Refine search Expand filter

Reports

In progress

Actions for Security and privacy of patient information

Security and privacy of patient information

Health
Cyber security
Information technology
Internal controls and governance
Management and administration
Risk

Local Health Districts manage large volumes of private patient information and have their own systems for data management with differing approaches to data protection. Clinicians in busy hospital environments require timely access to data and systems to effectively treat patients. Increased accessibility may in turn increase the risk of poor data and system security practices. Recent experience in other jurisdictions has also demonstrated that operationa

Planned

Actions for Water management and regulation

Water management and regulation

Planning
Industry
Compliance
Fraud
Internal controls and governance
Management and administration
Regulation
Service delivery

Water regulation, including licensing and water use plans, aim to achieve sustainable environmental, economic and social outcomes from the management of water resources. Reforms have been made to strengthen regulation, compliance and enforcement. This audit may examine how well the responsible agencies have responded to and implemented the recommendations from the Matthews reports (interim and final), and other external reviews, into water licencing, re

Open for contribution

Actions for Aboriginal land claims

Aboriginal land claims

Planning
Environment
Industry
Cross-agency collaboration
Internal controls and governance
Management and administration
Regulation

The Aboriginal Land Rights Act 1983 (the Act) is important legislation that recognises the rights of Aboriginal people in NSW. The legislation recognises that land in NSW was traditionally owned and occupied by Aboriginal people, and is of spiritual, social, cultural and economic importance. Land claims can be made by Local Aboriginal Land Councils and by the NSW Aboriginal Land Council on their behalf. The Office of the Registrar of the Act, in the Dep

Planned

Actions for Security of student information

Security of student information

Education
Compliance
Cyber security
Information technology
Internal controls and governance
Risk

Schools collect and maintain detailed student data, including sensitive personal information. Schools can also require or encourage students to use third party software applications for learning and other school related activities. This audit will examine how effectively schools ensure student data is secure – both within their own systems and when provided to third parties. This audit may also examine the effectiveness of information security governance