Refine search Expand filter

Reports

In progress

Actions for Security of student information

Security of student information

Education
Compliance
Cyber security
Information technology
Internal controls and governance
Risk

Schools collect and maintain detailed student data, including sensitive personal information. Schools can also require or encourage students to use third party software applications for learning and other school related activities. This audit will examine how effectively schools ensure student data is secure – both within their own systems and when provided to third parties. This audit may also examine the effectiveness of information security governance

In progress

Actions for Security and privacy of patient information

Security and privacy of patient information

Health
Cyber security
Information technology
Internal controls and governance
Management and administration
Risk

Local Health Districts manage large volumes of private patient information and have their own systems for data management with differing approaches to data protection. Clinicians in busy hospital environments require timely access to data and systems to effectively treat patients. Increased accessibility may in turn increase the risk of poor data and system security practices. Recent experience in other jurisdictions has also demonstrated that operationa

In progress

Actions for Building regulation–responding to combustible external cladding

Building regulation–responding to combustible external cladding

Finance
Compliance
Internal controls and governance
Management and administration
Project management
Regulation
Risk
Service delivery
Workforce and capability

In July 2017, following the Grenfell Tower fire in London the previous month, the NSW Government announced a 10-point fire safety reform plan intended to be Australia’s most comprehensive response’ to that disaster.   The NSW Government established an inter-departmental entity, the NSW Cladding Taskforce, to coordinate and roll out the reforms, including to identify and make safe any buildings in New South Wales that may be affected by combustible cladd

Planned

Actions for Compliance review: Cybersecurity

Compliance review: Cybersecurity

Community Services
Education
Environment
Finance
Health
Justice
Local Government
Planning
Premier and Cabinet
Industry
Transport
Treasury
Whole of Government
Cyber security
Information technology
Risk

In February 2019 the Department of Finance, Services and Innovation launched the NSW Cyber Security Policy to ensure all NSW Government Departments and Public Service Agencies are managing cyber security risks to their information and systems. The policy mandates a number of requirements that are a minimum that all agencies must implement. In addition agencies must assess their level of cyber maturity. This audit will examine whether agencies are complyi

Planned

Actions for Water management and regulation

Water management and regulation

Planning
Industry
Compliance
Fraud
Internal controls and governance
Management and administration
Regulation
Service delivery

Water regulation, including licensing and water use plans, aim to achieve sustainable environmental, economic and social outcomes from the management of water resources. Reforms have been made to strengthen regulation, compliance and enforcement. This audit may examine how well the responsible agencies have responded to and implemented the recommendations from the Matthews reports (interim and final), and other external reviews, into water licencing, re

Planned

Actions for Coordination of agencies in precinct planning

Coordination of agencies in precinct planning

Planning
Industry
Asset valuation
Management and administration
Project management
Service delivery

The department coordinates with other entities to develop and deliver precinct plans. These plans aim to deliver ‘a planned approach to growth in Sydney, with new homes and jobs located close to public transport, shops and services, while retaining and enhancing a community’s character’. New priority precincts were announced in July 2017. This audit will consider how effectively the department coordinates other responsible government entities to deliver