Refine search Expand filter

Reports

Search filters applied: education, health, justice, planning, transport, treasury, whole of government AND special review, performance audit AND cyber security, financial reporting AND planned .

Planned

Actions for Compliance review: Cybersecurity

Compliance review: Cybersecurity

Community Services
Education
Environment
Finance
Health
Justice
Local Government
Planning
Premier and Cabinet
Industry
Transport
Treasury
Whole of Government
Cyber security
Information technology
Risk

In February 2019 the Department of Finance, Services and Innovation launched the NSW Cyber Security Policy to ensure all NSW Government Departments and Public Service Agencies are managing cyber security risks to their information and systems. The policy mandates a number of requirements that are a minimum that all agencies must implement. In addition agencies must assess their level of cyber maturity. This audit will examine whether agencies are complyi

Planned

Actions for Implementation of government climate policy

Implementation of government climate policy

Planning
Environment
Industry
Compliance
Financial reporting
Internal controls and governance
Management and administration
Service delivery

The NSW Government’s Climate Change Policy Framework aims to maximise the economic, social and environmental wellbeing of NSW in the context of a changing climate. It states long-term aspirational objectives of achieving net-zero emissions by 2050 and having NSW more resilient to a changing climate. The Framework is due to be reviewed in 2020. This audit could assess specific commitments to change government operations such as implementing emission savin

Planned

Actions for Security and privacy of patient information

Security and privacy of patient information

Health
Cyber security
Information technology
Internal controls and governance
Management and administration
Risk

Local Health Districts manage large volumes of private patient information and have their own systems for data management with differing approaches to data protection. Clinicians in busy hospital environments require timely access to data and systems to effectively treat patients. Increased accessibility may in turn increase the risk of poor data and system security practices. Recent experience in other jurisdictions has also demonstrated that operationa

Planned

Actions for Security of student information

Security of student information

Education
Compliance
Cyber security
Information technology
Internal controls and governance
Risk

Schools collect and maintain detailed student data, including sensitive personal information. Schools can also require or encourage students to use third party software applications for learning and other school related activities. This audit will examine how effectively schools ensure student data is secure – both within their own systems and when provided to third parties. This audit may also examine the effectiveness of information security governance

Planned

Actions for Grants administration for disaster relief

Grants administration for disaster relief

Treasury
Whole of Government
Compliance
Financial reporting
Internal controls and governance
Management and administration
Project management
Service delivery
Shared services and collaboration
Workforce and capability

In response to the 2019-20 bushfires and the COVID-19 pandemic, the NSW Government released significant funds for a range of grant programs aimed at providing emergency support, recovery and economic stimulus across NSW. In 2020, the $750 million dollar Small Business Support Fund was set up to support small businesses and a number of grants rounds have been implemented. This audit will assess whether grants administered under the Small Business Support

Planned

Actions for A compliance review

A compliance review

Whole of Government
Asset valuation
Compliance
Cyber security
Financial reporting
Fraud
Information technology
Infrastructure
Internal controls and governance
Management and administration
Procurement
Project management
Regulation
Risk
Service delivery
Shared services and collaboration
Workforce and capability

We will conduct at least one compliance review to confirm that specific legislation, directions and regulations have been adhered to.