Search filters applied: education, health, premier and cabinet, transport, treasury, whole of government AND cyber security, financial reporting AND in progress, planned .
Actions for Service NSW's handling of personal information
This audit will assess how effectively Service NSW handles personal customer and business information to ensure its privacy. We will address the audit objective with the following audit criteria: Does Service NSW have processes and governance in place to identify and manage risks to the privacy of personal customer and business information? Does Service NSW have policies, processes and systems in place that support the effective handling of personal c
Actions for WestConnex: Changes since 2014
The WestConnex project is a motorway project that will link the M4 and M5 motorways with 33km of new motorway tunnels in Sydney. We conducted a performance audit of the WestConnex business case review process in 2014. Since then, the scope and projects included in WestConnex have changed. This audit will assess whether Transport for NSW and Infrastructure NSW effectively assessed and justified major scope changes to the WestConnex project since December
Actions for One TAFE
TAFE NSW launched a series of modernisation initiatives in 2016 that aimed to transform the organisation into a contemporary and commercial government-owned business. These included transitioning to a single Registered Training Organisation, introducing enterprise-wide business systems, and establishing Connected Learning Centres to enable greater reach to regional and rural communities. This audit will assess whether TAFE NSW is effectively managing th
Actions for Compliance review: Cybersecurity
In February 2019 the Department of Finance, Services and Innovation launched the NSW Cyber Security Policy to ensure all NSW Government Departments and Public Service Agencies are managing cyber security risks to their information and systems. The policy mandates a number of requirements that are a minimum that all agencies must implement. In addition agencies must assess their level of cyber maturity. This audit will examine whether agencies are complyi
Actions for Security and privacy of patient information
Local Health Districts manage large volumes of private patient information and have their own systems for data management with differing approaches to data protection. Clinicians in busy hospital environments require timely access to data and systems to effectively treat patients. Increased accessibility may in turn increase the risk of poor data and system security practices. Recent experience in other jurisdictions has also demonstrated that operationa
Actions for Security of student information
Schools collect and maintain detailed student data, including sensitive personal information. Schools can also require or encourage students to use third party software applications for learning and other school related activities. This audit will examine how effectively schools ensure student data is secure – both within their own systems and when provided to third parties. This audit may also examine the effectiveness of information security governance
Actions for Advice on major decisions: redevelopment of the Sydney Football Stadium
The NSW Government makes decisions that involve the spending of significant sums, and that have substantial impacts on citizens. This audit will focus on the advice provided for the redevelopment of the Sydney Football Stadium. This audit may examine the adequacy of planning and risk management approaches and whether these: were informed by appropriate and robust departmental advice complied with relevant procurement and assurance frameworks.
Actions for Transport 2020
This audit will analyse the key observations and findings from the most recent financial statement audits of the Transport cluster for the year ended 30 June 2020.
Actions for Regional NSW 2020
This audit will analyse the key observations and findings from the most recent financial statement audits of the newly formed Regional NSW cluster for the year ended 30 June 2020. The Regional NSW Cluster was established in early 2020, and is charged with coordinating support for the people, businesses and farmers in regional areas. It will deliver recent bushfire and COVID-19 stimulus, and industry recovery packages, along with the NSW Government’s drou
Actions for Health 2020
This audit will analyse the key observations and findings from the most recent financial statement audits of the Health cluster for the year ended 30 June 2020.