Refine search Expand filter

Reports

In progress

Actions for Security and privacy of patient information

Security and privacy of patient information

Health
Cyber security
Information technology
Internal controls and governance
Management and administration
Risk

Local Health Districts manage large volumes of private patient information and have their own systems for data management with differing approaches to data protection. Clinicians in busy hospital environments require timely access to data and systems to effectively treat patients. Increased accessibility may in turn increase the risk of poor data and system security practices. Recent experience in other jurisdictions has also demonstrated that operationa

Planned

Actions for Internal Controls and Governance 2021

Internal Controls and Governance 2021

Education
Environment
Community Services
Finance
Health
Industry
Justice
Premier and Cabinet
Transport
Treasury
Compliance
Cyber security
Information technology
Internal controls and governance
Management and administration
Procurement

This report will bring together the findings and recommendations from our 2020–21 financial audits that relate to the internal controls and governance of the largest NSW Government agencies. In 2021–22, this report will cover: Internal control trends Information technology controls Cyber security planning and governance arrangements Masterfile management Managing conflicts of interests Tracking and monitoring of the implementation of recommendation

Planned

Actions for Education 2021

Education 2021

Education
Asset valuation
Compliance
Financial reporting
Fraud
Information technology
Internal controls and governance
Management and administration
Procurement

This report will analyse the results of the 2020–21 financial statement audits of the education cluster and comment on the quality and timeliness of financial statements, key accounting issues, and high risk observations from our audits.

Planned

Actions for Health 2021

Health 2021

Health
Compliance
Financial reporting
Infrastructure
Internal controls and governance
Service delivery

This report will analyse the results of the 2020–21 financial statement audits of the health cluster and comment on the quality and timeliness of financial statements, key accounting issues, and high risk observations from our audits.

Planned

Actions for Compliance review: Cybersecurity

Compliance review: Cybersecurity

Community Services
Education
Environment
Finance
Health
Justice
Local Government
Planning
Premier and Cabinet
Industry
Transport
Treasury
Whole of Government
Cyber security
Information technology
Risk

In February 2019 the Department of Finance, Services and Innovation launched the NSW Cyber Security Policy to ensure all NSW Government Departments and Public Service Agencies are managing cyber security risks to their information and systems. The policy mandates a number of requirements that are a minimum that all agencies must implement. In addition agencies must assess their level of cyber maturity. This audit will examine whether agencies are complyi

Planned

Actions for Security of student information

Security of student information

Education
Compliance
Cyber security
Information technology
Internal controls and governance
Risk

Schools collect and maintain detailed student data, including sensitive personal information. Schools can also require or encourage students to use third party software applications for learning and other school related activities. This audit will examine how effectively schools ensure student data is secure – both within their own systems and when provided to third parties. This audit may also examine the effectiveness of information security governance