Refine search Expand filter

Reports

Published

Actions for Compliance with the NSW Cyber Security Policy

Compliance with the NSW Cyber Security Policy

Whole of Government
Compliance
Cyber security
Information technology

What the report is about This audit assessed nine agencies’ compliance with the NSW Cyber Security Policy (CSP) including whether, during the year to 30 June 2020, the participating agencies: met their reporting obligations under the CSP reported accurate self-assessments of their level of maturity implementing the CSP’s requirements including the Australian Cyber Security Centre’s (ACSC) Essential 8. What we found Key elements to strengthen cyber se

In progress

Actions for Investment in regional development

Investment in regional development

Whole of Government
Compliance
Internal controls and governance
Management and administration
Project management
Service delivery

In 2017, the NSW Government announced a Regional Development Framework which provides a scaffold for better coordination, decision making and effort on the ground. The NSW Government recognised the need to be more strategic and better coordinated if it is to make a difference, particularly in addressing some of the serious issues facing regional NSW such as pockets of youth unemployment, social disadvantage, changing economic opportunities and increased

In progress

Actions for Building regulation–responding to combustible external cladding

Building regulation–responding to combustible external cladding

Finance
Compliance
Internal controls and governance
Management and administration
Project management
Regulation
Risk
Service delivery
Workforce and capability

In July 2017, following the Grenfell Tower fire in London the previous month, the NSW Government announced a 10-point fire safety reform plan intended to be Australia’s most comprehensive response’ to that disaster.   The NSW Government established an inter-departmental entity, the NSW Cladding Taskforce, to coordinate and roll out the reforms, including to identify and make safe any buildings in New South Wales that may be affected by combustible cladd

In progress

Actions for Coordination of emergency responses

Coordination of emergency responses

Premier and Cabinet
Cross-agency collaboration
Management and administration
Project management
Service delivery
Shared services and collaboration

The 2019–20 bushfire emergencies, and the COVID-19 pandemic have had a significant impact on the people and public sector of New South Wales. The scale of government responses to both events has also been significant and has encompassed a wide range of activities, service delivery, governance and policy. Significant resources have been directed for emergency responses, and in assisting rebuilding and economic recovery. Some systems and processes have cha

In progress

Actions for Security and privacy of patient information

Security and privacy of patient information

Health
Cyber security
Information technology
Internal controls and governance
Management and administration
Risk

Local Health Districts manage large volumes of private patient information and have their own systems for data management with differing approaches to data protection. Clinicians in busy hospital environments require timely access to data and systems to effectively treat patients. Increased accessibility may in turn increase the risk of poor data and system security practices. Recent experience in other jurisdictions has also demonstrated that operationa

Published

Actions for Managing cyber risks

Managing cyber risks

Whole of Government
Transport
Cyber security
Information technology
Internal controls and governance
Procurement
Risk

What the report is about This audit assessed how effectively Transport for NSW (TfNSW) and Sydney Trains identify and manage their cyber security risks. The NSW Cyber Security Policy (CSP) sets out 25 mandatory requirements for agencies, including implementing the Australian Cyber Security Centre’s Essential 8 strategies to mitigate cyber security incidents, and identifying the agency’s most vital systems, their ‘crown jewels’.  The audited agencies h

Published

Actions for Grants administration for disaster relief

Grants administration for disaster relief

Treasury
Finance
Compliance
Fraud
Management and administration
Project management

What the report is about The report examined whether NSW Treasury, Service NSW and the Department of Customer Service effectively administered grants programs funded under the $750 million Small Business Support Fund, including: $10,000 Small Business Support Grant $3,000 Small Business Recovery Grant. What we found The agencies effectively implemented the grants within required timeframes, reflecting the NSW Government’s decision to deliver urgent f

Published

Actions for WestConnex: changes since 2014

WestConnex: changes since 2014

Transport
Compliance
Infrastructure
Internal controls and governance
Management and administration
Project management
Risk

What the report is about The report examined whether Transport for NSW (TfNSW) and Infrastructure NSW (INSW) effectively assessed and justified major scope changes to the WestConnex project since 2014. What we found NSW Government decisions to fund WestConnex-related projects outside WestConnex's $16.812 billion budget have reduced transparency and understate the full cost of WestConnex. The NSW Government's decision to separate Sydney Gateway from W

Published

Actions for Acquisition of 4–6 Grand Avenue, Camellia

Acquisition of 4–6 Grand Avenue, Camellia

Transport
Asset valuation
Compliance
Fraud
Infrastructure
Internal controls and governance
Management and administration
Procurement
Risk

The Auditor-General for New South Wales, Margaret Crawford, has today released a report on Transport for NSW’s (TfNSW) acquisition of 4–6 Grand Avenue in Camellia. This audit, which was requested on 17 November 2020 by the Hon. Andrew Constance MP, the Minister for Transport and Roads, examined: whether TfNSW conducted an effective process to purchase 4–6 Grand Avenue, Camellia whether TfNSW has effective processes and procedures to identify and acquir

Published

Actions for Service NSW's handling of personal information

Service NSW's handling of personal information

Premier and Cabinet
Finance
Cyber security
Fraud
Information technology
Internal controls and governance
Management and administration
Risk
Service delivery

The Auditor-General for New South Wales, Margaret Crawford, released a report today examining the effectiveness of Service NSW’s handling of customers’ personal information to ensure its privacy. The audit found that Service NSW is not effectively handling personal customer and business information to ensure its privacy. Service NSW continues to use business processes that pose a risk to the privacy of personal information. This includes the routine ema