Reports
Actions for Managing the affairs of people under financial management and/or guardianship orders
Managing the affairs of people under financial management and/or guardianship orders
Click here for the Easy English version of the report highlights
The Easy English version of the report highlights is intended to meet the needs of some people with lower literacy skills, some people with an intellectual disability, and some people from different cultural backgrounds.
The Easy English document is not the final audit report that has been prepared and tabled in NSW Parliament under s.38EB and s.38EC of the Government Sector Audit Act 1983. It should not be relied on or quoted from as the final audit report.
What this report is about
This audit assessed whether NSW Trustee and Guardian is effectively delivering public guardianship and financial management services in line with legislative requirements and standards.
What we found
NSW Trustee and Guardian is delivering guardianship and financial management services in line with its broad legal authority.
However, NSW Trustee and Guardian does not have sufficient oversight to ensure that its services are consistent with legislative principles which aim to promote positive client outcomes.
The agency's governance and practices could be better supported by relevant training and guidance to account for the diversity of its clients.
It does not track the actual costs of service delivery, the quality of services or client experiences and key findings from previous reviews remain unresolved.
Government funding for public guardianship services and direct financial management services for low-wealth clients has not kept pace with the growth in clients.
There is a risk that some fee-paying clients are unknowingly subsidising others.
NSW Trustee and Guardian has applied additional funding to increase frontline staff, but gaps in monitoring and IT system constraints create a risk that it will not address service quality issues, nor be able to demonstrate the impact of this new funding.
What we recommended
We recommended that NSW Trustee and Guardian:
- Broaden governance arrangements to enable input to key decisions from people with lived experience, relevant peak bodies and representatives of diverse communities.
- Implement mechanisms to seek feedback on the effectiveness and quality of services from clients under orders.
- Assess staff competency and implement regular training in effectively serving clients with disability, dementia, mental illness, cognitive impairments and other factors relevant to decision-making incapacity.
- Implement a risk-based quality framework to assess whether public guardian and financial management decisions are in line with policy and the legislative principles.
- Improve data collection and monitoring to track performance, the costs to serve, and client outcomes and report on these publicly.
NSW Trustee and Guardian is a NSW Government agency in the Stronger Communities cluster. It supports the NSW Trustee and the Public Guardian in the exercise of their statutory functions. It is accountable to the relevant Minister, the Attorney General.
The legislative responsibilities for the Public Guardian and the NSW Trustee are provided in separate statutes (NSW Trustee and Guardian Act 2009 and Guardianship Act 1987). Together, these establish a number of functions and services that NSW Trustee and Guardian as an agency is expected to deliver, including:
- acting as executor and administrator of deceased estates
- acting as a trustee responsible for managing trust property on behalf of another person or organisation in line with the trust terms
- drafting Will, Power of Attorney and Enduring Guardianship instruments, and educating the community about the importance of having these documents in place
- making decisions on behalf of people under guardianship or financial management orders as a guardian or a financial manager 'of last resort', or overseeing and assisting private financial managers.
This audit focuses on the last of these - NSW Trustee and Guardian's financial management and guardianship services.
The NSW Trustee and the Public Guardian are appointed to provide direct financial management and/or guardianship services (respectively) to over 13,300 people (as at 30 June 2022) who are deemed by a court or tribunal unable to manage their own affairs. This involves making decisions for people under a relevant court or tribunal order, within the terms of the order. The court or tribunal order enables the appointed guardian or financial manager to make decisions on behalf of the person for whom the order is made. The legislation allows the financial manager or guardian to exercise all the functions of the person under management has or would have were they not incapable of managing for themselves. From a legal perspective, these 'substitute decisions' have the same effect as if the person had made the decision themselves. While the legal presumption is that a person has capacity to care for themselves and manage their own affairs, a financial manager or guardian can be appointed without the person's consent if the court or tribunal finds the person does not have relevant decision-making capacity.
There can be a range of factors that impact on a person's decision-making capacity, including cognitive impairment, intellectual disability, dementia, mental illness and addiction. Guardianship (of both the person and their estate) developed as a response, through European and English law over hundreds of years. In Australia, it was a function of the Supreme Court of NSW before the establishment of government agencies. What is now known as substitute decision-making can sometimes be referred to as a 'protective' function because:
- it relates to decisions or actions that need to be taken, which the person under an order cannot take because they are incapable of managing their own affairs
- due to this lack of competence, the person may be disadvantaged in the conduct of their affairs (for example, their money or property may be dissipated or lost, they may enter agreements unwisely or they may be at risk of abuse or exploitation)
- substitute decisions must be made in the best interests of the person on whose behalf they are made.
An alternative model is 'supported decision-making'. This refers to processes and approaches that assist people with impaired decision-making capacity to exercise their autonomy and legal capacity by supporting them to make decisions. This approach seeks to give effect to the will and preferences of the person requiring decision-making support wherever possible, including decisions involving risk. There has been a longstanding legal and community push for Australian guardianship and administration systems to move from substituted to supported decision-making. However, the legislation in New South Wales provides for 'best interests' substitute decision-making and this is the framework against which we have audited NSW Trustee and Guardian.
The Public Guardian and the NSW Trustee may be appointed as substitute decision makers by the NSW Civil and Administrative Tribunal (NCAT) and the Supreme Court. The NSW Trustee may also be appointed by the Mental Health Review Tribunal for financial management orders only.1 They are intended to be appointed as a 'last resort' when there is no one willing or suitable to fill the role, or there is significant family conflict regarding decision-making for the person. The Public Guardian and the NSW Trustee cannot refuse to accept a court or tribunal appointment to administer an order for guardianship or financial management.
Public Guardian decisions cover healthcare, lifestyle, accommodation and/or medical decisions such as where a person should live (for example: at home, in an aged care facility or disability group home), what disability or other support services they receive, who can have access to them (for example: through establishing visiting schedules between conflicting family members) and consent to the use of restrictive practices on the advice of independent experts (for example: seclusion, chemical restraint such as anti-psychotic medication, environmental restraints such as limiting access to knives).
Under a financial management order where the NSW Trustee is appointed as financial manager, the NSW Trustee carries out such functions as securing and collecting assets, income and entitlements, paying expenses, debts and designing budgets, investing financial assets, lodging tax returns and paying maintenance for dependents, taking or defending legal proceedings and managing other financial and legal affairs for the person. This is referred to as direct financial management.
A court or tribunal may appoint a private financial manager, such as a family member, friend, private trustee company or other commercial provider. Where a private manager is appointed, the NSW Trustee provides authorisation and directions to the private manager and oversees their performance. As at 30 June 2022, over 6,200 people had private managers.
As an agency, the majority of NSW Trustee and Guardian's overall revenue is from fees (including for services outside the scope of the audit, such as will preparation) and investments. The remainder is from the NSW Government as funding for non-commercial services including guardianship services and subsidised financial management services for low-wealth clients. Public guardian clients do not pay fees. Financial management clients pay fees, but these are subsidised where the client does not have capacity to pay full fees. NSW Trustee and Guardian is considered a self-funded agency by NSW Treasury definitions.
Demand for financial management and guardianship services, and the complexity of clients' circumstances for these services, has grown over the last decade. In November 2020, NSW Trustee and Guardian advised the Attorney General that it had run an operating deficit in 2019–20 driven by an increase in non/low fee paying customers and an increase in the complexity of matters. NSW Trustee and Guardian advised the Attorney General that government funding was no longer meeting the full cost of guardianship services, and of direct financial management services for people with low balances. NSW Trustee and Guardian's analysis had identified a shortfall in government funding of $8.4 million in 2019–20 that was expected to increase over the forward estimates. A working group was established with officers from NSW Trustee and Guardian, NSW Treasury and the Department of Communities and Justice to advise the government on options for improving the financial sustainability of NSW Trustee and Guardian overall.
NSW Trustee and Guardian subsequently received a funding boost of $41.5 million across four years in the 2021–22 State Budget. NSW Trustee and Guardian applied the majority of the budget enhancement to recruit approximately 120 new roles mostly in financial management and guardianship services.
The objective of this audit was to assess whether NSW Trustee and Guardian is effectively delivering guardianship and financial management services in line with legislative requirements and relevant non-legislative standards. These include a legislative duty to observe certain principles when exercising the relevant legislative functions, including to: give primary consideration to clients’ welfare and interests, restrict their freedom of decision and action as little as possible, take account of their views, and encourage their self-reliance.
The audit was guided by three questions:
- Does NSW Trustee and Guardian align its service delivery with its legislative functions and principles, and relevant standards?
- Does NSW Trustee and Guardian drive and monitor performance to give effect to its legislative functions and principles, and relevant standards?
- Has NSW Trustee and Guardian effectively planned the use of additional funding to improve service delivery and adherence to its legislative functions and principles, and relevant standards?
The audit review period was the five years between 1 July 2017 - 30 June 2022.
Throughout this report:
- 'client' refers to a person who is under a guardianship order and/or whose estate is under financial management, for whom the Public Guardian and/or the NSW Trustee is appointed to act or responsible to oversee their private financial manager
- 'financial management' refers to clients under financial management orders (direct and private financial management) and/or the services provided by NSW Trustee and Guardian to these clients or their private managers
- 'guardianship' refers to clients under guardianship orders where the Public Guardian is appointed, and/or the services provided by the Public Guardian to these clients
- 'frontline staff' refers to the staff responsible for engagement with, and decision-making for, clients and private managers (titled client service officers, senior client service officers and principal client service officers in NSW Trustee and Guardian)
- Aboriginal refers to the First Nations peoples of the land and waters now called Australia and includes Aboriginal and Torres Strait Islander peoples.
ConclusionNSW Trustee and Guardian is delivering guardianship and financial management services in line with its legal authority. However, it does not have sufficient oversight to ensure that its services are consistent with legislative principles which aim to promote positive client outcomesNSW Trustee and Guardian's guardianship and direct financial management services rightly emphasise the legal requirement to give paramount consideration to the welfare and interests of its clients when making decisions for them. However, NSW Trustee and Guardian does not consistently obtain and record relevant client information to determine which of the other legislative principles should be applied to individual decisions. It also does not test that staff decision-making aligns with the legislative principles in practice. Staff caseloads for financial management and guardianship services have limited the amount of time that staff can spend in building a relationship with each client or working on each client matter. This constrains the extent to which they can get to know a client and understand their circumstances - both of which are central to applying the legislative principles. Poor client information sharing in legacy IT systems, insufficient quality monitoring, and limited staff training and staff supports exacerbate this further. NSW Trustee and Guardian governance and practices for financial management and guardianship do not reflect the nature and diversity of its client baseDespite direct financial management and public guardian clients having, by definition, impaired decision-making capacity often related to traumatic brain injury, dementia, intellectual disability and mental illness, an understanding of the sometimes-complex conditions that affect its clients has only been expected of all frontline staff since late 2021, and relevant training has been insufficient. NSW Trustee and Guardian also does not have a consumer advisory entity to provide it with advice on financial management and guardianship services from the perspective of clients with lived experience. Despite a significant over-representation amongst its client group, NSW Trustee and Guardian does not have specific governance, consultation, staff roles or practice guidance for its engagement with Aboriginal clients and their representatives. NSW Trustee and Guardian does not know how well it delivers financial management and guardianship servicesNSW Trustee and Guardian does not routinely track its performance with respect to service quality or how well it gives effect to the legislative functions, principles and standards for direct financial management and guardianship services. It has not been effectively monitoring whether these services are improving over time. Nor does it measure its performance with respect to the experiences and outcomes of clients of these services. Key findings and recommendations from previous reviews remain unresolved. This includes a repeated finding by the Independent Pricing and Regulatory Tribunal (IPART) that direct financial management services should be subject to transparent fee-for-service charges rather than fees calculated as a proportion of client estate value. NSW Trustee and Guardian does not have effective monitoring in place to know the actual costs of service deliveryDirect financial management services are resourced predominantly by client fees, comprising 81% of revenue between FY2018-FY2022. Government funding makes up the balance and is directed to fee subsidies and waivers for low-wealth clients (those with assets apart from their principal place of residence, motor vehicle and furniture valued under $75,000). Sixty-eight per cent of direct financial management clients at 30 June 2022 were low-wealth and eligible for fee subsidies. Private financial management services are resourced predominantly by client fees; government funding is not provided. Fees for both direct financial management and private management are capped by regulation. On the other hand, guardianship services are funded entirely by government funding as an annual grant, with the objective of providing these services for free to the client. NSW Trustee and Guardian has taken steps to try to capture data on the actual cost of providing guardianship and subsidised financial management services, and to estimate these costs in the absence of such data collection. However, system limitations have frustrated attempts to fully identify and quantify the costs of service provision, including the varying complexity of client needs and related staff effort. Without data on actual costs to serve, NSW Trustee and Guardian cannot confidently demonstrate that its guardianship and financial management expenses are efficient, or determine whether revenue - either from government funding or client fees - is sufficient to meet these costs. This is hampering its efforts to address a gap between the rate of growth in client numbers and complexity, and government funding for guardianship and subsidised direct financial management services. Government funding for guardianship services and direct financial management services for low-wealth clients has not kept pace with the growth in clients. There is a risk that some fee-paying clients are unknowingly subsidising othersUnder its enabling legislation, NSW Trustee and Guardian cannot decline to receive a guardianship or direct financial management client once the court or tribunal make relevant orders. It is intended to be a provider of 'last resort' where no other suitable person is willing or able to be the guardian or financial manager for a client. It also cannot decline to oversee a private financial manager. Demand for guardianship and direct financial management services is growing. Over the five- year audit review period (FY2018-FY2022), there has been an eight per cent increase in the number of people who have the NSW Trustee as their financial manager, a 32% increase in the number of people who have private managers and a 46% increase in the number of people who have the Public Guardian as their guardian. NSW Trustee and Guardian data suggests the complexity of client circumstances has also grown over time, increasing the staff effort required on client matters. The risk of cross-subsidisation arises when the revenue or income for a service (whether from fees, government funding or other sources) is less than the cost to provide the service. IPART found in a 2014 review that NSW Trustee and Guardian's fee structure across all its charged services at that time was resulting in significant cross-subsidies between services and between clients within each service. Such a gap remains evident with respect to NSW Trustee and Guardian's private management, direct financial management and guardianship services. However, NSW Trustee and Guardian cannot determine whether high-wealth direct financial management clients are subsidising services for guardianship and low-wealth direct financial management clients or private management clients without data on the actual costs to serve each client. There is a risk that some clients of these or other NSW Trustee and Guardian services are unknowingly subsidising financial management or guardianship clients. Cross-subsidisation is inequitable, inefficient and not aligned with NSW Treasury policy on government funding for non-commercial activities. NSW Trustee and Guardian has recognised this and repeatedly sought increased government funding for guardianship services, and subsidised direct financial management services, over the five-year audit review period. NSW Trustee and Guardian has applied additional funding received in the 2021–22 Budget to increase frontline service delivery staff, but gaps in monitoring and continuing IT system constraints create a risk that it will not address service quality issues, nor be able to demonstrate the impact of this new fundingNSW Trustee and Guardian received a funding boost of $41.5 million across four years in the 2021–22 State Budget. The budget enhancement represented a significant increase in government funding for NSW Trustee and Guardian to provide free guardianship services and subsidised direct financial management services. Nevertheless, NSW Trustee and Guardian expects the budget enhancement will address immediate funding shortfalls for these services, but not those forecast to occur in the future on existing client growth and fee revenue trends. NSW Trustee and Guardian has targeted the additional funding received in 2021–22 to improve adherence to its legislation through new operating models and a significant uplift in frontline staff numbers for guardianship and financial management services. Capital funding for IT system enhancements was not included in the additional funding allocated. However, there is a risk that existing gaps in monitoring service quality, performance and consumer experiences - and continuing IT system constraints - could lead to increasing frontline staff numbers without also addressing key issues in service quality, or in being able to demonstrate impact from the budget enhancement in seeking future funding. |
NSW Trustee and Guardian has only recently identified measures to track the performance of its financial management and guardianship services
Between 2021 and 2022, NSW Trustee and Guardian developed new divisional key performance indicators which aim to track the quality of services delivered to people under financial management and guardianship orders. These measures are reported quarterly to the organisation's executive leadership team. The divisions have started measuring some of these new performance indicators, but many will require changes to consumer engagement processes and IT legacy systems to collect additional data. At this stage it is unclear when these necessary changes will occur, and when relevant data will begin to be collected and analysed.
Before 2021, NSW Trustee and Guardian measured the performance of some of its financial management and guardianship operational processes. While these operational measures identify whether it is fulfilling some of its legislative functions, they are predominantly activity measures and do not inform on the quality of decision-making for direct financial management or guardianship clients, or on client experiences and outcomes.
Operational performance targets and measures have only recently been developed and used to centrally track the time elapsed between requests for certain decisions and the decisions made or relevant actions taken by relevant frontline staff. Baseline data for these measures show that target timeframes are not close to being met for minor medical decisions for people under guardianship orders, or for first customer payment, and redirection of income for people who are directly financially managed.
NSW Trustee and Guardian has proactively developed a benefits realisation framework to monitor the expected benefits from the additional funding received in 2021–22
NSW Trustee and Guardian has developed a benefits realisation framework to monitor the expected benefits from the additional funding (and other elements of the budget bid including increased fees and business improvements for efficiencies). This is not a requirement imposed by NSW Treasury, but a proactive step taken by NSW Trustee and Guardian to account for the use of the additional funding and to attempt to identify its impacts.
The benefits realisation framework includes interim and preferred measures, which reflect the things that can be tracked with existing data, and those that require new data collection, respectively. The measures are underpinned by separate program logics for direct and private financial management, and guardianship, and an overall investment logic. 'Logics' articulate the inputs, outputs and short/medium/long term outcomes expected from a project, program or investment, as well as the underpinning assumptions about how desired changes will occur (the 'mechanism' or 'theory' of change).
The targets and measures for NSW Trustee and Guardian's benefits realisation framework are the responsibility of the organisational divisions delivering guardianship and financial management services. The baseline data against which change will be measured is 30 June 2021, as the budget enhancement funds were allocated from 1 July 2021. The audit has been provided with baseline data, but not first year results (covering 2021–22) and as such, cannot assess whether any progress has been made towards the targets.
The benefits realisation framework may not provide the information needed to demonstrate the effectiveness of the budget enhancement
A lack of available data and limited measures in the benefits realisation framework may mean NSW Trustee and Guardian will not be able to meaningfully assess the impact of the additional funding.
The 22 measures in the benefits realisation framework across guardianship and financial management functions are predominantly monitoring activity and outputs which seek to track staff caseloads, the number of decisions made, the timeliness of key actions/tasks, and annual consumer engagements.
There is one service quality outcome measure: that customers, family and carers report an improved experience. The metrics for this measure will initially be monitored using the whole-of-government customer satisfaction measurement survey administered by the Department of Customer Service, until such time as other additional sources are developed. The whole-of-government survey is built around six core customer commitments relating to respondents' experiences with government services and staff - that they are: 'easy to access, act with empathy, respect my time, explain what to expect, resolve the situation and engage the community'. It is not clear whether or how the whole-of-government survey targets and engages people with impaired decision-making capacity or accessible communication needs.
Some measures in the NSW Trustee and Guardian benefits realisation framework do not yet have targets set, such as the ratio of the number of clients to the number of guardians or financial managers. Many relate to compliance with internal operational policies.
One interim measure for a direct financial management service indicator is 'increased personalised face-to-face consultations by phone or virtually'. It is intended to be replaced with the preferred measure 'ensure the client’s story is understood by staff and systems by consulting stakeholders and adding to the client’s story in the IT system'. However, the interim measure would better align with the national standards regarding regular and accessible engagement (discussed above).
A lack of availability of key data to track the preferred measures was identified by NSW Trustee and Guardian as an enterprise risk, and issues with existing data collected were identified early on, including that:
- data can be entered into systems inconsistently by staff
- current systems mask some issues – for example, a task can be completed within internal timeframes but not reflect the actual waiting time of consumers
- current systems cater to measuring outputs rather than service quality.
IT system improvements are slated in order to allow data to be collected to inform on preferred measures, but these depend on capital funding that has not yet been secured. At the time of writing, data sources were yet to be identified for three of the 22 measures, and NSW Trustee and Guardian did not have staff trained and available to run and analyse data for the benefits realisation framework.
The mechanisms of change and the underlying assumptions in the program and investment logics are also not clearly articulated in the benefits realisation framework, and nor is the underpinning evidence (such as from earlier reviews, research or pilots, or experiences elsewhere). Identifying and evidencing these would give some confidence that the assumptions are sound and that the mechanisms of change will operate as expected (for example, that a decline in frontline staff caseloads will translate into more time spent on individual matters, and improved service quality).
Given these limitations in measures, data collection and logics, there is a risk that the benefits realisation framework may not provide the performance and impact evidence necessary to assess the effectiveness of the budget enhancement, or to justify further additional funding in the future.
NSW Trustee and Guardian cannot track its financial management and guardianship service performance over time
NSW Trustee and Guardian's operational performance activity measures have changed over the audit review period, which limits NSW Trustee and Guardian’s ability to identify whether it has sustained or improved performance in its guardianship and financial management services over time.
NSW Trustee and Guardian has consistently tracked the number and themes of complaints about financial management and guardianship services, which do provide some insight into service quality and experiences. However, this is an incomplete measure as people under financial management and guardianship orders are a more vulnerable cohort than other NSW Trustee and Guardian customers and may require support to make a complaint. There is also a structural power imbalance between clients and their guardian or financial manager which may dissuade clients and their stakeholders from raising concerns. Therefore, it is not clear whether the numbers and themes in complaints received are representative of broader experiences.
Appendix two – Client characteristics
Appendix three – Easy English, Easy Read and Plain English formats
Appendix four – Financial management fees
Appendix five – NSW Trustee and Guardian Common Funds
Appendix six – About the audit
Appendix seven – Performance auditing
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Parliamentary reference - Report number #379 - released 18 May 2023
Actions for Planning and managing bushfire equipment
Planning and managing bushfire equipment
What the report is about
This audit assessed the effectiveness of the NSW Rural Fire Service (RFS) and local councils in planning and managing equipment for bushfire prevention, mitigation, and suppression.
What we found
The RFS has focused its fleet development activity on modernising and improving the safety of its firefighting fleet, and on the purchase of new firefighting aircraft.
There is limited evidence that the RFS has undertaken strategic fleet planning or assessment of the capability of the firefighting fleet to respond to current bushfire events or emerging fire risks.
The RFS does not have an overarching strategy to guide its planning, procurement, or distribution of the firefighting fleet.
The RFS does not have effective oversight of fleet maintenance activity across the State, and is not ensuring the accuracy of District Service Agreements with local councils, where maintenance responsibilities are described.
What we recommended
- Develop a fleet enhancement framework and strategy that is informed by an assessment of current fleet capability, and research into appropriate technologies to respond to emerging fire risks.
- Develop performance measures to assess the performance and capabilities of the fleet in each RFS District by recording and publicly reporting on fire response times, fire response outcomes, and completions of fire hazard reduction works.
- Report annually on fleet allocations to RFS Districts, and identify the ways in which fleet resources align with district-level fire risks.
- Develop a strategy to ensure that local brigade volunteers are adequate in numbers and appropriately trained to operate fleet appliances in RFS Districts where they are required.
- Establish a fleet maintenance framework to ensure regular update of District Service Agreements with local councils.
- Review and improve processes for timely recording of fleet asset movements, locations, and maintenance status.
This audit assessed how effectively the NSW Rural Fire Service (the RFS) plans and manages the firefighting equipment needed to prevent, mitigate, and suppress bushfires. This audit also examined the role of local councils in managing bushfire equipment fleet assets. Local councils have vested legal ownership of the majority of the land-based firefighting fleet, including a range of legislated responsibilities to carry out fleet maintenance and repairs. The RFS has responsibilities to plan and purchase firefighting fleet assets, and ensure they are ready for use in response to fires and other emergencies.
This report describes the challenges in planning and managing the firefighting fleet, including a confusion of roles and responsibilities between the RFS and local councils in relation to managing certain land-based rural firefighting fleet – a point that has been made in our Local Government financial audits over several years. This role confusion is further demonstrated in the responses of the RFS and local councils to this audit report – included at Appendix one.
The lack of cohesion in roles and responsibilities for managing rural firefighting vehicles increases the risk that these firefighting assets are not properly maintained and managed, and introduces a risk that this could affect their readiness to be mobilised when needed.
While the audit findings and recommendations address some of the operational and organisational inefficiencies in relation to rural firefighting equipment management, they do not question the legislative arrangements that govern them. This is a matter for the NSW Government to consider in ensuring the fleet arrangements are fit for purpose, and are clearly understood by the relevant agencies.
The NSW Rural Fire Service (hereafter the RFS) is the lead combat agency for bushfires in New South Wales, and has the power to take charge of bushfire prevention and response operations anywhere in the State. The RFS has responsibilities to prevent, mitigate and suppress bushfires across 95% of the State, predominantly in the non-metropolitan areas of New South Wales. Fire and Rescue NSW is responsible for fire response activity in the cities and large townships that make up the remaining five per cent of the State.
The RFS bushfire fleet is an integral part of the agency's overall bushfire risk management. The RFS also uses this fleet to respond to other emergencies such as floods and storms, motor vehicle accidents, and structural fires. Fleet planning and management is one of a number of activities that is necessary for fire mitigation and suppression.
The Rural Fires Act 1997 (Rural Fires Act) imposes obligations on all landowners and land managers to prevent the occurrence of bushfires and reduce the risk of bushfires from spreading. Local councils have fire prevention responsibilities within their local government areas, principally to reduce fire hazards near council owned or managed assets, and minor roads.
The RFS is led by a Commissioner and is comprised of both paid employees and volunteer rural firefighters. Its functions are prescribed in the Rural Fires Act and related legislation such as the State Emergency Rescue Management Act 1989. The RFS functions are also described in Bush Fire Risk Management Plans, the State Emergency Management Plan, District Service Agreements, and RFS procedural documents. Some of the core responsibilities of the RFS include:
- preventing, mitigating, and suppressing fires across New South Wales
- recruiting and managing volunteer firefighters in rural fire brigades
- purchasing and allocating firefighting fleet assets to local councils
- establishing District Service Agreements with local councils to give the RFS permissions to use the fleet assets that are vested with local councils
- carrying out fleet maintenance and repairs when authorised to do so by local councils
- inspecting the firefighting fleet
- supporting land managers and private property owners with fire prevention activity.
In order to carry out its legislated firefighting functions, the RFS relies on land-based vehicles, marine craft, and aircraft. These different firefighting appliance types are referred to in this report as the firefighting fleet or fleet assets.
RFS records show that in 2021 there were 6,345 firefighting fleet assets across NSW. Most of the land-based appliances commonly associated with firefighting, such as water pumpers and water tankers, are purchased by the RFS and vested with local councils under the Rural Fires Act. The vesting of firefighting assets with local councils means that the assets are legally owned by the council for which the asset has been purchased. The RFS is able to use the firefighting assets through District Service Agreements with local councils or groups of councils.
In addition to the land-based firefighting fleet, the RFS owns a fleet of aircraft with capabilities for fire mitigation, suppression, and reconnaissance during fire events. The RFS hires a fleet of different appliances to assist with fire prevention and hazard reduction works. These include aircraft for firefighting and fire reconnaissance, and heavy plant equipment such as graders and bulldozers for hazard reduction. Hazard reduction works include the clearance of bush and grasslands around major roads and protected assets, and the creation and maintenance of fire trails and fire corridors to assist with fire response activity.
The RFS is organised into 44 RFS Districts and seven Area Commands. The RFS relies on volunteer firefighters to assist in carrying out most of its firefighting functions. These functions may include the operation of the fleet during fire response activities and training exercises, and the routine inspection of the fleet to ensure it is maintained according to fleet service standards. Volunteer fleet inspections are supervised by the RFS Fire Control Officer.
In 2021 there were approximately 73,000 volunteers located in 1,993 rural fire brigades across the State, making the RFS the largest volunteer fire emergency service in Australia. In addition to brigade volunteers, the RFS has approximately 1,100 salaried staff who occupy leadership and administrative roles at RFS headquarters and in the 44 RFS Districts.
Local councils have legislative responsibilities relating to bushfire planning and management. Some of the core responsibilities of local councils include:
- establishing and equipping rural fire brigades
- contributing to the Rural Fire Fighting Fund
- vested ownership of land-based rural firefighting equipment
- carrying out firefighting fleet maintenance and repairs
- conducting bushfire prevention and hazard reduction activity.
The objective of this audit was to assess the effectiveness of the RFS and local councils in planning and managing equipment for bushfire prevention, mitigation, and suppression. From the period of 2017 to 2022 inclusive, we addressed the audit objective by examining whether the NSW RFS and local councils effectively:
- plan for current and future bushfire fleet requirements
- manage and maintain the fleet required to prevent, mitigate, and suppress bushfires in NSW.
This audit did not assess:
- the operational effectiveness of the RFS bushfire response
- the effectiveness of personal protective equipment and clothing
- the process of vesting of rural firefighting equipment with local councils
- activities of any other statutory authorities responsible for managing bushfires in NSW.
As the lead combat agency for the bushfire response in NSW, the RFS has primary responsibility for bushfire prevention, mitigation, and suppression.
Three local councils were selected as case studies for this audit, Hawkesbury City Council, Wagga Wagga City Council and Uralla Shire Council. These case studies highlight the ways in which the RFS and local councils collaborate and communicate in rural fire districts.
Conclusion
The RFS has focused its fleet development activity on modernising and improving the safety of its land-based firefighting fleet, and on the purchase of new firefighting aircraft
The RFS has reduced the average age of the firefighting fleet from approximately 21 years in 2017, to approximately 16 years in 2022. The RFS has also enhanced the aerial fleet with the addition of six new aircraft to add to the existing three aircraft.
Recommendations from inquiries into the 2019–20 bushfires have driven significant levels of fleet improvement activity, mainly focused on the addition of safety features to existing fleet appliances. The RFS has dedicated most of its efforts to purchasing and refurbishing firefighting appliances of the same type and in the same volumes year on year.
However, the RFS is unable to demonstrate how the composition, size, or the locations of the NSW firefighting fleet is linked to current fire prevention, mitigation, and suppression requirements, or future fire risks.
There is limited evidence that the RFS has undertaken strategic fleet planning or assessment of the capability of the firefighting fleet to respond to current bushfire events or emerging fire risks
The RFS has not established a methodology to assess the composition or volumes of the firefighting fleet against fire activity and fire risks in the 44 NSW Rural Fire Districts. The RFS has not developed performance measures or targets to assess or report on fire response times in each of its districts, nor has it developed measures to assess the effectiveness of responses according to fire sizes and fire types. Similarly, the RFS has limited performance measures to assess fire prevention activity, or to assess fuel load reduction works, so it is not possible to assess whether its fleet capabilities are fit for these purposes.
The RFS does not have an overarching strategy to guide its planning, procurement, or distribution of the firefighting fleet
RFS fleet planning and fleet allocations are based on historical fleet sizes and compositions, and distributed to locations where there are appropriately trained brigade volunteers.
The RFS takes an asset protection approach to bushfire prevention and planning that is based on the Australian and New Zealand Standard for Risk Management. This approach requires that the RFS identify assets at risk of fire, and develop treatment plans to protect these assets. However, fleet requirements are not linked to NSW asset protection plans, meaning that fleet is not allocated according to the identified risks in these plans. Further, the RFS does not develop fire prevention plans for areas where there are no identified assets.
The RFS has not conducted future-focused fleet research or planning into technologies that match fleet capabilities to emerging or future fire risks. Since the significant fire events of 2019–2020, the RFS has not changed its approach to planning for, or assessing, the operational capabilities of the fleet. The RFS advises it is scoping a project to match resources to risk, which it plans to commence in 2023.
The RFS does not have effective oversight of fleet maintenance activity across the State, and is not ensuring the accuracy of District Service Agreements where maintenance responsibilities are described
The RFS does not have a framework to ensure that District Service Agreements with local councils are accurate. Almost two thirds of service agreements have not been reviewed in the last ten years, and some do not reflect actual maintenance practices. There is no formalised process to ensure communication occurs between the RFS and local councils for fleet management and maintenance.
RFS fleet management systems at the central level are not integrated with RFS district-level databases to indicate when fleet assets are in workshops being maintained and serviced. The RFS has a new centralised Computer Aided Dispatch System that relies on accurate fleet locations and fleet condition information in order to dispatch vehicles to incidents and fires. A lack of interface between the district-level fleet systems and the centralised RFS fleet dispatch system, may impact on operational responses to bushfires.
The RFS has not made significant changes to the size or composition of the firefighting fleet in the past five years and does not have an overarching strategy to drive fleet development
Since 2017, the RFS has made minimal changes to its firefighting fleet volumes or vehicle types. The RFS is taking a fleet renewal approach to fleet planning, with a focus on refurbishing and replacing ageing firefighting assets with newer appliances and vehicles of the same classification and type. While the RFS has adopted a fleet renewal approach, driven by its Appliance Replacement Program Guide, it does not have a strategy or framework to guide its future-focused fleet development. There is no document that identifies and analyses bushfire events and risks in NSW, and matches fleet resources and fleet technologies to meet those risks. The RFS does not have fleet performance measures or targets to assess whether the size and composition of the fleet is meeting current or emerging bushfire climate hazards, or fuel load risks across its 44 NSW Fire Districts.
The RFS fleet currently comprises approximately 4,000 frontline, operational firefighting assets such as tankers, pumpers, and air and marine craft, and approximately 2,300 logistical vehicles, such as personnel transport vehicles and specialist support vehicles. Of the land-based firefighting vehicles, the RFS has maintained a steady number of approximately 3,800 tankers and 65 pumpers, year on year, for the past five years. This appliance type is an essential component of the RFS land-based, firefighting fleet with capabilities to suppress and extinguish fires.
Since 2017, most RFS fleet enhancement activity has been directed to upgrades and the modernisation of older fleet assets with new safety features. There is limited evidence of research into new fleet technologies for modern firefighting. The RFS fleet volumes and fleet types have remained relatively static since 2017, with the exception of the aerial firefighting fleet. Since 2017, the RFS has planned for, and purchased, six additional aircraft to add to the existing three aircraft in its permanent fleet.
While the RFS has made minimal changes to its fleet since 2017, in 2016 it reduced the overall number of smaller transport vehicles, by purchasing larger vehicles with increased capacity for personnel transport. The consolidation of logistical and transport vehicles accounts for an attrition in fleet numbers from 7,058 in 2016, to 6,315 in 2017 as shown in Exhibit 2.
The firefighting fleet management system is not always updated in a timely manner due to insufficient RFS personnel with permissions to make changes in the system
The RFS uses a fleet management system known as SAP EAM to record the location and status of firefighting fleet assets. The system holds information about the condition of the firefighting fleet, the home location of each fleet asset, and the maintenance, servicing, and inspection records of all assets. The RFS uses the system for almost all functions related to the firefighting fleet, including the location of vehicles so that they can be dispatched during operational exercises or fire responses.
Staff at RFS Headquarters are responsible for creating and maintaining asset records in the fleet management system. RFS District staff have limited permissions in relation to SAP EAM. They are able to raise work orders for repairs and maintenance, upload evidence to show that work has been done, and close actions in the system.
RFS District staff are not able to enter or update some fleet information in the system, such as the location of vehicles. When an RFS District receives a fleet appliance, it cannot be allocated to a brigade until the location of the asset is accurately recorded in the system. The location of the asset must be updated in the SAP EAM system by staff at RFS Headquarters. District staff can request system support from staff at RFS Headquarters to enter this information. At the time of writing, the position responsible for updating the fleet management system at RFS Headquarters was vacant, and RFS District personnel reported significant wait times in response to their service requests.
The RFS conducts annual audits of SAP EAM system information to ensure data is accurate and complete. RFS staff are currently doing data cleansing work to ensure that fleet allocations are recorded correctly in the system.
Communication between brigades, local councils and the RFS needs improvement to ensure that fleet information is promptly updated in the fleet management system
RFS brigade volunteers do not have access to the fleet management system. When fleet assets are used or moved, volunteers report information about the location and condition of the fleet to RFS District staff using a paper-based form, or by email or phone. Information such as vehicle mileage, engine hours, and defects are all captured by volunteers in a logbook which is scanned and sent to RFS District staff. RFS District staff then enter the relevant information into the fleet management system, or raise a service ticket with RFS Headquarters to enter the information.
Brigade volunteers move fleet assets for a range of reasons, including for fire practice exercises. If volunteers are unable to report the movement of assets to RFS District staff in a timely manner, this can lead to system inaccuracies. Lapses and backlogs in record keeping can occur when RFS staff at district offices or at Headquarters are not available to update records at the times that volunteers report information. A lack of accurate record keeping can potentially impact on RFS operational activities, including fire response activity.
Brigade volunteers notify RFS District staff when fleet appliances are defective, or if they have not been repaired properly. District staff then enter the information into the fleet management system. The inability of volunteers to enter information into the system means they have no visibility over their requests, including whether they have been approved, actioned, or rejected.
Local councils are responsible for servicing and maintaining the firefighting fleet according to the Rural Fires Act, but this responsibility can be transferred to the RFS through arrangements described in local service agreements. Council staff record all fleet servicing and maintenance information in their local systems. The types of fleet information that is captured in local council records can vary between councils. RFS staff described the level of council reporting, and the effectiveness of this process, as 'mixed'.
Councils use different databases and systems to record fleet assets, and some councils are better resourced for this activity than others
Firefighting fleet information is recorded in different asset management systems across NSW. Each council uses its own asset management system to record details about the vested fleet assets. All three councils that were interviewed for this audit had different systems to record information about the fleet. In addition, the type of information captured by the three councils was varied.
System | Hawkesbury City Council | Uralla Shire Council | Wagga Wagga City Council |
---|---|---|---|
Financial asset management system | TechnologyOne | Civica | Assetic |
Asset management system | TechnologyOne | Manual | MEX |
Local councils have varying levels of resources and capabilities to manage the administrative tasks associated with the firefighting fleet. Some of the factors that impact on the ability of councils to manage administrative tasks include: the size of the council; the capabilities of the information management systems, the size of the staff team, and the levels of staff training in asset management.
Uralla Shire Council is a small rural council in northern NSW. This council uses financial software to record information about the firefighting fleet. While staff record information about the condition of the asset, its replacement value, and its depreciation, staff do not record the age of the asset, or its location. Staff manually enter fleet maintenance information into their systems. Uralla Shire Council would like to purchase asset maintenance software that generates work orders for fleet repairs and maintenance. However, the council does not have trained staff in the use of asset management software, and the small size of the fleet may not make it financially worthwhile.
The Hawkesbury City Council uses a single system to capture financial and asset information associated with the firefighting fleet. Hawkesbury is a large metropolitan council located north-west of Sydney, with a relatively large staff team in comparison with Uralla Shire Council. The Hawkesbury City Council has given RFS District staff access to their fleet information system. RFS District staff can directly raise work orders for fleet repairs and maintenance through the council system, and receive automated notifications when the work is complete.
Two of the three audited councils report that they conduct annual reviews of fleet assets to assess whether the information they hold is accurate and up-to-date.
More than half of the fleet maintenance service agreements between the RFS and local councils have not been reviewed in ten years, and some do not reflect local practices
Local councils have a legislated responsibility to service, repair, and maintain the firefighting fleet to service standards set by the RFS. Councils may transfer this responsibility to the RFS through District Service Agreements. The RFS Districts are responsible for ensuring that the service agreements are current and effective.
The RFS does not have monitoring and quality control processes to ensure that service agreements with local councils are reviewed regularly. The RFS has 73 service agreements with local councils or groups of councils. Sixty-three per cent of service agreements had not been reviewed in the last ten years. Only four service agreements specify an end date and, of those, one agreement expired in 2010 and had not been reviewed at the time of this audit.
The RFS does not have a framework to ensure that service agreements with local councils reflect actual practices. Of the three councils selected for audit, one agreement does not describe the actual arrangements for fleet maintenance practices in RFS Districts. The service agreement with Hawkesbury City Council specifies that the RFS will maintain the firefighting fleet on behalf of council when, in fact, council maintains the firefighting fleet. The current agreement commenced in 2012, and at the time of writing had not been updated to reflect local maintenance practices.
When District Service Agreements are not reviewed periodically, there is a risk that neither local councils nor the RFS have clear oversight of the status of fleet servicing, maintenance, and repairs.
RFS District Service Agreements set out a requirement that RFS and local councils establish a liaison committee. Liaison committees typically include council staff, RFS District staff, and RFS brigade volunteers. While service agreements state that liaison committees must meet periodically to monitor and review the performance of the service agreement, committee members determine when and how often the committee meets.
RFS District staff and staff at the three audited councils are not meeting routinely to review or update their service agreements. At Wagga Wagga City Council, staff meet with RFS District staff each year to report on activity to fulfil service agreement requirements. Uralla Shire Council staff did not meet routinely with RFS District staff before 2021. When liaison committees do not meet regularly, there is a risk that the RFS and local councils have incorrect or outdated information about the location, status, or condition of the firefighting fleet. Given that councils lack systems to track and monitor fleet locations, regular communication between the RFS and local councils is essential.
The RFS has not established processes to ensure that local councils and RFS District personnel meet and exchange information about the fleet. Of the three councils selected for this audit, one council had not received information about the number, type, or status of the fleet for at least five years, and did not receive an updated list of appliances until there was a change in RFS District personnel. This has impacted on the accuracy of council record keeping. Councils do not always receive notification about new assets or information about the location of assets from the RFS, and therefore cannot reflect this information in their accounting and reporting.
RFS area commands audit system records to ensure fleet inspections occur as planned, but central systems are not always updated, creating operational risks
RFS District staff are required by the Rural Fires Act to ensure the firefighting fleet is inspected at least once a year. Regular inspections of the fleet are vital to ensure that vehicles are fit-for-purpose and safe for brigade volunteers. Inspections are also fundamental to the operational readiness and capability of RFS to respond to fire incidents.
RFS Area Command personnel conduct audits of fleet maintenance data to ensure that fleet inspections are occurring as planned. These inspections provide the RFS with assurance that the fleet is being maintained and serviced by local council workshops, or third-party maintenance contractors.
Some RFS Districts run their own fleet management systems outside of the central management system. They do this to manage their fleet inspection activity effectively. Annual fleet inspection dates are programmed by staff at RFS Headquarters. Most of the inspection dates generated by RFS Headquarters are clustered together and RFS Districts need to separate inspection times to manage workloads over the year. Spreading inspection dates is necessary to avoid exceeding the capacity of local council workshops or third party contractors, and to ensure that fleet are available during the bushfire season.
The fleet inspection records at RFS Headquarters are not always updated in a timely manner to reflect actual inspection and service dates of vehicles. District staff are not able to change fleet inspection and service dates in the central management system because they do not have the necessary permissions to access the system. The usual practice is for RFS District staff to notify staff at RFS Headquarters, and ask them to retrospectively update the system. As there is a lag in updating the central database, at a point in time, the actual inspection and service dates of vehicles can be different to the dates entered in the central fleet management system.
Fleet inspection and maintenance records must be accurately recorded in the central RFS management system for operational reasons. RFS Headquarters personnel need to know the location and maintenance status of fleet vehicles at all times in order to dispatch vehicles to incidents and fires. The RFS fleet management system is integrated with a new Computer Aided Dispatch System. The Computer Aided Dispatch System assigns the nearest and most appropriate vehicles to fire incidents. The system relies on accurate fleet locations and fleet condition information in order to dispatch these vehicles.
There is a risk that RFS Headquarters' systems do not contain accurate information about the location and status of vehicles. Some may be in workshops for servicing and repair, while the system may record them as available for dispatch. As there are many thousands of fleet vehicles, all requiring an annual service and inspection, a lack of accurate record keeping has wide implications for State fire operations.
RFS is currently exploring ways to improve the ways in which fleet inspections are programmed into the fleet management system.
RFS provides funds to councils to assist with maintaining the firefighting fleet, but does not receive fleet maintenance cost information from all local councils
Each year the RFS provides local councils with a lump sum to assist with the cost of repairing and maintaining the firefighting fleet. This lump sum funding is also used for meeting the costs of maintaining brigade stations, utilities, and other miscellaneous matters associated with RFS business.
In 2020–21, the RFS provided NSW local councils with approximately $23 million for maintenance and repairs of appliances, buildings, and utilities. Ninety councils were provided with lump sum funding in 2021, receiving on average $257,000. The amounts received by individual councils ranged from $56,200 to $1,029,884.
Some councils provide itemised repairs and maintenance reports to RFS District staff, showing the work completed and the cost of that work. However, not all councils collect this information or provide it to the RFS. Local councils collect fleet maintenance information in their local council systems. In some cases, the responsibility for fleet maintenance is shared across a group of councils, and not all councils have oversight of this process.
The RFS has not taken steps to require local councils to provide itemised maintenance costings for the firefighting fleet. Thus, the RFS does not have a clear understanding of how local councils are spending their annual fleet maintenance funding allocations. The RFS does not know if the funding allocations are keeping pace with the actual cost of repairing and maintaining the fleet.
RFS District staff report that funding shortfalls are impacting on the prioritisation of fleet servicing and maintenance works in some council areas. When fleet servicing and maintenance is not completed routinely or effectively, there is a risk that it can negatively impact the overall condition and lifespan of the vehicle. Poor processes in relation to fleet maintenance and repair risk impacting on the operational capabilities of the fleet during fire events.
The timeliness and effectiveness of fleet servicing and maintenance is affected by resource levels in RFS Districts and local councils
Local councils have a legislated responsibility to service and maintain the firefighting fleet to the service standards set by the RFS. Fleet maintenance is usually done by the entity with the appropriate workshops and resources, and the maintenance arrangements are described in District Service Agreements. RFS District staff conduct annual inspections to ensure that the firefighting fleet has been serviced and maintained appropriately, and is safe for use by brigade volunteers. If the fleet has not been maintained to RFS service standards or timelines, RFS District staff may work with local councils to support or remediate these works.
The effectiveness of this quality control activity is dependent on relationships and communication between the RFS Districts and local councils. While some RFS staff reported having positive relationships with local councils, others said they struggled to get fleet maintenance work done in a timely manner. Some councils reported that funding shortfalls for fleet maintenance activity was impacting on the prioritisation of RFS fleet maintenance works. When fleet maintenance work is not completed routinely or effectively, it can negatively impact on the overall condition and lifespan of the vehicle. It can also reduce the capacity of the RFS to respond to fire events.
Fleet quality control activities are carried out by RFS District staff. In some of the smaller RFS Districts, one person is responsible for liaising with local councils and brigade volunteers about fleet maintenance and repairs. In the regions where resources are limited, there is less ability to maintain ongoing communication. This is impacting on fleet service and maintenance timelines and the timeliness of fleet monitoring activity.
The RFS has mutual support arrangements with agencies in NSW and interstate, though shared fleet levels are yet to be quantified
The RFS has arrangements with state, federal, and international fire authorities to provide mutual support during fire incidents. In NSW, the RFS has agreements with the three statutory authorities – Fire and Rescue NSW, the Forestry Corporation of NSW, and the NSW National Parks and Wildlife Service. The agreement with Fire and Rescue NSW provides a framework for cooperation and joint operations between the agencies. The agreements with the Forestry Corporation of NSW and the NSW National Parks and Wildlife Service describe the control and coordination arrangements for bush and grass fires across NSW. These arrangements are set out in legislation and incorporated into local Bush Fire Risk Management Plans.
The RFS has agreements with fire authorities in three of the four Australian states and territories that share a border with NSW – the Australian Capital Territory, Queensland, and South Australia. Each agreement sets out the arrangements for mutual assistance and joint operations, including arrangements for sharing aircraft. The agreement between the RFS and Victoria had lapsed. The RFS told the NSW Bushfire Inquiry that the agreement with Victoria would be finalised by June 2020. In June 2022, the RFS reported that the agreement was in the process of being finalised.
The arrangements for mutual aid from Western Australia, Northern Territory and Tasmania, are managed by the National Resource Sharing Centre. These agreements set out the arrangements for interstate assistance between Australian fire services, emergency services, and land management agencies in those states and territories.
These mutual support arrangements may assist during state-based fire events. However, when there are competing demands for resources, such as during the bushfires of 2019–2020, there can be limits on fleet availability. During the 2019–2020 fires, resources were stretched in all jurisdictions as these fires affected NSW, Victoria, and Queensland.
There are opportunities for the RFS and other NSW agencies to quantify fleet resources across the State and identify assets that can be mobilised for different fire activities. This form of fleet planning may be used to enhance surge capabilities during times of high fire activity. There are also opportunities for the RFS and other agencies to match the levels of shared assets to projected bushfire risks.
Appendix one – Responses from agencies
Appendix two – About the audit
Appendix three – Performance auditing
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Parliamentary reference - Report number #376 - released 27 February 2023
Actions for Audit Insights 2018-2022
Audit Insights 2018-2022
What the report is about
In this report, we have analysed the key findings and recommendations from our audit reports over the past four years.
This analysis includes financial audits, performance audits, and compliance audits of state and local government entities that were tabled in NSW Parliament between July 2018 and February 2022.
The report is framed by recognition that the past four years have seen significant challenges and emergency events.
The scale of government responses to these events has been wide-ranging, involving emergency response coordination, service delivery, governance and policy.
The report is a resource to support public sector agencies and local government to improve future programs and activities.
What we found
Our analysis of findings and recommendations is structured around six key themes:
- Integrity and transparency
- Performance and monitoring
- Governance and oversight
- Cyber security and data
- System planning for disruption
- Resource management.
The report draws from this analysis to present recommendations for elements of good practice that government agencies should consider in relation to these themes. It also includes relevant examples from recent audit reports.
In this report we particularly call out threats to the integrity of government systems, processes and governance arrangements.
The report highlights the need for balanced advice to government on options and risks, for transparent documentation and reporting of directions and decisions, and for early and open sharing of information with integrity bodies and audit.
A number of the matters highlighted in this report are similar to those described in our previous Insights Report, (Performance Audit Insights: key findings from 2014–2018) specifically in relation to cyber and information security, to performance measurement, reporting and evaluation, and system and workforce planning and capability.
Fast facts
- 72 audits included in the Audit Insights 2018–2022 analysis
- 4 years of audits tabled by the Auditor-General for New South Wales
- 6 key themes for Audit Insights 2018–2022.
I am pleased to present the Audit Insights 2018–2022 report. This report describes key findings, trends and lessons learned from the last four years of audit. It seeks to inform the New South Wales Parliament of key risks identified and to provide insights and suggestions to the agencies we audit to improve performance across the public sector.
The report is framed by a very clear recognition that governments have been responding to significant events, in number, character and scale, over recent years. Further, it acknowledges that public servants at both state and council levels generally bring their best selves to work and diligently strive to deliver great outcomes for citizens and communities. The role of audit in this context is to provide necessary assurance over government spending, programs and services, and make suggestions for continuous improvement.
A number of the matters highlighted in this report are similar to those described in our previous Insights Report, (Performance Audit Insights: key findings from 2014–2018) specifically in relation to cyber and information security, to performance measurement, reporting and evaluation, and system and workforce planning and capability.
However, in this report we particularly call out threats to the integrity of government systems, processes and governance arrangements. We highlight the need for balanced advice to government on options and risks, for transparent documentation and reporting of directions and decisions, and for early and open sharing of information with integrity bodies and audit. Arguably, these considerations are never more important than in an increasingly complex environment and in the face of significant emergency events and they will be key areas of focus in our future audit program.
While we have acknowledged the challenges of the last few years have required rapid responses to address the short-term impacts of emergency events, there is much to be learned to improve future programs. I trust that the insights developed in this report provide a helpful resource to public sector agencies and local government across New South Wales. I would be pleased to receive any feedback you may wish to offer.
Margaret Crawford
Auditor-General for New South Wales
Integrity and transparency | Performance and monitoring | Governance and oversight | Cyber security and data | System planning | Resource management |
Insufficient documentation of decisions reduces the ability to identify, or rule out, misconduct or corruption. | Failure to apply lessons learned risks mistakes being repeated and undermines future decisions on the use of public funds. | The control environment should be risk-based and keep pace with changes in the quantum and diversity of agency work. | Building effective cyber resilience requires leadership and committed executive management, along with dedicated resourcing to build improvements in cyber security and culture. | Priorities to meet forecast demand should incorporate regular assessment of need and any emerging risks or trends. Absence of an overarching strategy to guide decision-making results in project-by-project decisions lacking coordination. | Governments must weigh up the cost of reliance on consultants at the expense of internal capability, and actively manage contracts and conflicts of interest. |
Government entities should report to the public at both system and project level for transparency and accountability. | Government activities benefit from a clear statement of objectives and associated performance measures to support systematic monitoring and reporting on outcomes and impact. | Management of risk should include mechanisms to escalate risks, and action plans to mitigate risks with effective controls. | In implementing strategies to mitigate cyber risk, agencies must set target cyber maturity levels, and document their acceptance of cyber risks consistent with their risk appetite. | Service planning should establish future service offerings and service levels relative to current capacity, address risks to avoid or mitigate disruption of business and service delivery, and coordinate across other relevant plans and stakeholders. | Negotiations on outsourced services and major transactions must maintain focus on integrity and seeking value for public funds. |
Entities must provide balanced advice to decision-makers on the benefits and risks of investments. | Benefits realisation should identify responsibility for benefits management, set baselines and targets for benefits, review during delivery, and evaluate costs and benefits post-delivery. | Active review of policies and procedures in line with current business activities supports more effective risk management. | Governments hold repositories of valuable data and data capabilities that should be leveraged and shared across government and non-government entities to improve strategic planning and forecasting. | Formal structures and systems to facilitate coordination between agencies is critical to more efficient allocation of resources and to facilitate a timely response to unexpected events. | Transformation programs can be improved by resourcing a program management office. |
Clear guidelines and transparency of decisions are critical in distributing grant funding. | Quality assurance should underpin key inputs that support performance monitoring and accounting judgements. | Governance arrangements can enable input into key decisions from both government and non-government partners, and those with direct experience of complex issues. | Workforce planning should consider service continuity and ensure that specialist and targeted roles can be resourced and allocated to meet community need. | ||
Governments must ensure timely and complete provision of information to support governance, integrity and audit processes. | |||||
Read more | Read more | Read more | Read more | Read more | Read more |
This report brings together a summary of key findings arising from NSW Audit Office reports tabled in the New South Wales Parliament between July 2018 and February 2022. This includes analysis of financial audits, performance audits, and compliance audits tabled over this period.
- Financial audits provide an independent opinion on the financial statements of NSW Government entities, universities and councils and identify whether they comply with accounting standards, relevant laws, regulations, and government directions.
- Performance audits determine whether government entities carry out their activities effectively, are doing so economically and efficiently, and in accordance with relevant laws. The activities examined by a performance audit may include a selected program or service, all or part of an entity, or more than one government entity. Performance audits can consider issues which affect the whole state and/or the local government sectors.
- Compliance audits and other assurance reviews are audits that assess whether specific legislation, directions, and regulations have been adhered to.
This report follows our earlier edition titled 'Performance Audit Insights: key findings from 2014–2018'. That report sought to highlight issues and themes emerging from performance audit findings, and to share lessons common across government. In this report, we have analysed the key findings and recommendations from our reports over the past four years. The full list of reports is included in Appendix 1. The analysis included findings and recommendations from 58 performance audits, as well as selected financial and compliance reports tabled between July 2018 and February 2022. The number of recommendations and key findings made across different areas of activity and the top issues are summarised at Exhibit 1.
The past four years have seen unprecedented challenges and several emergency events, and the scale of government responses to these events has been wide-ranging involving emergency response coordination, service delivery, governance and policy. While these emergencies are having a significant impact today, they are also likely to continue to have an impact into the future. There is much to learn from the response to those events that will help the government sector to prepare for and respond to future disruption. The following chapters bring together our recommendations for core elements of good practice across a number of areas of government activity, along with relevant examples from recent audit reports.
This 'Audit Insights 2018–2022' report does not make comparative analysis of trends in public sector performance since our 2018 Insights report, but instead highlights areas where government continues to face challenges, as well as new issues that our audits have identified since our 2018 report. We will continue to use the findings of our Insights analysis to shape our future audit priorities, in line with our purpose to help Parliament hold government accountable for its use of public resources in New South Wales.
Appendix one – Included reports, 2018–2022
Appendix two – About this report
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Actions for Planning, Industry and Environment 2019
Planning, Industry and Environment 2019
This report outlines the results of audits of the financial statements of agencies now grouped in the NSW Planning, Industry and Environment cluster.
Unqualified audit opinions were issued for 56 of the 66 cluster agencies’ 30 June 2019 financial statements. Ten audits remain incomplete. The cluster agencies need to improve the timeliness of financial reporting.
The Audit Office continued to identify issues regarding unprocessed Aboriginal land claims and the recognition of Crown land. ‘Auditor-General’s reports to parliament have recommended action to reduce the level of unprocessed land claims since 2007. However, the number of unprocessed claims continued to increase’, Margaret Crawford said.
One in five internal control findings were repeat issues. Key themes included information technology, asset management and improvements required to expense and payroll controls.
The report makes several recommendations including:
- Property NSW should urgently address the deficiencies in the lease data used to calculate the impact of the new leasing standard effective from 1 July 2019
- the Department of Planning, Industry and Environment should prioritise action to reduce unprocessed Aboriginal land claims
- the Department of Planning, Industry and Environment should ensure the Crown land database is complete and accurate so state agencies and local government councils are better informed about the Crown land they control.
This report analyses the results of our audits of financial statements of the Planning, Industry and Environment cluster agencies for the year ended 30 June 2019. The table below summarises our key observations.
1. Machinery of Government changes
Creation of the Planning, Industry and Environment cluster |
The Machinery of Government (MoG) changes abolished the former Planning and Environment cluster and former Industry cluster, and created the Planning, Industry and Environment cluster on 1 July 2019. The Department of Planning and Environment (DPE), the Department of Industry (DOI), the Office of Environment and Heritage, and the Office of Local Government were abolished and the majority of their functions were transferred to the new Department of Planning, Industry and Environment (DPIE). |
The Department of Planning, Industry and Environment is still in the process of implementing changes |
The MoG changes bring risks and challenges to the cluster. A MoG Steering Committee, with the support of various project control groups and working groups, identified and developed responses to key risks arising from the changes. However, the DPIE will take some time to fully integrate the policies, systems and processes of the abolished Departments and agencies. |
2. Financial reporting
Audit opinions | Unqualified audit opinions were issued for 56 of the 66 cluster agencies' 30 June 2019 financial statements audits. Ten financial statements audits are still ongoing. |
Timeliness of financial reporting |
Fifty-five of the 57 agencies subject to statutory deadlines submitted their financial statements on time. Due to issues identified during the audit, 13 financial statements audits were not completed and audit opinions issued by the statutory deadline. Agencies prepared and submitted their early close procedures in accordance with the mandatory timeframe set by NSW Treasury. However, 17 of the 49 agencies where we reviewed early close procedures were assessed as either partially addressing or not addressing one or more of the mandatory requirements. The cluster agencies could benefit from an increased focus on early close procedures. |
Introduction of AASB 16 'Leases' |
We noted errors in the lease data used in Property NSW's AASB 16 impact calculations, which affect both Property NSW and other government agencies. These errors were significant enough to present a risk of material misstatements to the financial statements of Property NSW and other government agencies in future reporting periods. We had similar findings in our recent performance audit on 'Property Asset Utilisation', which highlighted issues with the quality of Property NSW's records. Recommendation: Property NSW should urgently address the deficiencies in the lease data used to calculate the impact of the new leasing standard effective from 1 July 2019. |
Unprocessed Aboriginal land claims have continued to increase |
Despite an increase in the number of claims resolved, the number of unprocessed Aboriginal land claims increased by 7.2 per cent from the prior year to 35,855 at 30 June 2019. Claims can be made over Crown land assets of the DPIE or other government agencies. Until claims are resolved, there is an uncertainty over who is entitled to the land and the uses and activities that can be carried out on the land. We first recommended action to address unprocessed claims in 2007. Recommendation (repeat issue): The DPIE should prioritise action to reduce unprocessed Aboriginal land claims. |
3. Audit observations
Internal controls |
One in five internal control issues identified and reported to management in 2018–19 were repeat issues. The lack of user access review was the most common IT general control issue in the cluster. |
Drought relief |
The NSW Government announced an emergency drought relief package of $500 million in 2018, in addition to other financial assistance measures already in place. Limited documentation and written agreements between relevant delivery agencies resulted in a $31.0 million misstatement relating to grant revenue. |
Recognition of Crown land |
Crown land is an important asset of the state. Management and recognition of Crown land assets is weakened when there is confusion over who is responsible for a particular Crown land parcel. Last year we recommended the DOI should ensure the database of Crown land is complete and accurate. While the DOI has commenced actions to improve the database, this continued to be an issue in 2018–19. Recommendation (repeat issue): The DPIE should ensure the Crown land database is complete and accurate so state agencies and local government councils are better informed about the Crown land they control. |
Developer contributions | The former DPE continued to accumulate more developer contributions revenues than it spent on infrastructure projects. Total unspent funds increased to $274 million at 30 June 2019. |
This report provides parliament and other users of the Planning, Industry and Environment cluster agencies financial statements with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
This cluster was created by the Machinery of Government changes on 1 July 2019. This report is focused on agencies in the Planning, Industry and Environment cluster from 1 July 2019. However, these agencies were all in other clusters during 2018–19. Please refer to the section on Machinery of Government changes for more details.
Machinery of Government (MoG) refers to how the government organises the structures and functions of the public service. MoG changes are where the government reorganises these structures and functions that are given effect by Administrative orders.
The MoG changes, announced following the NSW State election on 23 March 2019, created the Planning, Industry and Environment (PIE) cluster. The Administrative Changes Orders issued on 2 April 2019, 1 May 2019 and 28 June 2019 gave effect to these changes. These orders became effective on 1 July 2019.
Section highlights
The 2019 MoG changes significantly impacted the former Planning and Environment, and Industry clusters and agencies.
- The PIE cluster combines most of the functions and agencies of the former Planning and Environment and Industry clusters from 1 July 2019.
- The Department of Planning, Industry and Environment is the principal agency in the PIE cluster.
- The MoG changes bring risks and challenges to the PIE cluster.
- A MoG Steering Committee was established to oversee the transitional processes.
- The full integration of the systems and processes will not be completed in the near future.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Planning, Industry and Environment (PIE) cluster for 2019. In this chapter, the Department of Planning, Industry and Environment is referred to as DPIE, the former Department of Planning and Environment as DPE, and the former Department of Industry as DOI.
Section highlights
- Unqualified audit opinions were issued for all completed 30 June 2019 financial statements audits. However, some cluster agencies can further enhance the quality of financial reporting.
- Timeliness of financial reporting remains an issue for 13 agencies.
- Deficiencies were identified in the data used to calculate the impact of AASB 16 ‘Leases’ effective from 1 July 2019. Property NSW should urgently address these deficiencies.
- Unprocessed Aboriginal land claims continue to increase. DPIE should prioritise action to reduce unprocessed Aboriginal land claims.
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our audit observations and insights from our financial statement audits of agencies in the Planning, Industry and Environment (PIE) cluster for 2019. In this chapter, the Department of Planning, Industry and Environment is referred to as DPIE, the former Department of Planning and Environment as DPE, and the former Department of Industry as DOI.
Section highlights
- One in five issues identified and reported to management in 2018–19 were repeat issues.
- The lack of user access review was the most common IT general control issue in the PIE cluster.
- The PIE cluster provided significant financial assistance for drought relief.
- There continues to be significant deficiencies in Crown land records. The DPIE should ensure the Crown land database is complete and accurate.
- Unspent developer contributions funds continued to build up in 2018–19.
Appendix one – List of 2019 recommendations
Appendix two – Status of 2018 recommendations
Appendix three – Cluster agencies
Appendix four – Financial data
Appendix five – Management letter findings
Appendix six – Timeliness of financial reporting
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Actions for Stronger Communities 2019
Stronger Communities 2019
A report has been released on the NSW Stronger Communities cluster.
From 1 July 2019, the functions of the former Department of Justice, the former Department of Family and Community Services and many of the cluster agencies moved to the new Stronger Communities cluster. The Department of Communities and Justice is the principal agency in the new Stronger Communities cluster.
The report focuses on key observations and findings from the most recent financial audits of agencies in the Stronger Communities cluster.
Unqualified audit opinions were issued on the financial statements for all agencies in the cluster.
There were 157 audit findings on internal controls. Two of these were high risk and 59 were repeat findings from previous financial audits. ‘Cluster agencies should prioritise actions to address internal control weaknesses promptly with particular focus given to issues that are assessed as high risk’, the Auditor-General said.
The report notes that the NSW Government’s new workers' compensation legislation, which gave eligible firefighters presumptive rights to workers' compensation, cost emergency services agencies $180 million in 2018–19, mostly in increased premiums.
This report analyses the results of our audits of financial statements of the agencies comprising the Stronger Communities cluster for the year ended 30 June 2019. The table below summarises our key observations.
This report provides parliament and other users of the financial statements of agencies in the Stronger Communities cluster with the results of our audits, our observations, analyses, conclusions and recommendations in the following areas:
- financial reporting
- audit observations.
This cluster was significantly impacted by the Machinery of Government (MoG) changes on 1 July 2019. This report focuses on the agencies that from 1 July 2019, comprised the Stronger Communities cluster. The MoG changes moved some agencies from the clusters to which they belonged in 2018–19 to the Stronger Communities cluster. Conversely, the MoG also moved some agencies formerly in the Family and Community Services cluster and Justice cluster elsewhere. Please refer to the section on Machinery of Government changes for more details.
The Department of Communities and Justice is the principal agency of the cluster. The newly created department combines functions of the former Department of Justice and the Department of Family and Community Services.
Machinery of Government (MoG) refers to how the government organises the structures and functions of the public service. MoG changes occur when the government reorganises these structures and functions and those changes are given effect by Administrative Orders.
The MoG changes announced following the NSW State election on 23 March 2019 significantly impacted the Stronger Communities cluster through Administrative Changes Orders issued on 2 April 2019 and 1 May 2019. These orders took effect on 1 July 2019.
Section highlights
The 2019 MoG changes significantly impacted the former Justice and Family and Community Services (FACS) departments and clusters.
- The Stronger Communities cluster combines most of the functions and agencies of the former Justice and FACS clusters from 1 July 2019.
- The Department of Communities and Justice is now the principal agency in the new cluster.
- The MoG changes bring new responsibilities, risks and challenges to the cluster.
- A temporary office has been established by the Department of Communities and Justice to support the cluster in the planning, delivery and reporting associated with implementing the changes.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations relating to the financial reporting of agencies in the Stronger Communities cluster for 2019.
Section highlights
- Unqualified audit opinions were issued for all agencies' 30 June 2019 financial statements. However, further actions can be taken by some cluster agencies to enhance the quality of their financial reporting.
- In November 2018, the Department of Justice implemented a new Victims Support Services system called VS Connect. Significant data quality issues arising from the VS Connect system implementation impacted the Department's ability to reliably estimate its Victims Support Scheme claims liabilities at 30 June 2019.
We recommend the Department of Communities and Justice resolves the data quality issues in the new VS Connect System before 30 June 2020 and capture and apply lessons learned from recent project implementations, including LifeLink, Justice SAP and VS Connect, in any relevant future implementations. - Our audits found some cluster agencies needed to do more work on their impact assessments and preparedness to implement the new accounting standards, to minimise the risk of errors in their 2019–20 financial statements.
- Cluster agencies with annual leave balances exceeding the State's target should further review their approach to managing leave balances.
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Stronger Communities cluster.
Section highlights
- Cluster agencies should action recommendations to address internal control weaknesses promptly. Particular focus should be given to prioritising high risk issues. The 2018–19 financial audits of cluster agencies identified 157 internal control issues. Of these, two were high risk and 37.6 per cent were repeat findings from previous audits.
- Data from the Department of Justice shows the inmate population reached a maximum of 13,798, compared to an operational capacity of 14,626 beds on 31 August 2019. This equates to an operational vacancy rate of 5.7 per cent, which is more than the recommended 5.0 per cent buffer. This is the first time the vacancy rate has exceeded the target over the last five years. Growth in the NSW prison population is being managed through the NSW Government's $3.8 billion Prison Bed Capacity Program.
- In September 2018, the NSW Government introduced new workers' compensation legislation, which gives eligible firefighters presumptive rights to workers' compensation when diagnosed with one of 12 prescribed cancers. The new legislation cost emergency services agencies $180 million in 2018–19, mainly through additional workers' compensation premiums.
Appendix one – Timeliness of financial reporting by agency
Appendix two – Management letter findings by agency
Appendix three – List of 2019 recommendations
Appendix four – Status of 2018 recommendations
Appendix five – Cluster agencies
Copyright notice
© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.
Actions for Family and Community Services 2018
Family and Community Services 2018
The Auditor-General for New South Wales, Margaret Crawford released her report today on the Family and Community Services cluster. The report focuses on key observations and findings from the most recent financial audits of agencies in the cluster. Cluster entities received unqualified audit opinions for their 30 June 2018 financial statements. Opportunities to improve the quality of financial reporting were identified and reported to management.
This report analyses the results of our audits of financial statements of the Family and Community Services cluster for the year ended 30 June 2018. The table below summarises our key observations.
This report provides NSW Parliament and other users of the financial statements of Family and Community Services' agencies with the results of our audits, our observations, analysis, conclusions and recommendations in the following areas:
- financial reporting
- audit observations
- service delivery.
Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.
This chapter outlines our audit observations related to the financial reporting of agencies in the Family and Community Services cluster for 2018.
Observation | Conclusions and recommendations |
2.1 Quality of financial reporting | |
Unqualified audit opinions were issued for all cluster agencies' financial statements. | Conclusion: Sufficient audit evidence was obtained to conclude the financial statements were free of material misstatement. |
Agencies complied with NSW Treasury’s mandatory early close requirements. Completing other early close procedures was inconsistent and not always supported by adequate evidence. |
Conclusion: There are opportunities for agencies to improve the quality of financial reporting by:
|
2.2 Timeliness of financial reporting | |
Agencies completed revaluations of property, plant and equipment and submitted 31 March 2018 financial statements by the due date as required by NSW Treasury. Agencies submitted year-end financial statements by the statutory deadline. |
Conclusion: Early revaluations of property, plant and equipment contributes to agencies meeting the year-end statutory reporting deadline. |
Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.
This chapter outlines our observations and insights from:
- our financial statement audits of agencies in the Family and Community Services cluster for 2018
- the areas of focus identified in the Audit Office annual work program.
The Audit Office Annual Work Program provides a summary of all audits to be conducted within the proposed time period as well as detailed information on the areas of focus for each NSW Government cluster.
Observation | Conclusions and recommendations |
3.1 Internal controls | |
The 2017–18 audits reported 47 internal control weaknesses. While none were high risk, there were 15 repeat issues. |
Conclusion: Management accepted audit findings and advised they are actioning recommendations. Timely action is important to ensure internal controls operate effectively. |
Twenty-two of these internal control weaknesses related to information technology processes and control environment. | Conclusion: Control weaknesses in information systems may compromise the integrity and security of financial data used for decision making and financial reporting. Recommendation: Agencies should strengthen user access administration to prevent inappropriate access to key IT systems by:
|
The Department, NSW Land and Housing Corporation (LAHC) and three other cluster agencies’ contract registers are incomplete and/or inaccurate. | Recommendation: Agencies should ensure their contract registers are complete and accurate so they can more effectively govern contracts and manage compliance obligations. |
3.2 Audit Office annual work program | |
Financial impact of the commissioning approach. The transfer of disability services to the National Disability Insurance Scheme and other commissioning of service delivery has contributed to a 36 per cent decrease in frontline employee numbers since 2015–16. Similarly, corporate services’ employee numbers reduced by 34 per cent. The Department’s salary costs have reduced by $232 million or 18 per cent from 2016–17. |
Conclusion: The ratio of corporate services employee numbers to support frontline and support services has remained at 1:10 since 2015–16, which indicates restructures have been planned to align with the transfer of disability services. |
Impact of the new social housing maintenance contract Maintenance expenses have increased by about 40 per cent since the new maintenance contract commenced in April 2016. LAHC measures the benefits of the new maintenance contract such as improved tenant satisfaction. |
Conclusion: The new maintenance contract has contributed to some positive social outcomes such as tenants being employed by the contractors to conduct maintenance, as call centre operators and in administration. However, more can be done to ensure value for money is being achieved. |
ChildStory IT Project Whilst phase one of the ChildStory IT project went 'live' in 2017–18, the planned timetable has not been met and the revised date for full implementation is end of 2018. According to the 2014–15 NSW Budget, the budget for ChildStory was $100 million over a four-year period. During the design and implementation stage, this amount was revised to $128 million, with approval of the Expenditure Review Committee. The actual cost incurred over the four years until 30 June 2018, is approximately $131 million. We identified issues with the data migration from the legacy systems to ChildStory. |
Conclusion: To inform future IT projects, we understand the Department is capturing our findings, along with the findings from the Department of Finance, Services and Innovation’s ‘Healthchecks’. |
This chapter outlines certain service delivery outcomes for 2017–18. The data on activity levels and performance is provided by Cluster agencies. The Audit Office does not have a specific mandate to audit performance information. Accordingly, the information in this chapter is unaudited.
In our recent performance audit, Progress and measurement of Premier's Priorities, we identified 12 limitations of performance measurement and performance data. We recommended that the Department of Premier and Cabinet ensure that processes to check and verify data are in place for all agency data sources.
Actions for Managing Antisocial behaviour in public housing
Managing Antisocial behaviour in public housing
The Department of Family and Community Services (FACS) has not adequately supported or resourced its staff to manage antisocial behaviour in public housing according to a report released today by the Deputy Auditor-General for New South Wales, Ian Goodwin.
In recent decades, policy makers and legislators in Australian states and territories have developed and implemented initiatives to manage antisocial behaviour in public housing environments. All jurisdictions now have some form of legislation or policy to encourage public housing tenants to comply with rules and obligations of ‘good neighbourliness’. In November 2015, the NSW Parliament changed legislation to introduce a new approach to manage antisocial behaviour in public housing. This approach is commonly described as the ‘strikes’ approach.
When introduced in the NSW Parliament, the ‘strikes’ approach was described as a means to:
- improve the behaviour of a minority of tenants engaging in antisocial behaviour
- create better, safer communities for law abiding tenants, including those who are ageing and vulnerable.
FACS has a number of tasks as a landlord, including a responsibility to collect rent and organise housing maintenance. FACS also has a role to support tenants with complex needs and manage antisocial behaviour. These roles have some inherent tensions. The FACS antisocial behaviour management policy aims are:
to balance the responsibilities of tenants, the rights of their neighbours in social housing, private residents and the broader community with the need to support tenants to sustain their public housing tenancies.
This audit assessed the efficiency and effectiveness of the ‘strikes’ approach to managing antisocial behaviour in public housing environments.
We examined whether:
- the approach is being implemented as intended and leading to improved safety and security in social housing environments
- FACS and its partner agencies have the capability and capacity to implement the approach
- there are effective mechanisms to monitor, report and progressively improve the approach.
Conclusion
FACS has not adequately supported or resourced its staff to implement the antisocial behaviour policy. FACS antisocial behaviour data is incomplete and unreliable. Accordingly, there is insufficient data to determine the nature and extent of the problem and whether the implementation of the policy is leading to improved safety and security. FACS management of minor and moderate incidents of antisocial behaviour is poor. FACS has not dedicated sufficient training to equip frontline housing staff with the relevant skills to apply the antisocial behaviour management policy. At more than half of the housing offices we visited, staff had not been trained to:
When frontline housing staff are informed about serious and severe illegal antisocial behaviour incidents, they generally refer them to the FACS Legal Division. Staff in the Legal Division are trained and proficient in managing antisocial behaviour in compliance with the policy and therefore, the more serious incidents are managed effectively using HOMES ASB.
|
Parliamentary reference - Report number #306 - released 10 August 2018
Actions for Managing risks in the NSW public sector: risk culture and capability
Managing risks in the NSW public sector: risk culture and capability
The Ministry of Health, NSW Fair Trading, NSW Police Force, and NSW Treasury Corporation are taking steps to strengthen their risk culture, according to a report released today by the Auditor-General, Margaret Crawford. 'Senior management communicates the importance of managing risk to their staff, and there are many examples of risk management being integrated into daily activities', the Auditor-General said.
We did find that three of the agencies we examined could strengthen their culture so that all employees feel comfortable speaking openly about risks. To support innovation, senior management could also do better at communicating to their staff the levels of risk they are willing to accept.
Effective risk management is essential to good governance, and supports staff at all levels to make informed judgements and decisions. At a time when government is encouraging innovation and exploring new service delivery models, effective risk management is about seizing opportunities as well as managing threats.
Over the past decade, governments and regulators around the world have increasingly turned their attention to risk culture. It is now widely accepted that organisational culture is a key element of risk management because it influences how people recognise and engage with risk. Neglecting this ‘soft’ side of risk management can prevent institutions from managing risks that threaten their success and lead to missed opportunities for change, improvement or innovation.
This audit assessed how effectively NSW Government agencies are building risk management capabilities and embedding a sound risk culture throughout their organisations. To do this we examined whether:
- agencies can demonstrate that senior management is committed to risk management
- information about risk is communicated effectively throughout agencies
- agencies are building risk management capabilities.
The audit examined four agencies: the Ministry of Health, the NSW Fair Trading function within the Department of Finance, Services and Innovation, NSW Police Force and NSW Treasury Corporation (TCorp). NSW Treasury was also included as the agency responsible for the NSW Government's risk management framework.
In assessing an agency’s risk culture, we focused on four key areas:
Executive sponsorship (tone at the top)
In the four agencies we reviewed, senior management is communicating the importance of managing risk. They have endorsed risk management frameworks and funded central functions tasked with overseeing risk management within their agencies.
That said, we found that three case study agencies do not measure their existing risk culture. Without clear measures of how employees identify and engage with risk, it is difficult for agencies to tell whether employee's behaviours are aligned with the 'tone' set by the executive and management.
For example, in some agencies we examined we found a disconnect between risk tolerances espoused by senior management and how these concepts were understood by staff.
Employee perceptions of risk management
Our survey of staff indicated that while senior leaders have communicated the importance of managing risk, more could be done to strengthen a culture of open communication so that all employees feel comfortable speaking openly about risks. We found that senior management could better communicate to their staff the levels of risk they should be willing to accept.
Integration of risk management into daily activities and links to decision-making
We found examples of risk management being integrated into daily activities. On the other hand, we also identified areas where risk management deviated from good practice. For example, we found that corporate risk registers are not consistently used as a tool to support decision-making.
Support and guidance to help staff manage risks
Most case study agencies are monitoring risk-related skills and knowledge of their workforce, but only one agency has addressed the gaps it identified. While agencies are providing risk management training, surveyed staff in three case study agencies reported that risk management training is not adequate.
NSW Treasury provides agencies with direction and guidance on risk management through policy and guidelines. In line with better practice, NSW Treasury's principles-based policy acknowledges that individual agencies are in a better position to understand their own risks and design risk management frameworks that address those risks. Nevertheless, there is scope for NSW Treasury to refine its guidance material to support a better risk culture in the NSW public sector.
Recommendation
By May 2019, NSW Treasury should:
- Review the scope of its risk management guidance, and identify additional guidance, training or activities to improve risk culture across the NSW public sector. This should focus on encouraging agency heads to form a view on the current risk culture in their agencies, identify desirable changes to that risk culture, and take steps to address those changes.
Appendix one - Response from agencies
Appendix three - About the audit
Appendix four - Performance auditing
Parliamentary reference - Report number #298 - released 23 April 2018
Actions for Detecting and responding to cyber security incidents
Detecting and responding to cyber security incidents
A report released today by the Auditor-General for New South Wales, Margaret Crawford, found there is no whole-of-government capability to detect and respond effectively to cyber security incidents. There is very limited sharing of information on incidents amongst agencies, and some agencies have poor detection and response practices and procedures.
The NSW Government relies on digital technology to deliver services, organise and store information, manage business processes, and control critical infrastructure. The increasing global interconnectivity between computer networks has dramatically increased the risk of cyber security incidents. Such incidents can harm government service delivery and may include the theft of information, denial of access to critical technology, or even the hijacking of systems for profit or malicious intent.
This audit examined cyber security incident detection and response in the NSW public sector. It focused on the role of the Department of Finance, Services and Innovation (DFSI), which oversees the Information Security Community of Practice, the Information Security Event Reporting Protocol, and the Digital Information Security Policy (the Policy).
The audit also examined ten case study agencies to develop a perspective on how they detect and respond to incidents. We chose agencies that are collectively responsible for personal data, critical infrastructure, financial information and intellectual property.
Some of our case study agencies had strong processes for detection and response to cyber security incidents but others had a low capability to detect and respond in a timely way.
Most agencies have access to an automated tool for analysing logs generated by their IT systems. However, coverage of these tools varies. Some agencies do not have an automated tool and only review logs periodically or on an ad hoc basis, meaning they are less likely to detect incidents.
Few agencies have contractual arrangements in place for IT service providers to report incidents to them. If a service provider elects to not report an incident, it will delay the agency’s response and may result in increased damage.
Most case study agencies had procedures for responding to incidents, although some lack guidance on who to notify and when. Some agencies do not have response procedures, limiting their ability to minimise the business damage that may flow from a cyber security incident. Few agencies could demonstrate that they have trained their staff on either incident detection or response procedures and could provide little information on the role requirements and responsibilities of their staff in doing so.
Most agencies’ incident procedures contain limited information on how to report an incident, who to report it to, when this should occur and what information should be provided. None of our case study agencies’ procedures mentioned reporting to DFSI, highlighting that even though reporting is mandatory for most agencies their procedures do not require it.
Case study agencies provided little evidence to indicate they are learning from incidents, meaning that opportunities to better manage future incidents may be lost.
Recommendations
The Department of Finance, Services and Innovation should:
- assist agencies by providing:
- better practice guidelines for incident detection, response and reporting to help agencies develop their own practices and procedures
- training and awareness programs, including tailored programs for a range of audiences such as cyber professionals, finance staff, and audit and risk committees
- role requirements and responsibilities for cyber security across government, relevant to size and complexity of each agency
- a support model for agencies that have limited detection and response capabilities
- revise the Digital Information Security Policy and Information Security Event Reporting Protocol by
- clarifying what security incidents must be reported to DFSI and when
- extending mandatory reporting requirements to those NSW Government agencies not currently covered by the policy and protocol, including State owned corporations.
DFSI lacks a clear mandate or capability to provide effective detection and response support to agencies, and there is limited sharing of information on cyber security incidents.
DFSI does not currently have a clear mandate and the necessary resources and systems to detect, receive, share and respond to cyber security incidents across the NSW public sector. It does not have a clear mandate to assess whether agencies have an acceptable detection and response capability. It is aware of deficiencies in agencies and across whole‑of‑government, and has begun to conduct research into this capability.
Intelligence gathering across the public sector is also limited, meaning agencies may not respond to threats in a timely manner. DFSI has not allocated resources for gathering of threat intelligence and communicating it across government, although it has begun to build this capacity.
Incident reporting to DFSI is mandatory for most agencies, however, most of our case study agencies do not report incidents to DFSI, reducing the likelihood of containing an incident if it spreads to other agencies. When incidents have been reported, DFSI has not provided dedicated resources to assess them and coordinate the public sector’s response. There are currently no formal requirements for DFSI to respond to incidents and no guidance on what it is meant to do if an incident is reported. The lack of central coordination in incident response risks delays and increased damage to multiple agencies.
DFSI's reporting protocol is weak and does not clearly specify what agencies should report and when. This makes agencies less likely to report incidents. The lack of a standard format for incident reporting and a consistent method for assessing an incident, including the level of risk associated with it, also make it difficult for DFSI to determine an appropriate response.
There are limited avenues for sharing information amongst agencies after incidents have been resolved, meaning the public sector may be losing valuable opportunities to improve its protection and response.
Recommendations
The Department of Finance, Services and Innovation should:
- develop whole‑of‑government procedure, protocol and supporting systems to effectively share reported threats and respond to cyber security incidents impacting multiple agencies, including follow-up and communicating lessons learnt
- develop a means by which agencies can report incidents in a more effective manner, such as a secure online template, that allows for early warnings and standardised details of incidents and remedial advice
- enhance NSW public sector threat intelligence gathering and sharing including formal links with Australian Government security agencies, other states and the private sector
- direct agencies to include standard clauses in contracts requiring IT service providers report all cyber security incidents within a reasonable timeframe
- provide assurance that agencies have appropriate reporting procedures and report to DFSI as required by the policy and protocol by:
- extending the attestation requirement within the DISP to cover procedures and reporting
- reviewing a sample of agencies' incident reporting procedures each year.
Appendix one - Response from agency
Appendix two - ISMS maturity model
Appendix three - About the audit
Appendix four - Performance auditing
Parliamentary reference - Report number #297 - released 2 March 2018
Actions for 2016 - An overview
2016 - An overview
This report focuses on key observations and findings from 2016 audits and highlights key areas of focus for financial and performance audits in 2017.
Financial reporting | |
Observation | Conclusion |
Only one qualified audit opinion was issued on the 2015–16 financial statements of NSW public sector agencies, compared to two in 2014–15. | The quality of financial reporting continued to improve across the NSW public sector. |
More 2015–16 financial statements and audit opinions were signed within three months of the year end. | Timely financial reporting was facilitated by more agencies resolving significant accounting issues early, completing asset valuations on time and compiling sufficient evidence to support financial statement balances. |
NSW Treasury’s early close procedures in 2015–16 were again successful in improving the quality and timeliness of financial reporting, largely facilitated by the early resolution of accounting issues. For 2016–17, NSW Treasury has narrowed the scope of mandatory early close procedures. |
The narrowed scope of mandatory early close procedures may diminish the good performance in ensuring the quality and timeliness of financial reporting achieved in recent years. To mitigate this risk, NSW Treasury has mandated that agencies perform non-financial asset valuations and prepare proforma financial statements in their early close procedures. It also encourages them to continue with the good practices embedded in recent years. |
Although most agencies complied with NSW Treasury’s early close asset revaluation procedures we identified areas where they can improve. | Asset revaluations need to commence early enough to ensure all assets are identified and the results are analysed, recorded and reflected accurately in the early close financial statements. |
Number of misstatements | |||||
Year ended 30 June | 2015-16 | 2014-15 | 2013-14 | 2012-13 | 2011-12 |
Total reported misstatements | 298 | 396 | 459 | 661 | 1,077 |
All material misstatements identified by agencies and audit teams were corrected before the financial statements and audit opinions were signed. A material misstatement relates to an incorrect amount, classification, presentation or disclosure in the financial statements that could reasonably be expected to influence the economic decisions of users.
Significant matters reported to the portfolio Minister, Treasurer and Agency Head
In 2015–16, we reported the following significant matters to the portfolio Minister, Treasurer and agency head in our Statutory Audit Reports:
Appropriate financial controls help ensure the efficient and effective use of resources and the implementation and administration of agency policies. They are essential for quality and timely decision making.
In 2015–16, our audit teams made the following key observations on the financial controls of NSW public sector agencies.
Financial controls | |
Observation | Conclusion |
More needs to be done to implement audit recommendations on a timely basis. We found 212 internal control issues identified in previous audits had not been adequately addressed by 30 June 2016. |
Delays in implementing audit recommendations can impact the quality of financial information and the effectiveness of decision making. Agencies need to ensure they have action plans, timeframes and assigned responsibilities to address recommendations in a timely manner. |
Agencies continue to face challenges managing information security. Most information technology issues we identified related to poor IT user administration in areas like password controls and inappropriate access. | Agencies should review the design and effectiveness of information security controls to ensure data is adequately protected. |
We found shared service provider agreements did not always adequately address information security requirements. |
Where agencies use shared service providers they should consider whether the service level arrangements adequately address information security. |
Thirteen of 108 agencies required to attest to having a minimum set of information security controls did not do so in their 2015 annual reports. | The 'NSW Government Digital Information Security Policy' recognises the growing need for effective information security. With cyber security threats continuing to increase as digital services expand we plan to look at cyber security as part of our 2017–18 performance audit program. |
We identified instances where service level agreements with shared service providers were outdated, signed too late or did not exist. | Corporate and shared service arrangements are more effective when service level arrangements are negotiated and signed in time, clearly detail rights and responsibilities and include meaningful KPIs, fee arrangements and dispute resolution processes. |
Internal controls at GovConnect, the private sector provider of transactional and information technology services to many NSW public sector agencies were ineffective in 2015–16. We found mitigating actions taken to manage transition risks from ServiceFirst to GovConnect were ineffective in ensuring effective control over client transactions and data. | The Department of Finance, Services and Innovation should ensure GovConnect addresses the control deficiencies. It should also examine the breakdowns in the transition of the shared service arrangements and apply the learnings to other services being transitioned to the private sector. |
Maintenance backlogs exist in several NSW public sector agencies, including Roads and Maritime Services, Sydney Trains, NSW Health, the Department of Education and the Department of Justice. | To address backlog maintenance it is important for agencies to have asset lifecycle planning strategies that ensure newly built and existing assets are funded and maintained to a desired service level. |