Reports
Actions for Cyber security in local government
Cyber security in local government
What this report is aboutNSW local councils provide a wide range of essential services and infrastructure to their communities and are increasingly reliant on digital technologies.Councils need to manage cyber security risks to ensure their information, data and systems are appropriately safeguarded. Councils also need to be prepared to detect, respond and recover when a cyber security incident occurs.The audit assessed how effectively three selected cou
Actions for Management of the Critical Communications Enhancement Program
Management of the Critical Communications Enhancement Program
Effective radio communications are crucial to NSW's emergency services organisations. The Critical Communications Enhancement Program (CCEP) aims to deliver an enhanced public safety radio network to serve the five emergency services organisations (ESOs), as well as a range of other users. This report assesses whether the NSW Telco Authority is effectively managing the CCEP. What we found Where it has already been delivered
Actions for NSW government agencies' use of consultants
NSW government agencies' use of consultants
This audit assessed how effectively NSW government agencies procure and manage consultants. It examined the role of the NSW Procurement Board and NSW Procurement (a unit within NSW Treasury) in supporting and monitoring agency procurement and management of consultants. The audit used four sources of data that contain information about spending on consultants by NSW government agencies, including annual report disclosures and th
Actions for Planning and managing bushfire equipment
Planning and managing bushfire equipment
This audit assessed the effectiveness of the NSW Rural Fire Service (RFS) and local councils in planning and managing equipment for bushfire prevention, mitigation, and suppression. What we found The RFS has focused its fleet development activity on modernising and improving the safety of its firefighting fleet, and on the purchase of new firefighting aircraft. There is limited evidence that the RFS has undertaken strategic f
Actions for Cyber Security NSW: governance, roles, and responsibilities
Cyber Security NSW: governance, roles, and responsibilities
Cyber Security NSW is part of the Department of Customer Service, and aims to provide the NSW Government with an integrated approach to preventing and responding to cyber security threats. This audit assessed the effectiveness of Cyber Security NSW's arrangements in contributing to the NSW Government's commitments under the NSW Cyber Security Strategy, in particular, increasing the NSW Government's cyber resiliency. The audit a
Actions for COVID Intensive Learning Support Program
COVID Intensive Learning Support Program
This audit examined a state-wide program to provide small-group tuition to students disadvantaged by the move to learning from home during 2020. The audit assessed the design and implementation of the program. What we found The program design was based on research and data showing learning loss during 2020. The department rapidly planned and developed the policy design and guidelines for schools. Governance arra
Actions for Compliance with the NSW Cyber Security Policy
Compliance with the NSW Cyber Security Policy
This audit assessed nine agencies’ compliance with the NSW Cyber Security Policy (CSP) including whether, during the year to 30 June 2020, the participating agencies: met their reporting obligations under the CSP reported accurate self-assessments of their level of maturity implementing the CSP’s requirements including the Australian Cyber Security Centre’s (ACSC) Essential 8. What we found Key elements to strengthen cybe
Actions for Managing cyber risks
Managing cyber risks
This audit assessed how effectively Transport for NSW (TfNSW) and Sydney Trains identify and manage their cyber security risks. The NSW Cyber Security Policy (CSP) sets out 25 mandatory requirements for agencies, including implementing the Australian Cyber Security Centre’s Essential 8 strategies to mitigate cyber security incidents, and identifying the agency’s most vital systems, their ‘crown jewels’. The audited agenc
Actions for Integrity of data in the Births, Deaths and Marriages Register
Integrity of data in the Births, Deaths and Marriages Register
This report outlines whether the Department of Customer Service (the department) has effective controls in place to ensure the integrity of data in the Births, Deaths and Marriages Register (the register), and to prevent unauthorised access and misuse. The audit found that the department has processes in place to ensure that the information entered in the register is accurate and that any changes to it are validated. Although there are controls in place
Actions for Ensuring teaching quality in NSW public schools
Ensuring teaching quality in NSW public schools
The Auditor-General for New South Wales, Margaret Crawford, has released a report on how the New South Wales Education and Standards Authority (NESA) and the Department of Education (the Department) ensure teaching quality in NSW public schools. Around 2,200 NSW public school principals are responsible for accrediting their teachers in line with the Australian Professional Standards for Teachers. The report found that NESA does not oversight princi