Search filters applied: education, health, premier and cabinet, transport, treasury, whole of government AND special review, performance audit AND cyber security, financial reporting AND in progress, planned .
Actions for Service NSW's handling of personal information
This audit will assess how effectively Service NSW handles personal customer and business information to ensure its privacy. We will address the audit objective with the following audit criteria: Does Service NSW have processes and governance in place to identify and manage risks to the privacy of personal customer and business information? Does Service NSW have policies, processes and systems in place that support the effective handling of personal c
Actions for WestConnex: Changes since 2014
The WestConnex project is a motorway project that will link the M4 and M5 motorways with 33km of new motorway tunnels in Sydney. We conducted a performance audit of the WestConnex business case review process in 2014. Since then, the scope and projects included in WestConnex have changed. This audit will assess whether Transport for NSW and Infrastructure NSW effectively assessed and justified major scope changes to the WestConnex project since December
Actions for One TAFE
TAFE NSW launched a series of modernisation initiatives in 2016 that aimed to transform the organisation into a contemporary and commercial government-owned business. These included transitioning to a single Registered Training Organisation, introducing enterprise-wide business systems, and establishing Connected Learning Centres to enable greater reach to regional and rural communities. This audit will assess whether TAFE NSW is effectively managing th
Actions for Compliance review: Cybersecurity
In February 2019 the Department of Finance, Services and Innovation launched the NSW Cyber Security Policy to ensure all NSW Government Departments and Public Service Agencies are managing cyber security risks to their information and systems. The policy mandates a number of requirements that are a minimum that all agencies must implement. In addition agencies must assess their level of cyber maturity. This audit will examine whether agencies are complyi
Actions for Security and privacy of patient information
Local Health Districts manage large volumes of private patient information and have their own systems for data management with differing approaches to data protection. Clinicians in busy hospital environments require timely access to data and systems to effectively treat patients. Increased accessibility may in turn increase the risk of poor data and system security practices. Recent experience in other jurisdictions has also demonstrated that operationa
Actions for Security of student information
Schools collect and maintain detailed student data, including sensitive personal information. Schools can also require or encourage students to use third party software applications for learning and other school related activities. This audit will examine how effectively schools ensure student data is secure – both within their own systems and when provided to third parties. This audit may also examine the effectiveness of information security governance
Actions for Advice on major decisions: redevelopment of the Sydney Football Stadium
The NSW Government makes decisions that involve the spending of significant sums, and that have substantial impacts on citizens. This audit will focus on the advice provided for the redevelopment of the Sydney Football Stadium. This audit may examine the adequacy of planning and risk management approaches and whether these: were informed by appropriate and robust departmental advice complied with relevant procurement and assurance frameworks.
Actions for Grants administration for disaster relief
In response to the 2019-20 bushfires and the COVID-19 pandemic, the NSW Government released significant funds for a range of grant programs aimed at providing emergency support, recovery and economic stimulus across NSW. In 2020, the $750 million dollar Small Business Support Fund was set up to support small businesses and a number of grants rounds have been implemented. This audit will assess whether grants administered under the Small Business Support
Actions for Advice on major decisions
The public service is responsible for providing accurate, evidence-based, and impartial advice to government, and implementing government’s commitments in a responsive and professional manner. Quality advice from the public service is required to support good decision making. This audit may examine 2-3 major decisions to determine whether the advice provided meets good practice standards. It will also assess the effectiveness of the whole of government
Actions for A compliance review
We will conduct at least one compliance review to confirm that specific legislation, directions and regulations have been adhered to.