation to the management of sensitive data.
Key conclusions and sector wide learnings
Information technology risks are rapidly increasing. More interfaces between agencies and greater connectivity means the amounts of data agencies generate, access, store and share continue to increase. Some of this information is sensitive information, which is protected by the Privacy Act 1988.
It is important that agencies understand what sensitive data they hold, the risks associated with the inadvertent release of this information and how they are mitigating those risks. We found that agencies need to continue to identify and record their sensitive data, as well as expand the methods they use to identify sensitive data. This includes data held in unstructured repositories, such as network shared drives and by agency service providers.
Eighty-eight per cent of agencies have established policies to respond to potential data breaches when they are identified and 70 per cent of agencies maintain a register to record key information in relation to identified data breach incidents.
Key areas where agencies can improve their management of sensitive data include:
- identifying sensitive data, based on a comprehensive and structured process and maintaining an inventory of the data
- assessing the criticality and sensitivity of the data so that the protection of high risk data can be prioritised
- developing comprehensive data breach management policies to ensure data breaches are appropriately managed
- maintaining a data breach incident register to record key information in relation to identified data breaches incidents, including the estimated cost of the breach
- providing on-going training and awareness activities to employees in relation to sensitive data and managing data breaches.
Appendix one – List of 2019 recommendations
Appendix two – Status of 2018 recommendations
Appendix three – In-scope agencies
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Actions for Ensuring teaching quality in NSW public schools
Ensuring teaching quality in NSW public schools
The Auditor-General for New South Wales, Margaret Crawford, has released a report on how the New South Wales Education and Standards Authority (NESA) and the Department of Education (the Department) ensure teaching quality in NSW public schools.
Around 2,200 NSW public school principals are responsible for accrediting their teachers in line with the Australian Professional Standards for Teachers. The report found that NESA does not oversight principals’ decisions to ensure that minimum standards for teaching quality are consistently met.
The Department does not effectively monitor teaching quality across the state. With limited data, it is difficult for the Department to ensure its strategies to improve teaching quality are appropriately targeted to improve teaching quality.
The Department’s Performance and Development Framework does not adequately support principals and supervisors to effectively manage and improve teacher performance or actively improve teaching quality. The Department manages those teachers formally identified as underperforming through teacher improvement programs. Only 53 of over 66,000 teachers employed by the Department were involved in these programs in 2018.
The report makes three recommendations towards NESA to improve accreditation processes, and four recommendations to the Department to improve its systems and processes for ensuring teaching quality across the State.
Australian research has shown that quality teaching is the greatest in-school influence on student engagement and outcomes, accounting for 30 per cent of the variance in student performance. An international comparative study of 15-year-old students showed the performance of New South Wales students in reading, mathematics and science has declined between 2006 and 2015.
The Australian Professional Standards for Teachers (the Standards) describe the knowledge, skills and understanding expected of effective teachers at different career stages. Teachers must be accredited against the Standards to be employed in NSW schools. The NSW Education Standards Authority (NESA) is responsible for ensuring all teachers in NSW schools are accredited. As part of the accreditation process the NSW Department of Education (The Department) assesses whether public school teachers meet proficient accreditation standards and advises NESA of its decisions.
The School Excellence Framework provides a method for the Department to monitor teaching quality at a school level across four elements of effective teaching practice. The Performance and Development Framework provides a method for teachers and their supervisors to monitor and improve teaching quality through setting professional goals to guide their performance and development.
The Department has a strategic goal that every student, every teacher, every leader and every school improves every year. In line with this goal, the Department has a range of strategies targeted to improving teaching quality at different career stages. These include additional resources to support new teachers, a program to support teachers to gain higher-level accreditation, support for principals to manage underperforming teachers, and a professional learning program where teachers observe and discuss each other's practice.
The objective of this audit was to assess the effectiveness of the NSW Department of Education's and the NSW Education Standards Authority's arrangements to ensure teaching quality in NSW public schools. To address this objective, the audit examined whether:
- agencies effectively monitor the quality of teaching in NSW public schools
- strategies to improve the quality of teaching are planned, communicated, implemented and monitored well.
Appendix one – Response from agencies
Appendix two – About the audit
Appendix three – Performance auditing
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Parliamentary Reference: Report number #327 - released 26 September 2019
Actions for Ensuring contract management capability in government - Department of Education
Ensuring contract management capability in government - Department of Education
This report examines whether the Department of Education has the required contract management capability to effectively manage high-value goods and services contracts (over $250,000). In 2017–18, the department managed high-value goods and services contracts worth $3.08 billion, with most of the contracts running over multiple years.
NSW government agencies are increasingly delivering services and projects through contracts with third parties. These contracts can be complex and governments face challenges in negotiating and implementing them effectively.
Contract management capability is a broad term, which can include aspects of individual staff capability as well as organisational capability (such as policies, frameworks and processes).
In 2017–18, the Department of Education (the Department) managed high-value (over $250,000) goods and services contracts worth $3.08 billion, with most of the contracts running over multiple years. The Department delivers, funds and regulates education services for NSW students from early childhood to secondary school.
This audit examined whether the Department has the required capability to effectively manage high-value goods and services contracts.
We did not examine infrastructure, construction or information communication and technology contracts. We assessed the Department against the following criteria:
- The Department’s policies and procedures support effective contract management and are consistent with relevant frameworks, policies and guidelines.
- The Department has capable personnel to effectively conduct the monitoring activities throughout the life of the contract.
The NSW Public Service Commission and the Department of Finance, Services and Innovation are included as auditees as they administer policies which directly affect contract management capability, including:
- NSW Procurement Board Directions and policies
- NSW Procurement Agency Accreditation Scheme
- NSW Public Sector Capability Framework.
The Department of Finance, Services and Innovation's responsibility for NSW Procurement will transfer to NSW Treasury on 1 July 2019 as part of changes to government administrative arrangements announced on 2 April 2019 and amended on 1 May 2019.
Conclusion The Department of Education's procedures and policies for goods and services contract management are consistent with relevant guidance. It also has a systemic approach to defining the capability required for contract management roles. That said, there are gaps in how well the Department uses this capability to ensure its contracts are performing. We also found one program (comprising 645 contracts) that was not compliant with the Department's policies. The Department has up-to-date policies and procedures that are consistent with relevant guidance. The Department also communicates changes to procurement related policies, monitors compliance with policies and conducts regular reviews aiming to identify non-compliance. The Department uses the NSW Public Service Commission's capability framework to support its workforce management and development. The capability framework includes general contract management capability for all staff and occupation specific capabilities for contract managers. The Department also provides learning and development for staff who manage contracts to improve their capability. The Department provides some guidance on different ways that contract managers can validate performance information provided by suppliers. However, the Department does not provide guidance to assist contract managers to choose the best validation strategy according to contract risk. This could lead to inconsistent practice and contracts not delivering what they are supposed to. We found that none of the 645 contracts associated with the Assisted Schools Travel Program (estimated value of $182 million in 2018–19) have contract management plans. This is contrary to the Department's policies and increases the risk that contract managers are not effectively reviewing performance and resolving disputes. |
Appendix one - Response from agencies
Appendix two - About the audit
Appendix three - Performance auditing
Parliamentary Reference: Report number #325 - released 28 June 2019
Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Actions for Engagement of probity advisers and probity auditors
Engagement of probity advisers and probity auditors
Three key agencies are not fully complying with the NSW Procurement Board’s Direction for engaging probity practitioners, according to a report released today by the Acting Auditor-General for New South Wales, Ian Goodwin. They also do not have effective processes to achieve compliance or assure that probity engagements achieved value for money.
Probity is defined as the quality of having strong moral principles, honesty and decency. Probity is important for NSW Government agencies as it helps ensure decisions are made with integrity, fairness and accountability, while attaining value for money.
Probity advisers provide guidance on issues concerning integrity, fairness and accountability that may arise throughout asset procurement and disposal processes. Probity auditors verify that agencies' processes are consistent with government laws and legislation, guidelines and best practice principles.
According to the NSW State Infrastructure Strategy 2018-2038, New South Wales has more infrastructure projects underway than any state or territory in Australia. The scale of the spend on procuring and constructing new public transport networks, roads, schools and hospitals, the complexity of these projects and public scrutiny of aspects of their delivery has increased the focus on probity in the public sector.
A Procurement Board Direction, 'PBD-2013-05 Engagement of probity advisers and probity auditors' (the Direction), sets out the requirements for NSW Government agencies' use and engagement of probity practitioners. It confirms agencies should routinely take into account probity considerations in their procurement. The Direction also specifies that NSW Government agencies can use probity advisers and probity auditors (probity practitioners) when making decisions on procuring and disposing of assets, but that agencies:
- should use external probity practitioners as the exception rather than the rule
- should not use external probity practitioners as an 'insurance policy'
- must be accountable for decisions made
- cannot substitute the use of probity practitioners for good management practices
- not engage the same probity practitioner on an ongoing basis, and ensure the relationship remains robustly independent.
The scale of probity spend may be small in the context of the NSW Government's spend on projects. However, government agencies remain responsible for probity considerations whether they engage external probity practitioners or not.
The audit assessed whether Transport for NSW, the Department of Education and the Ministry of Health:
- complied with the requirements of ‘PBD-2013-05 Engagement of Probity Advisers and Probity Auditors’
- effectively ensured they achieved value for money when they used probity practitioners.
These entities are referred to as 'participating agencies' in this report.
We also surveyed 40 NSW Government agencies with the largest total expenditures (top 40 agencies) to get a cross sector view of their use of probity practitioners. These agencies are listed in Appendix two.
Conclusion
We found instances where each of the three participating agencies had not fully complied with the requirements of the NSW Procurement Board Direction ‘PBD-2013-05 Engagement of Probity Advisers and Probity Auditors’ when they engaged probity practitioners. We also found they did not have effective processes to achieve compliance or assure the engagements achieved value for money.
In the sample of engagements we selected, we found instances where the participating agencies did not always:
- document detailed terms of reference
- ensure the practitioner was sufficiently independent
- manage probity practitioners' independence and conflict of interest issues transparently
- provide practitioners with full access to records, people and meetings
- establish independent reporting lines reporting was limited to project managers
- evaluate whether value for money was achieved.
We also found:
- agencies tend to rely on only a limited number of probity service providers, sometimes using them on a continuous basis, which may threaten the actual or perceived independence of probity practitioners
- the NSW Procurement Board does not effectively monitor agencies' compliance with the Direction's requirements. Our enquiries revealed that the Board has not asked any agency to report on its use of probity practitioners since the Direction's inception in 2013.
There are no professional standards and capability requirements for probity practitioners
NSW Government agencies use probity practitioners to independently verify that their procurement and asset disposal processes are transparent, fair and accountable in the pursuit of value for money.
Probity practitioners are not subject to regulations that require them to have professional qualifications, experience and capability. Government agencies in New South Wales have difficulty finding probity standards, regulations or best practice guides to reference, which may diminish the degree of reliance stakeholders can place on practitioners’ work.
The NSW Procurement Board provides direction for the use of probity practitioners
The NSW Procurement Board Direction 'PBD-2013-15 for engagement of probity advisers and probity auditors' outlines the requirements for agencies' use of probity practitioners in the New South Wales public sector. All NSW Government agencies, except local government, state owned corporations and universities, must comply with the Direction when engaging probity practitioners. This is illustrated in Exhibit 1 below.
Actions for Wellbeing of secondary school students
Wellbeing of secondary school students
The Department of Education has a strong focus on supporting secondary school students’ wellbeing. However, it is difficult to assess how well the Department is progressing as it is yet to measure or report on the outcomes of this work at a whole-of-state level.
The Department of Education’s (the Department) purpose is to prepare young people for rewarding lives as engaged citizens in a complex and dynamic society. The Department commits to creating quality learning opportunities for children and young people, including a commitment to student wellbeing, which is seen as directly linked to positive learning outcomes. Wellbeing is defined broadly by the Department as “the quality of a person’s life…It is more than the absence of physical or psychological illness”. Student wellbeing can be supported by everything a school does to enhance a student's learning—from curriculum to teacher quality to targeted policies and programs to whole-school approaches to wellbeing.
Several reforms have aimed to support student wellbeing in recent years. 'Local Schools, Local Decisions' gave NSW schools more local authority to make decisions, including schools' approaches to support student wellbeing. In 2016, the 'Supported Students, Successful Students' initiative provided $167 million over four years to support the wellbeing of students. From 2018, the 'Every Student is Known, Valued and Cared For' initiative provides a principal led mentoring program, and a website with policies, procedures and resources to support student wellbeing.
This audit assessed how well the Department of Education supports secondary schools to promote and support the wellbeing of their students and how well secondary schools are promoting and supporting the wellbeing of their students.
Conclusion
The Department has implemented a range of programs and reforms aimed at supporting student wellbeing. However, the outcomes of this work have yet to be measured or reported on at a system level, making it difficult to assess the Department's progress in improving student wellbeing.
Secondary schools have generally adopted a structured approach to deliver wellbeing support and programs, using both Department and localised resources. The approaches have been tailored to meet the needs of their school community. That said, public reporting on wellbeing improvement measures via annual school reports is of variable quality and needs to improve.
The Department’s wellbeing initiatives are supported by research and consultation, but outcomes have not been reported on
The Department’s development of wellbeing policy, guidance, tools and resources has been transparent, consultative and well researched. It has drawn on international and domestic evidence to support its aim to deliver a fundamental shift from welfare to wellbeing at the school and system level.
However, the key performance indicator to monitor and track progress in wellbeing has yet to be reported on despite the strategic plan including this as a priority for the period 2018 to 2022. This includes not yet reporting a baseline for the target, nor how it will be measured.
The Department’s wellbeing resources are mostly well targeted but there is room for improvement
The Department’s allocation of resources to deliver wellbeing initiatives in schools is mostly well targeted, reflects a needs basis and supports current strategic directions. This could be improved with some changes to formula allocations and clearer definitions of the resourcing required for identified wellbeing positions in schools. The workforce modelling for forecasting supply and demand, specifically for school counsellors and psychologists, needs to separately identify these positions as they are currently subsumed in general teacher numbers.
Schools' reporting on wellbeing improvement measures is of variable quality and needs to improve
Schools we visited demonstrated a variety of approaches to wellbeing depending on their local circumstances and student populations. They make use of Department policies, guidelines, and resources, particularly mandatory policies and data collections, which have good compliance and take-up at school level. Professional learning supports specific wellbeing initiatives and online systems for monitoring and reporting have contributed to schools’ capacity and capabilities.
Schools report publicly on wellbeing improvement measures through annual school reports but this reporting is of variable quality. The Department plans to improve the capability of schools in data analysis and we recommend that this include the setting and evaluation of improvement targets for wellbeing.
The implementation of the 2015 Wellbeing Framework in schools is incomplete and the Department has not effectively prioritised and consolidated tools, systems and reporting for wellbeing
Schools' take up of the 2015 Wellbeing Framework is hindered by it not being linked to the school planning and reporting policy and tools—the School Excellence Framework. At some schools we visited, this disconnect has led to a lack of knowledge and confidence in using it in schools. The Department has identified the need to improve alignment of policies, frameworks and plans and has commenced work on this.
We found evidence of overburdening in schools for addressing student wellbeing—in the number of tools, online systems for information collection, and duplication in reporting. Following the significant reforms of recent years, the Department should consolidate its efforts by reinforcing existing effective programs and systems and addressing identified gaps and equity issues, rather than introducing further change for schools. In particular, methods and processes for complex case coordination need improvement.
The NSW Department of Education commits to creating quality learning opportunities for students. This includes strengthening students’ physical, social, emotional and spiritual development. The Department sets out to enable students to be healthy, happy, engaged and successful.
Welfare and wellbeing
The Department’s approach has significantly shifted from student welfare to wellbeing of the whole child and young person. Wellbeing is defined in departmental policy and strategy documents broadly, and as directly linked to learning and positive learning outcomes. “Wellbeing can be described as the quality of a person’s life…It is more than the absence of physical or psychological illness…Wellbeing, or the lack of it, can affect a student’s engagement and success in learning…”
Student wellbeing can be supported by everything a school does to enhance a student's learning—from curriculum to teacher quality to targeted policies and programs to whole-school approaches to wellbeing. Distinctions between wellbeing and welfare in the school context are outlined below.
Welfare | Wellbeing |
---|---|
Operates from a basis of student need and doesn't always take into account a whole child view. | For all students. |
Rather than building on the strengths of students, operates from a deficit model of individual student problems or negative behaviours. | Goes beyond just welfare needs of a few students and aims for all students to be healthy, happy, successful and productive individuals who are active and positive contributors to the school and society in which they live. |
Appendix one - Response from agency
Appendix two - Key policies, guidance, and systems
Appendix three - Funding and resources for schools
Appendix four - Measuring wellbeing
Appendix five - About the audit
Appendix six - Performance auditing
Parliamentary Reference: Report number #318 - released 23 May 2019
Actions for Supply of secondary teachers in STEM-related disciplines
Supply of secondary teachers in STEM-related disciplines
The NSW Department of Education’s plans and strategies to respond to the demand for secondary teachers in STEM-related disciplines are limited by incomplete data and underperforming scholarship and sponsorship program. The Department does not collect sufficient information to monitor what disciplines teachers actually teach nor does it predict supply and demand for teachers by discipline and location. This restricts the Department’s ability to track and forecast the supply and demand for secondary teachers in STEM-related disciplines.
In recent years, Australian and international education policy has focused on improving outcomes in Science, Technology, Engineering and Mathematics (STEM) subjects. However, research has identified a shortage of qualified secondary teachers in STEM-related disciplines 1. This is projected to worsen due to a combination of student population increases, an ageing workforce, and fewer people going into teaching. Shortfalls are likely to be more acute in rural and remote areas, and areas of low socio-economic status.
The Department of Education (the Department) has a variety of strategies to encourage teachers to practise in locations or disciplines of need. These include scholarships for tertiary students going into teaching, sponsorships for teachers seeking approval to teach additional disciplines, and incentives to attract teachers to rural and remote locations.
This audit assessed the effectiveness of the Department's workforce plans and strategies in responding to the demand for secondary teachers in STEM-related disciplines. We assessed:
- how well the Department tracks the supply and demand for secondary teachers in STEM-related disciplines across NSW
- whether the Department has effective strategies to attract and retain secondary teachers in STEM-related disciplines.
There are two key shortcomings that fundamentally limit the effectiveness of the Department's plans and strategies to respond to the demand for secondary teachers in STEM-related disciplines. First, the Department is not accurately tracking the supply and demand for secondary teachers by discipline due to incomplete data. Second, not all scholarship and sponsorship places are allocated and many scholars withdraw from the programs before completion. The Department has recognised and started to address these problems with a new workforce model, revised incentives and scholarship programs.
The Department’s current workforce planning model does not provide the information needed to target workforce plans and strategies to areas of need. This is because it does not predict supply and demand for teachers by discipline and location. An internal review in 2017 acknowledged the limitations of this model. In response the Department developed a new model, which it is currently enhancing, to predict supply and demand for teachers by discipline and location. For this to be successful, the Department needs to monitor the level of out-of-field teaching and improve data on the willingness of teachers to work in particular locations.
The Department does not allocate all available scholarship and sponsorship places and around 30 per cent of recipients do not complete the term of their agreement. An internal review in 2017 highlighted that some programs were not targeting workforce need and that there were no key performance indicators to determine the overall effectiveness of these programs. However, scholarship programs and incentives are promoted well through social media and face-to-face events at Universities. Further, the Department has used findings from internal reviews of incentives and scholarships in 2016 and 2017 to inform recent changes to programs.
The Department has little oversight of access to practicum placements for pre-service teachers in areas of need. Professional experience agreements were established with each University in 2015 to improve the placement process for disciplines of need. Initial teacher education students must complete several ‘practicum placements’ before they can be qualified to teach in a school. Several universities we consulted reported difficulties finding practicum placements for pre-service teachers specialising in STEM-related disciplines. The Department is now revising the agreements to improve the quality of data it collects on the number, location and subject area of practicum placements.
The Department is not accurately tracking the supply and demand for secondary teachers by discipline due to incomplete data.
The Department’s current workforce planning model does not accurately predict supply and demand for teachers by discipline and location. An internal review in 2017 acknowledged the limitations of this model. In response the Department developed a new model which it is currently enhancing to address the findings of the review. For this model to be successful, the Department needs to monitor the level of out-of-field teaching and improve data on the willingness of teachers to work in particular locations. Further work also needs to be undertaken to refine the assumptions that underpin the Department’s workforce planning models as it starts to predict the need for teachers by discipline.
The Department has not publicly reported on the supply and demand for teachers by discipline since 2015. While it does report annually on its current workforce profile, this information is not detailed enough to inform future strategies or programs. More detailed public reporting may help the Department to influence the future supply of teachers by communicating its projected areas of need. Planned improvements to the Department's workforce planning model, as relayed to us, will add to the data available on areas of need. Once available, this should be reported publicly.
Recommendations
By December 2019, the Department of Education should:
- Improve its workforce planning model to better understand and communicate supply and demand for teachers by:
- determining the extent, and analysing the impact, of out-of-field teaching by permanent and temporary teachers in each school
- sourcing additional data to more accurately reflect teacher location preferences
- projecting supply and demand by subject level and geographic area
- regularly reporting on the supply and demand for secondary teachers in each discipline to communicate future areas of need to future teacher education students.
The Department's current scholarship and sponsorship programs are not allocating all available places and many scholars withdraw from the programs before completion. An internal review in 2017 raised several issues with the effectiveness of programs and the Department has started to revise its scholarship, sponsorship and incentive programs.
An internal review in 2017 highlighted that scholarship and sponsorship programs were not targeting workforce need, and that there were no key performance indicators to determine the overall effectiveness of these strategies. In addition, the review found that only 79 per cent of available scholarship placements are allocated each year, and 31 per cent of scholarship recipients withdraw prior to completing their required service period. The Department recently announced changes to its scholarship programs from 2019 onwards.
The Department has incentives to encourage teachers to work in rural and remote areas, including teachers in STEM-related disciplines. Incentives include access to priority transfers, rental subsidies and other allowances. Research conducted in 2016 examined the influence of incentives in encouraging teachers to work in rural and remote areas. The Department used findings of this research when updating its set of rural and remote incentives in 2017.
The Department promotes its scholarship and sponsorship programs through the teach.NSW website. It uses social media to direct applicants to this website. It also promotes its programs through careers fairs, University open days, and professional events. Past applicants have reported that the website clearly communicates eligibility criteria and the terms of agreement for all scholarship programs.
The Department could strengthen its relationship with universities to attract teachers to areas of need by collecting and analysing data on practicum placements, facilitating placements for scholarship recipients, and communicating predicted teacher needs by discipline.
Recommendations
By December 2019, the Department of Education should:
2. Implement changes to address the findings of the 'Teacher Scholarship Realignment' report, including by:
- testing a range of program designs with target candidates to determine the best options to attract more suitable applicants
- establishing key performance indicators, and setting targets, to better monitor the effectiveness of the programs
- reducing the number of scholars appointed to over-establishment positions
- increasing the proportion of scholars appointed to priority locations
- further analysing scholarship recipients career paths to inform future improvements to the scholarship programs.
3. Review its role in the practicum placement process of pre-service teachers by:
- analysing how many students each school accommodates per year, to ensure there are appropriate placements available for students in high needs disciplines
- working with universities to facilitate practicum placements for scholarship recipients
- establishing mechanisms for ongoing monitoring of its partnerships with universities to ensure they are meeting their aims.
Appendix one - Response from agency
Appendix two - About the audit
Appendix three - Performance auditing
Parliamentary Reference - Report number #313 - released 29 January 2019.
Actions for Internal Controls and Governance 2017
Internal Controls and Governance 2017
Agencies need to do more to address risks posed by information technology (IT).
Effective internal controls and governance systems help agencies to operate efficiently and effectively and comply with relevant laws, standards and policies. We assessed how well agencies are implementing these systems, and highlighted opportunities for improvement.
1. Overall trends
New and repeat findings |
The number of reported financial and IT control deficiencies has fallen, but many previously reported findings remain unresolved. |
High risk findings |
Poor systems implementations contributed to the seven high risk internal control deficiencies that could affect agencies. |
Common findings |
Poor IT controls are the most commonly reported deficiency across agencies, followed by governance issues relating to cyber security, capital projects, continuous disclosure, shared services, ethics and risk management maturity. |
2. Information Technology
IT security |
Only two-thirds of agencies are complying with their own policies on IT security. Agencies need to tighten user access and password controls. |
Cyber security |
Agencies do not have a common view on what constitutes a cyber attack, which limits understanding the extent of the cyber security threat. |
Other IT systems |
Agencies can improve their disaster recovery plans and the change control processes they use when updating IT systems. |
3. Asset Management
Capital investment |
Agencies report delays delivering against the significant increase in their budgets for capital projects. |
Capital projects |
Agencies are underspending their capital budgets and some can improve capital project governance. |
Asset disposals |
Eleven per cent of agencies were required to sell their real property through Property NSW but didn’t. And eight per cent of agencies can improve their asset disposal processes. |
4. Governance
Governance arrangements |
Sixty-four per cent of agencies’ disclosure policies support communication of key performance information and prompt public reporting of significant issues. |
Shared services |
Fifty-nine per cent of agencies use shared services, yet 14 per cent do not have service level agreements in place and 20 per cent can strengthen the performance standards they set. |
5. Ethics and Conduct
Ethical framework |
Agencies can reinforce their ethical frameworks by updating code‑of‑conduct policies and publishing a Statement of Business Ethics. |
Conflicts of interest |
All agencies we reviewed have a code of conduct, but they can still improve the way they update and manage their codes to reduce the risk of fraud and unethical behaviour. |
6. Risk Management
Risk management maturity |
All agencies have implemented risk management frameworks, but with varying levels of maturity. |
Risk management elements |
Many agencies can improve risk registers and strengthen their risk culture, particularly in the way that they report risks to their lead agency. |
This report covers the findings and recommendations from our 2016–17 financial audits related to the internal controls and governance of the 39 largest agencies (refer to Appendix three) in the NSW public sector. These agencies represent about 95 per cent of total expenditure for all NSW agencies and were considered to be a large enough group to identify common issues and insights.
The findings in this report should not be used to draw conclusions on the effectiveness of individual agency control environments and governance arrangements. Specific financial reporting, controls and service delivery comments are included in the individual 2017 cluster financial audit reports tabled in Parliament from October to December 2017.
This new report offers strategic insight on the public sector as a whole
In previous years, we have commented on internal control and governance issues in the volumes we published on each ‘cluster’ or agency sector, generally between October and December. To add further value, we then commented more broadly about the issues identified for the public sector as a whole at the start of the following year.
This year, we have created this report dedicated to internal controls and governance. This will help Parliament to understand broad issues affecting the public sector, and help agencies to compare their own performance against that of their peers.
Without strong control measures and governance systems, agencies face increased risks in their financial management and service delivery. If they do not, for example, properly authorise payments or manage conflicts of interest, they are at greater risk of fraud. If they do not have strong information technology (IT) systems, sensitive and trusted information may be at risk of unauthorised access and misuse.
These problems can in turn reduce the efficiency of agency operations, increase their costs and reduce the quality of the services they deliver.
Our audits do not review every control or governance measure every year. We select a range of measures, and report on those that present the most significant risks that agencies should mitigate. This report divides these into the following six areas:
- Overall trends
- Information technology
- Asset management
- Governance
- Ethics and conduct
- Risk management.
Internal controls are processes, policies and procedures that help agencies to:
- operate effectively and efficiently
- produce reliable financial reports
- comply with laws and regulations.
This chapter outlines the overall trends for agency controls and governance issues, including the number of findings, level of risk and the most common deficiencies we found across agencies. The rest of this volume then illustrates this year’s controls and governance findings in more detail.
Issues |
Recommendations |
1.1 New and repeat findings |
|
The number of internal control deficiencies reduced over the past three years, but new higher-risk information technology (IT) control deficiencies were reported in 2016–17. Deficiencies repeated from previous years still make up a sizeable proportion of all internal control deficiencies. |
Recommendation Agencies should focus on emerging IT risks, but also manage new IT risks, reduce existing IT control deficiencies, and address repeat internal control deficiencies on a more timely basis. |
1.2 High risk findings |
|
We found seven high risk internal control deficiencies, which might significantly affect agencies. |
Recommendation Agencies should rectify high risk internal control deficiencies as a priority |
1.3 Common findings |
|
The most common internal control deficiencies related to poor or absent IT controls. We found some common governance deficiencies across multiple agencies. |
Recommendation Agencies should coordinate actions and resources to help rectify common IT control and governance deficiencies. |
Information technology (IT) has become increasingly important for government agencies’ financial reporting and to deliver their services efficiently and effectively. Our audits reviewed whether agencies have effective controls in place over their IT systems. We found that IT security remains the source of many control weakness in agencies.
Issues | Recommendations |
2.1 IT security |
|
User access administration While 95 per cent of agencies have policies about user access, about two-thirds were compliant with these policies. Agencies can improve how they grant, change and end user access to their systems. |
Recommendation Agencies should strengthen user access administration to prevent inappropriate access to sensitive systems. Agencies should:
|
Privileged access Sixty-eight per cent of agencies do not adequately manage who can access their information systems, and many do not sufficiently monitor or restrict privileged access. |
Recommendation Agencies should tighten privileged user access to protect their information systems and reduce the risks of data misuse and fraud. Agencies should ensure they:
|
Password controls Forty-one per cent of agencies did not meet either their own standards or minimum standards for password controls. |
Recommendation Agencies should review and enforce password controls to strengthen security over sensitive systems. As a minimum, password parameters should include:
|
2.2 Cyber Security |
|
Cyber security framework Agencies do not have a common view on what constitutes a cyber attack, which limits understanding the extent of the cyber security threat. |
Recommendation The Department of Finance, Services and Innovation should revisit its existing framework to develop a shared cyber security terminology and strengthen the current reporting requirements for cyber incidents. |
Cyber security strategies While 82 per cent of agencies have dedicated resources to address cyber security, they can strengthen their strategies, expertise and staff awareness. |
Recommendations The Department of Finance, Services and Innovation should:
Agencies should ensure they adequately resource staff dedicated to cyber security. |
2.3 Other IT systems |
|
Change control processes Some agencies need to improve change control processes to avoid unauthorised or inaccurate system changes. |
Recommendation Agencies should consistently perform user acceptance testing before system upgrades and changes. They should also properly approve and document changes to IT systems. |
Disaster recovery planning Agencies can do more to adequately assess critical business systems to enforce effective disaster recovery plans. This includes reviewing and testing their plans on a timely basis. |
Recommendation Agencies should complete business impact analyses to strengthen disaster recovery plans, then regularly test and update their plans. |
Agency service delivery relies on developing and renewing infrastructure assets such as schools, hospitals, roads, or public housing. Agencies are currently investing significantly in new assets. Agencies need to manage the scale and volume of current capital projects in order to deliver new infrastructure on time, on budget and realise the intended benefits. We found agencies can improve how they:
- manage their major capital projects
- dispose of existing assets.
Issues | Recommendations or conclusions |
3.1 Capital investment |
|
Capital asset investment ratios Most agencies report high capital investment ratios, but one-third of agencies’ capital investment ratios are less than one. |
Recommendation Agencies with high capital asset investment ratios should ensure their project management and delivery functions have the capacity to deliver their current and forward work programs. |
Volume of capital spending Most agencies have significant forward spending commitments for capital projects. However, agencies’ actual capital expenditure has been below budget for the last three years. |
Conclusion The significant increase in capital budget underspends warrant investigation, particularly where this has resulted from slower than expected delivery of projects from previous years. |
3.2 Capital projects |
|
Major capital projects Agencies’ major capital projects were underspent by 13 percent against their budgets. |
Conclusion The causes of agency budget underspends warrant investigation to ensure the NSW Government’s infrastructure commitment is delivered on time. |
Capital project governance Agencies do not consistently prepare business cases or use project steering committees to oversee major capital projects. |
Conclusion Agencies that have project management processes that include robust business cases and regular updates to their steering committees (or equivalent) are better able to provide those projects with strategic direction and oversight. |
3.3. Asset disposals |
|
Asset disposal procedures Agencies need to strengthen their asset disposal procedures. |
Recommendations Agencies should have formal processes for disposing of surplus properties. Agencies should use Property NSW to manage real property sales unless, as in the case for State owned corporations, they have been granted an exemption. |
Governance refers to the high-level frameworks, processes and behaviours that help an organisation to achieve its objectives, comply with legal and other requirements, and meet a high standard of probity, accountability and transparency.
This chapter sets out the governance lighthouse model the Audit Office developed to help agencies reach best practice. It then focuses on two key areas: continuous disclosure and shared services arrangements. The following two chapters look at findings related to ethics and risk management.
Issues | Recommendations or conclusions |
4.1 Governance arrangements |
|
Continuous disclosure Continuous disclosure promotes improved performance and public trust and aides better decision-making. Continuous disclosure is only mandatory for NSW Government Businesses such as State owned corporations. |
Conclusion Some agencies promote transparency and accountability by publishing on their websites a continuous disclosure policy that provides for, and encourages:
|
4.2 Shared services |
|
Service level agreements Some agencies do not have service level agreements for their shared service arrangements. Many of the agreements that do exist do not adequately specify controls, performance or reporting requirements. This reduces the effectiveness of shared services arrangements. |
Conclusion Agencies are better able to manage the quality and timeliness of shared service arrangements where they have a service level agreement in place. Ideally, the terms of service should be agreed before services are transferred to the service provider and:
|
Shared service performance Some agencies do not set performance standards for their shared service providers or regularly review performance results. |
Conclusion Agencies can achieve better results from shared service arrangements when they regularly monitor the performance of shared service providers using key measures for the benefits realised, costs saved and quality of services received. Before agencies extend or renegotiate a contract, they should comprehensively assess the services received and test the market to maximise value for money. |
All government sector employees must demonstrate the highest levels of ethical conduct, in line with standards set by The Code of Ethics and Conduct for NSW government sector employees.
This chapter looks at how well agencies are managing these requirements, and where they can improve their policies and processes.
We found that agencies mostly have the appropriate codes, frameworks and policies in place. But we have highlighted opportunities to improve the way they manage those systems to reduce the risks of unethical conduct.
Issues | Recommendations or conclusions |
5.1 Ethical framework |
|
Code of conduct All agencies we reviewed have a code of conduct, but they can still improve the way they update and manage their codes to reduce the risk of fraud and unethical behaviour. |
Recommendation Agencies should regularly review their code-of-conduct policies and ensure they keep their codes of conduct up-to-date. |
Statement of business ethics Most agencies maintain an ethical framework, but some can enhance their related processes, particularly when dealing with external clients, customers, suppliers and contractors. |
Conclusion Agencies can enhance their ethical frameworks by publishing a Statement of Business Ethics, which communicates their values and culture. |
5.2 Potential conflicts of interest |
|
Conflicts of interest All agencies have a conflicts-of-interest policy, but most can improve how they identify, manage and avoid conflicts of interest. |
Recommendation Agencies should improve the way they manage conflicts of interest, particularly by:
|
Gifts and benefits While all agencies already have a formal gifts-and-benefits policy, we found gaps in the management of gifts and benefits by some that increase the risk of unethical conduct. |
Recommendation Agencies should improve the way they manage gifts and benefits by promptly updating registers and providing annual training to staff. |
Risk management is an integral part of effective corporate governance. It helps agencies to identify, assess and prioritise the risks they face and in turn minimise, monitor and control the impact of unforeseen events. It also means agencies can respond to opportunities that may emerge and improve their services and activities.
This year we looked at the overall maturity of the risk management frameworks that agencies use, along with two important risk management elements: risk culture and risk registers.
Issues | Recommendations or conclusions |
6.1 Risk management maturity |
|
All agencies have implemented risk management frameworks, but with varying levels of maturity in their application. Agencies’ averaged a score of 3.1 out of five across five critical assessment criteria for risk management. While strategy and governance fared best, the areas that most need to improve are risk culture, and systems and intelligence. |
Conclusion Agencies have introduced risk management frameworks and practices as required by the Treasury’s:
However, more can be done to progress risk management maturity and embed risk management in agency culture. |
6.2 Risk management elements |
|
Risk culture Most agencies have started to embed risk management into the culture of their organisation. But only some have successfully done so, and most agencies can improve their risk culture.
|
Conclusion Agencies can improve their risk culture by:
|
Risk registers and reporting Some agencies do not report their significant risks to their lead agency, which may impair the way resources are allocated in their cluster. Some agencies do not integrate risk registers at a divisional and whole-of-enterprise level. |
Conclusion Agencies not reporting significant risks at the cluster level increases the likelihood that significant risks are not being mitigated appropriately. |
Effective risk management can improve agency decision-making, protect reputations and lead to significant efficiencies and cost savings. By embedding risk management directly into their operations, agencies can also derive extra value for their activities and services.
Actions for Report on Education 2017
Report on Education 2017
The Auditor-General, Margaret Crawford released her report on the results of the financial audits of agencies in the Education cluster. The report focuses on key observations and findings from the most recent audits of these agencies.
'I am pleased to report that unqualified audit opinions were issued on the financial statements for all agencies in the Education cluster', the Auditor-General said. 'The quality and timeliness of financial reporting remains strong'.
Actions for Central Agencies 2017
Central Agencies 2017
This report highlights the results of the financial audits of NSW Government central agencies. The report focuses on key observations and findings from the most recent financial statement audits of agencies in the Treasury, Premier and Cabinet, and Finance, Services and Innovation clusters.
The report includes a range of findings in respect to service delivery. One repeat finding is that while the Government regularly reports on the 12 Premier's priorities, there is no comprehensive reporting on the 18 State priorities.
1. Financial reporting and controls
Audit Opinions | Unqualified audit opinions were issued for all agencies' 30 June 2017 financial statements. |
Early close | Early close procedures continue to facilitate the timely preparation of financial statements and completion of audits, but agencies can make further improvement. |
Deficient user administration access | User access administration over financial systems remains an area of weakness. Agencies need to strengthen user access administration to critical systems. |
Transitioning to outsourced service providers | Transitioning of services to outsourced service providers can be improved. Outsourcing services can lead to better outcomes, which may include lower transaction costs and improved services, but it also introduces new risks. |
2. Service delivery
Premier and State Priorities | A comprehensive report of performance against the 18 State Priorities is yet to be published. While some measures are publicly reported through agency annual reports or other sources, a comprehensive report of performance against the 18 State Priorities would ensure all State Priorities are publicly reported, provide a single and easily accessible source of reference and improve transparency. |
ICT and digital government | The Digital Government Strategy was released in May 2017. Targets will need to be set to assess and monitor progress against the Strategy. |
Digital information security | Not all agencies are complying with the NSW Government's information security policy. This increases the risk of noncompliance with legislation, information security breaches and difficulty restoring data or maintaining business continuity in the event of a disaster or disruption. |
Property and asset utilisation | Property NSW's performance reporting would be enhanced by developing and reporting on customer satisfaction, reporting against set targets and benchmarking cost of service to the private sector. |
3. Government financial services
Prudential oversight of NSW Government superannuation funds |
Prudential oversight of SAS Trustee Corporation Pooled Fund and Parliamentary Contributory Superannuation Fund has not been prescribed. Structured and comprehensive prudential oversight of these funds remains important as they operate in a specialised, complex and continuously changing investment market sector, have over 106,000 members and manage investments in excess of $42.4 billion. |
Green slip scheme affordability | Currently, Green Slips in NSW are the most expensive in Australia. However, CTP reforms are expected to reduce the cost of Green Slips. |
This report sets out the results of the 30 June 2017 financial statement audits of NSW Government's central agencies and their cluster agencies.
Central agencies play a key role in ensuring policy coordination, good administrative and people management practices and prudent fiscal management. The central agencies and their key responsibilities are set out below.
Confidence in public sector decision‑making and transparency is enhanced when financial reporting is accurate and timely. Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. This chapter outlines our audit observations, conclusions or recommendations related to financial reporting and controls of agencies for 2016–17.
Observation | Conclusion or recommendation |
2.1 Quality of financial reporting | |
Unqualified audit opinions were issued for all agency financial statements. | The quality of financial reporting continues to remain strong across the clusters. |
2.2 Timeliness of financial reporting | |
Most agencies complied with the statutory timeframes for completion of early close procedures and preparation and audit of financial statements. | Early close procedures continue to facilitate the timely preparation of financial statements and completion of audits, but agencies can make further improvement. |
2.3 Financial performance and sustainability | |
We assessed the performance of agencies listed in Appendix six against some key financial sustainability indicators. This highlighted two agencies with negative operating margins of more than ten per cent and one agency with a liquidity ratio of less than 0.5. | These agencies have strategies in place to remain financially sustainability and manage their liquidity. Our analysis found that, overall, the agencies are not at high risk of sustainability concerns. |
2.4 Internal Controls | |
User access administration over financial systems remains an area of weakness. Sixteen moderate risk and ten low risk issues related to user access administration across eight agencies were identified. |
Recommendation: Agencies should review user access administration to critical systems to ensure:
|
Transitioning of services to outsourced service providers can be improved. Our 2016–17 audits identified one high risk issue relating to Property NSW's outsourcing of property and facility management services to the private sector. While a high risk issue was identified in 2015–16 from the Department of Finance, Services and Innovation's outsourcing of transactional and information technology services to GovConnect there has been an improvement in GovConnect's internal control environment throughout |
Outsourcing services can lead to better outcomes, which may include lower transaction costs and improved services, but it also introduces new risks. The transition needs to be carefully managed and requires thorough planning and effective project governance. This should be supported by oversight and direction from senior management and independent project assurance. |
2.5 Human Resources | |
The percentage of full‑time equivalent staff with annual leave greater than 30 days in the Finance, Services and Innovation, Premier and Cabinet and the Treasury clusters is 7.9 per cent, 17.1 per cent and 18.4 per cent respectively. | Agencies have strategies in place to reduce annual leave balances that are greater than 30 days. The effectiveness of these strategies will need to be monitored to ensure they are helping to achieve the desired outcome. |
This chapter outlines our audit observations, conclusions and recommendations relating to service delivery for 2016–17.
Observation | Conclusion or recommendation |
3.1 Premier and State priorities | |
The Department of Premier and Cabinet monitors the achievement of targets and the implementation of initiatives to deliver the 12 Premier’s Priorities. Responsible ministers and agencies manage the 18 State Priorities. A comprehensive report of performance against the 18 State Priorities is yet to be published. |
While some measures are publicly reported through agency annual reports or other sources, a comprehensive report of performance against the 18 State Priorities would ensure all State Priorities are publicly reported, provide a single and easily accessible source of reference and improve transparency. Where possible, independent sources are used to measure performance, however without independent assurance there is an increased risk that the target measures are inaccurate, not relevant or do not fairly represent actual performance. |
Performance against the State Priority to make NSW the easiest state to start a business is not currently published. |
Initiatives, such as easy to do business and red tape reduction are in place to help achieve this priority. The regulatory policy framework is under review following an October 2016 performance audit on ‘Red tape reduction’ that found the regulatory burden of legislation had increased. |
3.2 Financial management | |
Revenue NSW earned record crown revenue of $30.0 billion in 2016–17 to support the state's finances. | Record crown revenue has been driven by the sustained increase in duties revenue, which has increased by 93.7 per cent over the last five years. This is a consequence of the continued strength in the property market over this time and large one off NSW Government business asset sales and leases. |
3.3 ICT and digital government | |
The Digital Government Strategy (the Strategy) was released in May 2017 to build on reforms set out in previous ICT strategies. | The Strategy’s priorities and enablers aim to support digital innovation. Targets and measures will need to be set to assess and monitor progress against the Strategy. |
The Digital Information Security Policy (DISP) is a key tool that helps ensure a minimum set of information security controls are implemented across NSW Government agencies. A review of 2016 annual reports found 15 agencies (13 in 2015) did not attest to compliance with the DISP and of the agencies that attested to compliance, 34 reported issues associated with their compliance. |
The Strategy’s priorities and enablers aim to support digital innovation. Targets and measures will need to be set to assess and monitor progress against the Strategy. |
3.4 Property and asset utilisation | |
Property NSW's performance reporting could be |
Property NSW's performance reporting would be enhanced by developing and reporting on customer satisfaction, reporting against set targets and benchmarking cost of service to the private sector. |
This chapter outlines our audit observations, conclusions and recommendations specific to NSW Government agencies providing financial services.
Observation | Conclusion or recommendation |
4.1 Key issues | |
The SAS Trustee Corporation (STC) Pooled Fund and the Parliamentary Contributory Superannuation (PCS) Fund are not required to comply with the prudential and reporting standards issued by the Australian Prudential Regulation Authority (APRA). Amendments to relevant legislation allows the Minister for Finance, Services and Property to prescribe applicable prudential standards and audit requirements. |
Structured and comprehensive prudential oversight of these funds remains important as they operate in a specialised, complex and continuously changing investment market sector, have over 106,000 members and manage investments of more than $42.4 billion. Recommendation: The Treasury should liaise with the respective Trustees to implement appropriate prudential standards and oversight arrangements for the exempt public sector superannuation funds. |
Currently, Green Slips in NSW are the most expensive in Australia. Average premiums for Sydney Metropolitan vehicles increased by 10.4 per cent between 1 January 2016 and 31 December 2016. |
CTP reforms are expected to reduce the cost of Green Slips. The State Insurance Regulatory Authority will need to ensure it has appropriate processes in place to track and report against the expected benefits. |
4.2 Financial performance and sustainability | |
Net unfunded superannuation liabilities were $15.0 billion at 30 June 2017. Under the Fiscal Responsibility Act 2012, the NSW Government’s target is to eliminate unfunded superannuation liabilities by 2030. |
The superannuation funds’ strategic asset allocation and investment strategies are monitored and adjusted to help achieve a fully funded position by 2030. |
The Home Warranty Scheme commenced in 2011. Over this time total premiums collected have not been sufficient to cover expected claim costs. | Funding arrangements introduced during 2016–17 allow the Home Building Compensation Fund to apply to the Crown for reimbursement of unfunded realised losses from under-pricing of premiums. Other reforms are planned to address the long term sustainability of the home building compensation scheme. |
4.3 Investment performance | |
The NSW Government’s main superannuation funds have maintained the management expense ratio (MER) at consistent levels over the past two years. The Parliamentary Contributory Superannuation (PCS) Fund does not set an MER target. | MER is an industry recognised ratio to measure the performance of funds and investment managers. Recommendation: The Fund Secretary for the PCS Fund, in conjunction with the Trustee, should consider establishing an appropriate management expense ratio target to measure performance. |