Refine search

Reports

17 December 2020

Published

Procurement management in Local Government

Local Government

Internal controls and governance

Management and administration

Procurement

Regulation

Service delivery

The Auditor‑General for New South Wales, Margaret Crawford, released a report today examining procurement management in Local Government.

The audit assessed the effectiveness of procurement management practices in six councils. All six councils had procurement management policies that were consistent with legislative requirements, but the audit found compliance gaps in some councils. The audit also identified opportunities for councils to address risks to transparency and accountability, and to ensure value for money is achieved when undertaking procurement.

The Auditor‑General recommended that the Department of Planning, Industry and Environment review the Local Government (General) Regulation 2005 and publish updated and more comprehensive guidance on procurement management for the Local Government sector. The report also generated insights for the Local Government sector on opportunities to strengthen procurement practices.

Effective procurement is important in ensuring councils achieve their objectives, demonstrate value for money and deliver benefits to the community when purchasing goods and services. Procurement also comes with risks and challenges in ensuring the purchased goods and services deliver to expectations. The risks of fraud and conflicts of interest also need to be mitigated.

The legislative requirements related to procurement in the Local Government sector are focused on sourcing and assessing tender offers. These requirements are included in the Local Government Act 1993 (the Act), the Local Government Amendment Act 2019 (the Amendment), the Local Government (General) Regulation 2005 (the Regulation), the Tendering Guidelines for NSW Local Government 2009 (the Tendering Guidelines), the Government Information (Public Access) Act 2009 (the GIPA Act) and the State Records Act 1998.

General requirements and guidance relevant to councils are also available in the Model Code of Conduct for Local Councils in NSW 2018 (the Model Code), the NSW Government Procurement Policy Framework 2019 and in publications by the Independent Commission Against Corruption (ICAC).^₁

Individual councils have developed their own procurement policies and procedures to expand on the legislative requirements. Understandably, these vary to reflect each council’s location, size and procurement needs. Nevertheless, the general principles of effective procurement management (such as transparency and accountability) and risk-mitigating practices (such as segregation of duties and the provision of training) are relevant to all councils.

The Audit Office of New South Wales Report on Local Government 2018 provided a sector-wide summary of aspects of procurement management in Local Government (see Section 2.1 of this report). This audit builds on this state-wide view by examining in detail the effectiveness of procurement management practices in six councils. This report also provides insights on opportunities to strengthen procurement management in the sector.

The selected councils for this audit were Cumberland City Council, Georges River Council, Lockhart Shire Council, Tweed Shire Council, Waverley Council and Wollongong City Council. They were selected to provide a mix of councils of different geographical classifications, sizes, priorities and levels of resourcing.

Conclusion

All six councils had procurement management policies and procedures that were consistent with the legislative requirements for sourcing and assessing tender offers. Their policies and procedures also extended beyond the legislative requirements to cover key aspects of procurement, from planning to completion. In terms of how these policies were applied in practice, the six councils were mostly compliant with legislative requirements and their own policies and procedures, but we found some gaps in compliance in some councils and made specific recommendations on closing these gaps.

There were also opportunities for councils to improve procurement management to mitigate risks to transparency, accountability and value for money. Common gaps in the councils’ procurement management approaches included not requiring procurement needs to be documented at the planning stage, not providing adequate staff training on procurement, not requiring procurement outcomes to be evaluated, and having discrepancies in contract values between contract registers and annual reports. These gaps expose risks to councils’ ability to demonstrate their procurements are justified, well managed, delivering to expectations, and achieving value for money. Chapter three of this report provides insights for the audited councils and the Local Government sector on ways to address these risks

Recommendations

By June 2022, the Department of Planning, Industry and Environment should:
1. publish comprehensive and updated guidance on effective procurement practices – including electronic tender submissions and procurements below the tender threshold
2. review and update the Local Government (General) Regulation 2005 to reflect the increasing use of electronic tender submissions rather than paper copies.
By December 2021, the six audited councils should consider the opportunities to improve procurement management in line with the improvement areas outlined in chapter three of this report.
Cumberland City Council should immediately:
1. ensure contract values are consistent between the contract register and the annual report
2. introduce procedures to ensure supplier performance reviews are conducted as per the council’s policy
Georges River Council should immediately:
1. ensure contract values are consistent between the contract register and the annual report
2. introduce procedures to ensure all the steps up to the awarding of a contract are documented as per the council’s policy
3. introduce procedures to ensure outcome evaluations are conducted as per the council’s policy.
Lockhart Shire Council should immediately:
1. include additional information in the council’s contract register to ensure compliance with Section 29(b), (f), (g), (h) and (i) of the GIPA Act
2. ensure contract values are consistent between the contract register and the annual report.
Waverley Council should immediately ensure contracts are disclosed in the annual report as per Section 217(1)(a2) of the Regulation.

(1) The relevant ICAC publications include: Corruption Risks in NSW Government Procurement – The Management Challenge (2011), Corruption Risks in NSW Government Procurement – Suppliers’ Perception of Corruption (2011) and Corruption Risks in NSW Government Procurement – Recommendations to Government (2011).

While all six councils had procurement policies in place and were generally compliant with legislative requirements, this report has identified common gaps in processes and practices that expose risks to transparency, accountability and value for money.

This section discusses how councils can mitigate risks and ensure the best outcomes are achieved from their procurements.

Documented justification of procurement needs

The ICAC notes that determining what goods and services an agency requires is the first step of procurement, and the scope for corruption in how need is determined is significant. Without documenting how procurement needs have been justified, councils cannot demonstrate that they fulfill business needs, nor how the procurements may link to the councils’ strategic plans to deliver to the community.

This audit found that none of the six councils’ policies required them to document justification of procurement needs, and none did so consistently in practice. Councils can address this gap by building into their procurement planning process a requirement for staff to document the justification of procurement needs. For higher value procurements, this could be extended to include analysis of options, an assessment of risks and defining intended outcomes. Similarly, clearly establishing and documenting how relevant procurements relate to a council’s community strategic plans or operational plans helps ensure transparency.

Although a formal business case may not be required for many procurements (for example, low-value procurements or routine replacements), some form of documented justification for the expenditure should still be kept on record to demonstrate that the procurement relates to business purposes and is needed.

Segregation of duties

Segregation of duties is an effective control for reducing risks of error, fraud and corruption in procurement. It works on the principle that one person should not have end-to-end control of a procurement. Effective segregation of duties also often involves managerial or independent oversight that is built into the process. Four of the audited councils (Cumberland City Council, Georges River Council, Lockhart Shire Council and Wollongong City Council) appropriately addressed segregation of duties in their procurement frameworks. For example:

All procurements in Cumberland City Council required a delegated officer’s approval before commencing, and the requisitioning department is responsible for ensuring the completion of the goods, works or services associated with each contract. For contracts over $50,000, a specific ‘Authority to Procure’ form had to be completed by the requesting staff, signed by an approver and then forwarded to the procurement team.
Reflecting its small size, all procurements in Lockhart Shire Council were managed by one senior staff member. Nevertheless, this staff member had to bring contract management plans to the rest of the Executive Leadership Team for review and discussion, with large contracts such as those above the tender threshold referred to Council for approval.

The ICAC notes that segregation of duties helps to control discretion, which has particular risk implications for some types of procurement.₂This includes those involving low-value and high-volume transactions, restricted tenders, long-standing procurements and ‘pet projects’ (projects advocated by individual staff members). In cases where corruption risks are low, ICAC notes that monitoring staff’s involvement in procurement may be a cost-effective alternative to total segregation of duties.

Assessment of supplier performance

Councils need to monitor and assess supplier performance to ensure suppliers deliver the goods and services as agreed. The audit found that all six councils consistently monitored progress in capital works and for externally funded projects. Contract monitoring in these cases included ensuring timelines, funding, and legislative requirements were met. This is positive, as capital works made up the bulk of procurements (in terms of volume) in all of the audited councils.

That said, in all six councils, the level of scrutiny was lower for other types of procurements, and there is scope for improvement. For instance, the approach to monitoring capital works or externally funded projects could be replicated across other procurements of a similar nature and value. Conducting assessments and keeping records of supplier performance on all procurements does not need to be onerous, but instead provides useful information to inform future decision-making—including by helping ensure supplier pricing remains competitive, and avoiding re-engaging underperforming suppliers.

The NSW Government Procurement Policy Framework requires that NSW Government agencies establish systems and processes jointly with the suppliers to ensure compliance with contract terms and performance requirements. It also advises that agencies should drive continuous improvement and encourage innovation in coordination with suppliers and key stakeholders.

Centralised contract register

Centrally registering a contract provides improved transparency of procurement activities and facilitates monitoring and compliance checks. While councils are already required to maintain a contract register for all contracts above the reporting threshold (as per the GIPA Act), given the threshold is set at a relatively high benchmark ($150,000), there is merit in councils extending the practice to procurements below the reporting threshold. A central and comprehensive register of contracts helps avoid duplication of procurements and re-contracting of underperforming suppliers.

Three of the audited councils (Georges River Council, Tweed Shire Council and Wollongong City Council) had contract register policies that applied to procurements below the reporting threshold during the audited period. For example, Georges River Council required contracts valued at $10,000 or above to be registered with the procurement team, and Tweed Shire Council had a threshold of $50,000.

Evaluation of community outcomes and value for money

Councils may be progressing procurements to fulfill their strategic and business plans, or using them to fulfill commitments to the community. In these instances, outcomes evaluation is an important way to demonstrate to the community that the intended benefits and value for money have been delivered.

Five of the six audited councils did not require evaluations of community outcomes and value for money. While Georges River Council required contracts valued at $50,000 or more to be monitored, evaluated and reported on at least annually throughout the contract and also at its conclusion, in the procurements we examined the only ‘outcome evaluations’ that the council had conducted were community surveys that did not refer to individual procurements. Councils can miss opportunities to understand the impact of their work on the local community if evaluations of procurement outcomes are not completed. Evaluation findings are also valuable in guiding future resource allocation decisions.

Value for money in the procurement of goods and services is more than just having the specified goods delivered or services carried out. The NSW Government Procurement Policy Framework requires that state government agencies track and report benefits to demonstrate how value for money is being delivered. The framework notes that value for money is not necessarily the lowest price, nor the highest quality good or service, but requires a balanced assessment of a range of financial and non-financial factors, such as: quality, cost, fitness for purpose, capability, capacity, risk, total cost of ownership or other relevant factors.

Procurement training

Effective procurement management relies on the capability of staff involved in various stages of the process. Guidance can be provided through training, which is an important element of any procurement management framework. It ensures that staff members are aware of the councils' policies and procedures. If structured appropriately and provided in a timely manner, training can help to standardise practices, ensure compliance, reduce chances of error, and mitigate risks of fraud or corruption.

The ICAC notes that effective procurement management depends on the competence of staff undertaking procurements and the competence of those who oversee procurement activities. As the public sector is characterised by varying levels of procurement expertise, the ICAC notes that the sector would benefit from a structured approach to training and the application of minimum standards.₃

At the time of this audit, only Wollongong City Council addressed staff training requirements in its procurement management framework. Exhibit 8 details its approach.

Exhibit 8: Wollongong City Council's approach to training
Wollongong City Council has a suite of procurement training available for staff, administered by a dedicated staff member who also monitors attendance and training needs
Staff must complete training before they can take part in a procurement or be a member of a tender assessment panel, and the council keeps a list of all accredited staff members.
Staff cannot access procurement files on the council's electronic records management system until they have received training and have been approved for access by the trainer.
Staff must be trained before they can receive a financial delegation.

Source: Audit Office of New South Wales analysis of Wollongong City Council's procurement policies and procedures 2020.

Two of the audited councils have now also introduced procurement training:

Georges River Council implemented online training, which is mandatory for new staff and serves as refresher training for existing staff. The council also provides in-person training for selected staff (covering contract management, contract specification writing and contractor relationship management) and has developed quick reference cards for all staff to increase awareness of the council's procurement processes.
Tweed Shire Council implemented mandatory online training for all staff members. The training covers the council's procurement policy and protocol as well as relevant legislation. It is linked to relevant council documents such as the Procurement Toolkit on the council's intranet, and includes a quiz for which training participants must score at least 80 per cent to have the training marked as completed.

(2) ICAC (2011) Corruption Risks in NSW Government Procurement – The Management Challenge.

(3) ICAC (2011) Corruption Risks in NSW Government Procurement – Recommendations to Government.

Appendix one – Responses from councils and the Department of Planning, Industry and Environment

Appendix two – Councils’ procurement contracts

Appendix three – About the audit

Appendix four – Performance auditing

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Parliamentary reference - Report number #345 - released 17 December 2020

24 November 2020

Published

Internal controls and governance 2020

Education

Environment

Community Services

Finance

Health

Industry

Justice

Premier and Cabinet

Transport

Treasury

Compliance

Cyber security

Information technology

Internal controls and governance

Management and administration

Procurement

The Auditor-General for New South Wales, Margaret Crawford today released her report on the findings and recommendations from the 2019–20 financial audits that relate to internal controls and governance at 40 of the largest agencies in the NSW public sector.

The bushfire and flood emergencies and the COVID‑19 pandemic continue to have a significant impact on the people and public sector of New South Wales. The scale of the government response to these events has been significant. The report focuses on the effectiveness of internal controls and governance processes, including relevant agencies’ response to the emergencies. In particular, the report focuses on:

financial and information technology controls
business continuity and disaster recovery planning arrangements
procurement, including emergency procurement
delegations that support timely and effective decision-making.

Due to the ongoing impact of COVID‑19 agencies have not yet returned to a business‑as‑usual environment. ‘Agencies will need to assess their response to the recent emergencies and update their business continuity, disaster recovery and other business resilience frameworks to reflect the lessons learnt from these events’ the Auditor-General said.

The report noted that special procurement provisions were put in place to allow agencies to better respond to the COVID-19 pandemic. The Auditor-General recommended agencies update their procurement policies to reflect the current requirements of the NSW Procurement Framework and the emergency procurement requirements.

Read the PDF report

This report analyses the internal controls and governance of 40 of the largest agencies in the NSW public sector for the year ended 30 June 2020. These 40 agencies constitute an estimated 85 per cent of total expenditure for all NSW public sector agencies.

1. Internal control trends

New, repeat and high risk findings

Internal control deficiencies increased by 13 per cent compared to last year. This is predominately due to a seven per cent increase in new internal control deficiencies and 24 per cent increase in repeat internal control deficiencies. There were ten high risk findings compared to four last year.

The recent emergencies have consumed agency time and resources and may have contributed to the increase in internal control deficiencies, particularly repeat deficiencies.

Agencies should:

prioritise addressing high-risk findings
address repeat internal control deficiencies by re-setting action plans and timeframes and monitoring the implementation status of recommendations.

Common findings

A number of findings remain common across multiple agencies over the last four years, including:

out of date or missing policies to guide appropriate decisions
poor record keeping and document retention
incomplete or inaccurate centralised registers or gaps in these registers.

2. Information technology controls

IT general controls

We found deficiencies in information security controls over key financial systems including:

user access administration deficiencies relating to inadequate oversight of the granting, review and removal of user access at 53 per cent of agencies
privileged users were not appropriately monitored at 43 per cent of agencies
deficient password controls that did not align to the agency's own password policies at 25 per cent of agencies.

The deficiencies above increase the risk of non-compliance with the NSW Cyber Security Policy, which requires agencies to have processes in place to manage user access, including privileged user access to sensitive information or systems and remove that access once it is not required or employment is terminated.

3. Business continuity and disaster recovery planning

Assessing risks to business continuity and Scenario testing

The response to the recent emergencies and the COVID-19 pandemic has encompassed a wide range of activities, including policy setting, on-going service delivery, safety and availability of staff, availability of IT and other systems and financial management. Agencies were required to activate their business continuity plans in response, and with the continued impact of COVID-19 have not yet returned to a business-as-usual environment.

Our audits focused on the preparedness of agency business continuity and disaster recovery planning arrangements prior to the onset of the COVID-19 pandemic.

We identified deficiencies in agency business continuity and disaster recovery planning arrangements. Twenty-three per cent of agencies had not conducted a business impact analysis (BIA) to identify critical business functions and determine business continuity priorities. Agencies can also improve the content of their BIA. For example, ten per cent of agencies' BIAs did not include recovery time objectives and six per cent of agencies did not identify key IT systems that support critical business functions. Scenario testing improves the effectiveness with which a live crisis is handled, but 40 per cent of agencies had not conducted a business continuity scenario testing exercise in the period from 1 January 2019 to 31 December 2019. There were also opportunities to improve the effectiveness of scenario testing exercises by:

involving key dependent or inter-dependent third parties who support or deliver critical business functions
testing one or more high impact scenarios identified in their business continuity plan
preparing a formalpost-exercise report documenting the outcome of their scenario testing.

Agencies have responded to the recent emergencies but addressing deficiencies will ensure agencies have adequate safeguards in their processes to again respond in the future, if required.

During 2020–21 we plan to conduct a performance audit on 'Business continuity and disaster recovery planning'. This audit will consider the effectiveness of agency business continuity planning arrangements to maintain business continuity through the recent emergencies and/or COVID-19 pandemic and return to a business-as-usual environment. We also plan to conduct a performance audit on whole-of-government 'Coordination of emergency responses'.

Responding to disruptions

We found agencies' governance functions could have been better informed about responses to disruptive incidents that had activated a business continuity or disaster recovery response between 1 January 2019 to 31 December 2019. For instance:

in 89 per cent of instances where a business continuity response was activated, a post-incident review had been performed. In 82 per cent of these instances, the outcomes were reported to a relevant governance or executive management committee

in 95 per cent of instances where a disaster recovery response was activated, a post incident review had been performed. In 86 per cent of these instances, the outcomes were reported to a relevant governance committee or executive management committee.

Examples of recorded incidents included extensive air quality issues and power outages due to bushfires, system and network outages, and infected and hijacked servers.

Agencies should assess their response to the recent emergencies and the COVID-19 pandemic and update business continuity, disaster recovery and other business resilience frameworks to incorporate lessons learned. Agencies should report to those charged with governance on the results and planned actions.

Management review and oversight

Eighty-two per cent and 86 per cent of agencies report to their audit and risk committees (ARC) on their business continuity and disaster recovery planning arrangements, respectively. Only 18 per cent and five per cent of ARCs are briefed on the results of respective scenario testing. Briefing ARCs on the results of scenario testing exercises helps inform their decisions about whether sound and effective business continuity and disaster recovery arrangements have been established.

4. Procurement, including emergency procurement

Policy framework	Agency procurement policies did not capture the requirements of several key NSW Procurement Board Directions (the Directions), increasing the risk of non-compliance with the Directions. We noted: 67 per cent of agencies did specify that procurement above $650,000 must be open to market unless exempt or procured through an existing Whole of Government Scheme or contract 36 per cent of agencies did specify that procurements above $500,000 payable in foreign currencies must be hedged 69 per cent of agencies' policies did specify that the agency head or cluster CFO must authorise the engagement of consultants where the engagement of the supplier does not comply with the standard commercial framework. Recommendation: Agencies should review their procurement policies and guidelines to ensure they capture the key requirements of the NSW Government Procurement Policy Framework, including NSW Procurement Board Directions.
Managing contracts	Eighty-eight per cent of agencies maintain a central contract register to record all details of contracts above $150,000, which is a requirement of GIPA legislation. Of the agencies that maintained registers, 13 per cent did not capture all contracts and eight per cent did not include all relevant contract details. Sixteen per cent of agencies did not periodically review their contract register. Timely review increases compliance with GIPA legislation, and enhances the effectiveness with which procurement business units monitor contract end dates, contract extensions and commence new procurement.
Training and support	Ninety-three per cent of agencies provide training to staff involved in procurement processes, and a further 77 per cent of agencies provide this training on an on-going basis. Of the seven per cent of agencies that had not provided training to staff, we noted gaps in aspects of their procurement activity, including: not conducting value for money assessments prior to renewing or extending the contract with their existing supplier not obtaining approval from a delegated authority to commence the procurement process procurement documentation not specifying certain key details such as the conditions for participation including any financial guarantees and dates for the delivery of goods or supply of services. Training on procurement activities ensures there is effective management of procurement processes to support operational requirements, and compliance with procurement directions.
Procurement activities	While agencies had implemented controls for tender activities above $650,000, 43 per cent of unaccredited agencies did not comply with the NSW Procurement Policy Framework because they had not had their procurement endorsed by an accredited agency within the cluster or by NSW Procurement. This endorsement aims to ensure the procurement is properly planned to deliver a value for money outcome before it commences.
Emergency procurement	As at 30 June 2020, agencies within the scope of this report reported conducting 32,239 emergency procurements with a total contract value of $316,908,485. Emergency procurement activities included the purchase of COVID-19 cleaning and hygiene supplies. The government, through NSW Procurement released the 'COVID-19 Emergency procurement procedure', which relaxed procurement requirements to allow agencies to make COVID-19 emergency procurements. Our review against the emergency procurement measures found most agencies complied with requirements. For example: 95 per cent of agencies documented an assessment of the need for the emergency procurement for the good and/or service 86 per cent of agencies obtained authorisation of the emergency procurement by the agency head or the nominated employee under Public Works and Procurement Regulation 2019 76 per cent of agencies reported the emergency procurement to the NSW Procurement Board. Complying with the procedure helps to ensure government resources are being efficiently, effectively, economically and in accordance with the law. Recommendation: Agency procurement frameworks should be reviewed and updated so they can respond effectively to emergency situations that may arise in the future. This includes: updating procurement policies and guidelines to define an emergency situation, specify who can approve emergency procurement and capture other key requirements using standard templates and documentation to prompt users to capture key requirements, such as needs analysis, supplier selection criteria, price assessment criteria, licence and insurance checks having processes for reporting on emergency procurements to those charged with governance and NSW Procurement.

5. Delegations

Instruments of delegation

We found that agencies have established financial and human resources delegations, but some had not revisited their delegation manuals following the legislative and machinery of government changes. For those agencies impacted by machinery of government changes we noted:

16 per cent of agencies had not updated their financial delegations to reflect the changes
16 per cent of agencies did not update their human resources delegations to reflect the changes.

Delegations manuals are not always complete; 16 per cent of agencies had no delegation for writing off bad debts and 26 per cent of agencies had no delegation for writing off capital assets.

Recommendation: Agencies should ensure their financial and human resources delegation manuals contain regular set review dates and are updated to reflect the Government Sector Finance Act 2018, machinery of government changes and their current organisational structure and roles and responsibilities.

Compliance with delegations

Agencies did not understand or correctly apply the requirements of the Government Sector Finance Act 2018 (GSF Act), resulting in non-compliance with the Act. We found that 18 per cent of agencies spent deemed appropriations without obtaining an authorised delegation from the relevant Minister(s), as required by sections 4.6(1) and 5.5(3) of the GSF Act.

Further detail on this issue will be included in our Auditor-General's Reports to Parliament on Central Agencies, Education, Health and Stronger Communities, which will be tabled throughout December 2020.

Recommendation: Agencies should review financial and human resources delegations to ensure they capture all key functions of laws and regulations, and clearly specify the relevant power or function being conferred on the officer.

6. Status of 2019 recommendations

Progress implementing last year's recommendations

Recommendations were made last year to improve transparency over reporting on gifts and benefits and improve the visibility management and those charged with governance had over actions taken to address conflicts of interest that may arise. This year, we continue to note:

38 per cent of agencies have not updated their gifts and benefits register to include all the key fields required under the minimum standards set by the Public Service Commission
56 per cent of agencies have not provided training to staff and 63 per cent of agencies have not implemented an annual attestation process for senior management
97 per cent of agencies have not published their gifts and benefits register on their website and 41 per cent of agencies are not reporting on trends in the gifts and benefits register to those charged with governance.

While we acknowledge the significance of the recent emergencies, which have consumed agency time and resources, we note limited progress has been made implementing these recommendations. Further detail on the status of implementing all recommendations is in Appendix 2.

Recommendation: Agencies should re-visit the recommendations made in last year's report on internal controls and governance and action these recommendations.

Internal controls are processes, policies and procedures that help agencies to:

operate effectively and efficiently
produce reliable financial reports
comply with laws and regulations
support ethical government.

This chapter outlines the overall trends for agency controls and governance issues, including the number of audit findings, the degree of risk those deficiencies pose to the agency, and a summary of the most common deficiencies we found across agencies. The rest of this report presents this year’s controls and governance findings in more detail.

Section highlights

We identified ten high risk findings, compared to four last year with two findings repeated from the previous year. There was an overall increase of 13 per cent in the number of internal control deficiencies compared to last year due to a seven per cent increase in new internal control deficiencies, and a 24 per cent increase in repeat internal control deficiencies. The recent emergencies have consumed agency time and resources and may have contributed to the increase in internal control deficiencies, particularly repeat deficiencies.

We identified a number of findings that remain common across multiple agencies over the last four years. Some of these findings related to areas that are fundamental to good internal control environments and effective organisational governance. Examples include:

out of date or missing policies to guide appropriate decisions
poor record keeping and document retention
incomplete or inaccurate centralised registers, or gaps in these registers.

Policies, procedures and internal controls should be properly designed, be appropriate for the current organisational structure and its business activities, and work effectively.

This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency controls to manage key financial systems.

Section highlights

Government agencies’ financial reporting is heavily reliant on information technology (IT). We continue to see a high number of deficiencies related to IT general controls, particularly those related to user access administration. These controls are key in adequately protecting IT systems from inappropriate access and misuse.

IT is also important to the delivery of agency services. These systems often provide the data to help monitor the efficiency and effectiveness of agency processes and services they deliver. Our financial audits do not review all agency IT systems. For example, IT systems used to support agency service delivery are generally outside the scope of our financial audit. However, agencies should also consider the relevance of our findings to these systems.

Agencies need to continue to focus on assessing the risks of inappropriate access and misuse and the implementation of controls to adequately protect their systems, focussing on the processes in place to grant, remove and monitor user access, particularly privileged user access.

This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency business continuity and disaster recovery planning arrangements.

Section highlights

We identified deficiencies in agency business continuity and disaster recovery planning arrangements and opportunities for agencies to enhance their business continuity management and disaster recovery planning arrangements. This will better prepare them to respond to a disruption to their critical functions, resulting from an emergency or other serious event. Twenty-three per cent of agencies had not conducted a business impact analysis (BIA) to identify critical business functions and determine business continuity priorities and 40 per cent of agencies had not conducted a business continuity scenario testing exercise in the period from 1 January 2019 to 31 December 2019. Scenario testing improves the effectiveness with which a live crisis is handled.

This section focusses on the preparedness of agency business continuity and disaster recovery planning arrangements prior to the onset of the COVID-19 pandemic. While agencies have responded to the recent emergencies, proactively addressing deficiencies will ensure agencies have adequate safeguards in their processes to again respond in the future, if required.

This chapter outlines our audit observations, conclusions and recommendations, arising from our review of procurement agency procurement policies and procurement activity.

Section highlights

We found agencies have procurement policies in place to manage procurement activity, but the content of these policies was not sufficiently detailed to ensure compliance with NSW Procurement Board Directions (the Directions). The Directions aim to ensure procurement activity achieves value for money and meets the principles of probity and fairness.

Agencies have generally implemented controls over their procurement process. In relation to emergency procurement activity, agencies reported conducting 32,239 emergency procurements with a total contract value of $316,908,485 up to 30 June 2020. Our review of emergency procurement activity conducted during 2019–20 identified areas where some agencies did not fully comply with the 'COVID-19 Emergency procurement procedure'.

We also found not all agencies are maintaining complete and accurate contract registers. This not only increases the risk of non-compliance with GIPA legislation, but also limits the effectiveness of procurement business units to monitor contract end dates, contract extensions and commence new procurement in a timely manner. We noted instances where agencies renewed or extended contracts without going through a competitive tender process during the year.

This chapter outlines our audit observations, conclusions and recommendations, arising from our review of agency compliance with financial and human resources delegations.

Section highlights

We found that agencies are not always regularly reviewing and updating their financial and human resources delegations when there are changes to legislation or other organisational changes within the agency or from machinery of government changes. For example, agencies did not understand or correctly apply the requirements of the GSF Act, resulting in non-compliance with the Act. We found that 18 per cent of agencies spent deemed appropriations without obtaining an authorised delegation from the relevant Minister(s), as required by sections 4.6(1) and 5.5(3) of the GSF Act.

In order for agencies to operate efficiently, make necessary expenditure and human resource decisions quickly and lawfully, particularly in emergency situations, it is important that delegations are kept up to date, provide clear authority to decision makers and are widely communicated.

Appendix one – List of 2020 recommendations

Appendix two – Status of 2019 recommendations

Appendix three – Cluster agencies

Copyright notice

19 November 2020

Published

Government advertising 2018-19 and 2019-20

Whole of Government

Finance

Community Services

Compliance

Management and administration

Procurement

A report released today by the Auditor-General for New South Wales, Margaret Crawford found that select advertising campaigns conducted by Service NSW and the NSW Rural Fire Service met most requirements of the Government Advertising Act, regulations, Guidelines and other laws. However, the audit found that Service NSW inappropriately used its post campaign evaluation to measure sentiment towards and confidence in the NSW Government.

While agency analysis shows that the ‘Cost of Living’ (phases 2 and 3) and ‘How Fireproof is Your Plan?’ campaigns achieved most of their objectives, the campaign objectives and targets set by both agencies were not sufficient to measure all aspects of campaign effectiveness.

The report makes two recommendations to the Department of Customer Service. The first is to review its guidance to ensure agencies are not using post campaign evaluations to measure sentiment towards the government. The second, to review its guidance and the new process of peer review to ensure they support agencies to comply with the Act, the regulations and the Guidelines.

The Government Advertising Act 2011 requires the Auditor General to conduct an annual performance audit of one or more government agencies to see whether their advertising activities were carried out in an effective, economical and efficient manner and in compliance with the Government Advertising Act 2011.

Read full report (PDF)

The Government Advertising Act 2011 (the Act) requires the Auditor-General to conduct a performance audit on the activities of one or more government agencies in relation to government advertising campaigns in each financial year. The performance audit assesses whether a government agency or agencies have carried out activities in relation to government advertising in an effective, economical and efficient manner and in compliance with the Act, the regulations, other laws and the Government Advertising Guidelines (the Guidelines). This audit examined two campaigns run during the 2018–19 and 2019–20 financial years respectively:

the 'Cost of Living' campaign run by Service NSW (phases 2 and 3 delivered in 2018–19)
the 'How Fireproof Is Your Plan?' (Fireproof) campaign run by NSW Rural Fire Service (year two of a three-year campaign delivered in 2019–20).

Section 6 of the Act prohibits political advertising. Under this section, material that is part of a government advertising campaign must not contain the name, voice or image of a minister, member of parliament or a candidate nominated for election to parliament or the name, logo or any slogan of a political party. Further, a campaign must not be designed to influence (directly or indirectly) support for a political party.

Conclusion

Neither campaign breached the prohibition on political advertising contained in section 6 of the Act. While both campaigns met most requirements of the Act, the regulations, other laws and the Guidelines, we identified some instances of non-compliance. Service NSW inappropriately used its post campaign evaluation to measure sentiment towards and confidence in the NSW Government.

Service NSW used its post-campaign evaluation to measure sentiment towards and confidence in the NSW Government. While neither campaign breached the prohibition on political advertising contained in section 6 of the Act, measuring sentiment towards and confidence in the NSW Government is not an appropriate use of the post-campaign evaluation and creates a risk that the results may be used for party political purposes. This risk is heightened as both phases 2 and 3 of the Cost of Living campaign were run immediately before the NSW state election. We have made this finding previously in our report 'Government advertising 2017–18'.

The campaign objectives and targets set by both agencies were not sufficient to fully measure campaign effectiveness. Service NSW advertised seven rebates in phase 2 of the campaign but only set targets for the awareness and uptake of three of these rebates. NSW Rural Fire Service set objectives and targets to be achieved over the life of the three-year campaign but did not set targets to be achieved for each year of the campaign. While the Fireproof campaign is a three-year campaign, each year of the campaign is subject to a separate approval and peer review process.

Agency analysis shows that both campaigns achieved most of their objectives. There was some overlap in the timing of phases 2 and 3 of the Cost of Living campaign and both phases had similar high-level objectives to increase awareness of rebates, making it difficult to evaluate the effectiveness of each distinct campaign phase. NSW Rural Fire Service conducted a post-campaign evaluation for year two of the Fireproof campaign (2019–20) but although this showed positive results against the overall objectives of the three-year campaign, NSW Rural Fire Service did not set specific targets for year two of the campaign, making it difficult to evaluate effectiveness for that year.

Service NSW was not able to demonstrate that its campaign was economical as it directly negotiated with a single supplier for the creative materials for phase 2. This is contrary to the NSW Government's procurement rules which require agencies to obtain three quotes when using suppliers on a prequalification scheme. Service NSW did not comply with its own procurement policy, which restricts Service NSW employees from entering into discussions with a supplier until the appropriate delegate approves a direct procurement. NSW Rural Fire Service achieved cost efficiencies by re-using creative material developed in the first year of the campaign. NSW Rural Fire Service also received $4 million worth of free advertising time and space.

The cost benefit analyses prepared by both agencies did not fully meet the requirements in the Guidelines. Both agencies identified an alternative to advertising but did not assess the costs and benefits of that alternative. We have made this finding previously in our report 'Government advertising 2017–18' and in our report 'Government advertising 2015–16 and 2016–17'.

In 2018–19, Service NSW delivered phases 2 and 3 of the 'Cost of Living' campaign. The Cost of Living advertising campaign aimed to build awareness of the help available to ease the cost of living for people under financial pressure including awareness of specific rebates that can be claimed. As part of the Cost of Living program, Service NSW developed a webpage designed as a single portal to access more than 40 NSW Government savings, rebates and initiatives (which originated from over 12 different agencies). It also launched the Cost of Living service which includes face to face meetings and phone interviews to help people claim rebates from the NSW Government. Phase 2 of the campaign ran from September 2018 to August 2019. Phase 3 of the campaign ran from January 2019 to July 2019. The budgets for phases 2 and 3 were $4.127 million and $934,800 respectively. See Appendix two for more details on this campaign.

Service NSW complied with most requirements of the Act, the Regulations and the Guidelines. Campaign materials that we reviewed did not breach the prohibition on political advertising contained in section 6 of the Act. However, Service NSW used its post-campaign evaluation to measure sentiment towards, and confidence in, the NSW Government. This is not an appropriate use of the post-campaign evaluation and creates a risk that the results may be used for party political purposes. This risk is heightened as both phases 2 and 3 of the Cost of Living campaign were run immediately before the NSW state election.

The post-campaign evaluation shows that the campaign was effective in achieving most of its objectives. However, in phase 2, Service NSW did not set targets for all of the rebates it advertised. There was some overlap in the timing of phases 2 and 3 of the Cost of Living campaign and both phases had similar high-level objectives to increase awareness of rebates, making it difficult to evaluate the effectiveness of each distinct campaign phase.

Service NSW was not able to demonstrate that its campaign was economical as it directly negotiated with a single supplier for the creative materials in phase 2 (total cost $731,480). This is contrary to the NSW Government's procurement rules which require agencies to obtain three quotes when using suppliers on a prequalification scheme where the estimated cost is more than $150,000. Service NSW did not comply with its own procurement policy, which restricts Service NSW employees from entering into discussions with a supplier until the appropriate delegate approves a direct procurement.

The cost benefit analysis for phase 2 did not accurately assess the benefits of the campaign as Service NSW did not know which rebates would be included in the advertisements at the time the cost benefit analysis was developed. The cost benefit analysis for phase 2 did not assess the costs and benefits of alternatives to advertising.

Campaign materials we reviewed did not breach section 6 of the Act

The audit team reviewed campaign materials developed as part of the paid advertising campaign including radio transcripts, digital videos and display. The audit team did not review the use of social media outside paid social media content as section four of the Act defines government advertising as the dissemination of information which is funded by or on behalf of a government agency. See Appendix two for examples of campaign materials for this campaign.

Section 6 of the Act prohibits political advertising as part of a government advertising campaign. A government advertising campaign must not:

be designed to influence (directly or indirectly) support for a political party
contain the name, voice or image of a minister, a member of parliament or a candidate nominated for election to parliament
contain the name, logo, slogan or any other reference to a political party.

The audit found no breaches of section 6 of the Act in the campaign material we reviewed.

Post-campaign evaluations measured sentiment towards and confidence in the NSW Government

The post-campaign evaluation for phases 2 and 3 measured levels of confidence with the statement ‘the NSW Government has your best interests at heart’, despite the fact this was not a stated objective of the campaign. This is not an appropriate use of the post-campaign evaluation, which should measure the success of the campaign against its stated objectives. The post-campaign evaluation for phase 3 found that exposure to the campaign improved sentiment towards the government amongst those who did not have confidence in the NSW Government.

Service NSW advised that it was important to measure the sentiment of the advertising including the wording 'best interests' as it did not want the whole of government brand to be detrimental to customer engagement with applying for the rebates.

Following phase 2, Service NSW conducted analysis of media sentiment using the key words 'cost of living' and the names of the Premier, Treasurer and Minister for Customer Service. The analysis presented the level of positive, negative and neutral media sentiment. The Government Advertising Guidelines 2012 list the purposes that government advertising may serve which do not include improving the perception of the government. The inclusion of this analysis in Service NSW's post-campaign evaluation creates a risk that the results may be used for party political purposes.

Section 10 of the Act restricts agencies from carrying out a campaign after 26 January in the calendar year before the Legislative Assembly is due to expire and before the election for the Legislative Assembly in that year. Service NSW authorised a media agency to book media in line with the media plans for the campaign. The media plans for the campaign show that Service NSW did not authorise or plan to run any advertisements between 27 January 2019 and 23 March 2019.

Service NSW did not set targets for all rebates advertised in phase 2

Service NSW did not set targets for four of the seven rebates that were advertised as part of phase 2 of the campaign. These rebates were the Family Energy Rebate, Appliance Replacement Offer, National Parks Concession Offer and the Pensioner Travel Voucher. As a result, it was unable to evaluate whether the advertisements for these rebates were effective. Service NSW advised that at the time the campaign went to peer review, when campaign objectives are set, it did not know which rebates would be included in the advertisements.

Service NSW stated in its submission to the Department of Premier and Cabinet that it may change the creative content for phase 2 as it announced new initiatives and rebates. The peer review process should have ensured that Service NSW set targets for any additional rebates or savings it intended to advertise before that advertising commenced to ensure a strategic approach to the campaigns that clearly demonstrated anticipated benefits were in place.

The post-campaign evaluation for phase 2 shows that the advertising campaign met most of its objectives

Service NSW set overall campaign objectives and specific targets for some rebates advertised as part of phase 2 of the campaign. The objectives, targets and results for phase 2 are shown in Exhibit 5. In phase 2, Service NSW established baseline data on levels of awareness of government rebates during the peer review process. The baseline level of awareness for government rebates was 44 per cent. The level of awareness for specific rebates was 46 per cent for the Compulsory Third Party (CTP) green slip refund, and 21 per cent for both Active Kids and Toll Relief.

Post-campaign evaluation reports for phase 2 show that the campaign met its objective to raise awareness of NSW Government rebates, achieving a 16 per cent increase in awareness from 44 per cent to 51 per cent. The campaign did not meet its target to increase awareness of the CTP green slip refund by ten per cent.

Service NSW did not report the results of the uptake of the CTP green slip refund, Active Kids and Toll Relief in its post campaign effectiveness report submitted to the Department of Premier and Cabinet. However, other post-campaign evaluation documentation, which Service NSW advise was submitted to the Department of Premier and Cabinet, show that these targets were met.

Service NSW did not report to the Department of Premier and Cabinet on whether it achieved the target of a ten per cent increase of average monthly visits to the Cost of Living webpage. Service NSW reported that it had achieved an average of 11,753 visitors to the webpage per day during the campaign. These average daily results indicate that the target was met.

Exhibit 5: Phase 2 - campaign objectives, targets and results
Campaign objectives and targets	Does the post-campaign evaluation show that the target was met?
1. a) Increase awareness of rebates from the NSW Government by ten per cent.	Image
b) Increase average monthly visits to the Cost of Living webpage by ten per cent.	Image
2. Increase awareness of rebates and savings by ten per cent for:
CTP green slip refund	Image
Active Kids	Image
Toll Relief.	Image
3. Increase awareness that NSW Government initiatives relating to the cost of living are available via Service NSW by ten per cent.	Image
4. Increase the uptake of rebates and savings for the CTP green slip refund, Active Kids and Toll Relief by ten per cent.	Image

Key

Image

Yes

Image

Not Fully

* Some issues with reporting on target.
Source: Service NSW. Audit Office analysis.

The post-campaign evaluation for phase 3 shows that the advertising campaign met most of its objectives

Service NSW set overall campaign objectives and specific targets for the two rebates advertised as part of phase 3 of the campaign. The objectives, targets and results for phase 3 are shown in Exhibit 6.

In phase 3, Service NSW established baseline data on levels of awareness during the peer review process. The baseline level of awareness for government rebates was 44 per cent. This is the same baseline that was used to measure performance for phase 2 of the campaign. Service NSW did not set baselines for awareness and uptake of Energy Switch and Creative Kids as these were new services.

Post-campaign evaluation reports for phase 3 show that the campaign met its objective to raise awareness of NSW Government rebates by ten per cent, achieving a 30 per cent increase in awareness from 44 per cent to 57 per cent. The overall increase in message take-out was met with 43 per cent agreeing with the message that the NSW Government is taking steps to ease the cost of living. The campaign achieved awareness and uptake targets for the specific rebates included in phase 3, except for awareness of Creative Kids which achieved 28 per cent awareness, falling short of the 30 per cent awareness target.

Exhibit 6: Phase 3 - campaign objectives, targets and results
Campaign objectives and targets	Does the post-campaign evaluation show that the target was met?
1. Increase message takeout that ‘The NSW Government is taking steps to help ease the cost of living in NSW’ by ten per cent for those who can recall the campaign.
2. Increase awareness that the NSW Government has a range of rebates and savings by ten per cent.
3. Generate awareness with NSW residents aged 18+ of:
Energy Switch (15 per cent awareness)
Creative Kids (30 per cent awareness).
4. Create uptake of Energy Switch and Creative Kids (8,356 clicks on the Energy Switch website and 107,938 Creative Kids vouchers downloaded with 70 per cent conversion).

Key

Yes

Not Fully

Source: Service NSW. Audit Office analysis.

The timing of campaign phases meant that it was difficult for Service NSW to evaluate each distinct campaign phase and reduced opportunities to incorporate learnings from previous phases

Service NSW commenced planning for phase 2 of the campaign while phase 1 was still underway. This limited the opportunity for Service NSW to incorporate learnings from phase 1 into phase 2. There was some overlap in the timing of phase 2 and the start of phase 3 of the campaign, making it difficult to evaluate the effectiveness of each distinct campaign phase. Both phases 2 and 3 had the same high-level outcome objective to raise awareness of rebates by ten per cent. The baseline measures that were used to evaluate performance for phase 3 were the same as those used to evaluate phase 2. As a result, Service NSW was not able to separately evaluate these two phases of the campaign. This is important given the budgets for phases 2 and 3 were $4.127million and $934,800 respectively.

Service NSW allocated 7.5 per cent of its media budget to communications with culturally and linguistically diverse (CALD) and Aboriginal audiences

The NSW Government CALD and Aboriginal Advertising Policy requires that agencies spend at least 7.5 per cent of an advertising campaign media budget on direct communications with CALD and Aboriginal audiences. Service NSW authorised a media company to book media in line with the media plans for the campaign. The media plans for phases 2 and 3 of the campaign indicate that Service NSW met this requirement, with 7.5 per cent of the budget allocated to these audiences in phase 2 and 10.4 per cent in phase 3.

The post campaign evaluation for phases 1 and 2 of the Cost of Living campaign contained a recommendation to look at other opportunities to reach CALD audiences. Effective communication with CALD audiences was particularly important in phase 3 of the campaign, where they made up 30 per cent of the target audience for the Creative Kids advertisement. The post-campaign analysis for phase 3 showed that the campaign performed well with some, but not all CALD audiences. The post-campaign analysis also showed low awareness and uptake with Aboriginal audiences. Pre-campaign focus groups in phase 3 found Aboriginal audiences had a negative reaction to the campaign tag line ‘NSW Government is helping with the cost of living’ however this tagline was still used in some advertisements in phase 3.

The cost-benefit analysis (CBA) for phase 2 did not accurately assess the benefits of the campaign and did not assess the costs and benefits of alternatives to advertising

Under the Government Advertising Act 2011, agencies are required to prepare a CBA when the cost of the campaign is likely to exceed $1 million. The CBA conducted by Service NSW for phase 2 includes $8 million in benefits attributed to the advertisements for the Energy Switch tool and $6.9 million in benefits attributed to the advertisements for Creative Kids vouchers. These benefits should not have been included in the CBA for phase 2 as they were not included in this phase of the campaign. The CBA did not estimate the benefits of some other rebates and savings advertised in phase 2 of the campaign. This means that the CBA did not accurately assess the benefits of the campaign. Service NSW advised that at the time the CBA was developed it had not selected the rebates to be included in the campaign.

The Government Advertising Guidelines require agencies to consider options other than advertising to achieve the desired objective including a comparison of costs and benefits. The CBA developed as part of phase 2 identified using existing NSW Government communication channels as an alternative to advertising but did not assess the costs and benefits of this alternative.

This is a repeat finding from two previous government advertising audits. The report ‘Government Advertising: 2015–16 and 2016–17’ found that both agencies subject to the audit did not meet the requirements in the guidelines to consider alternatives to advertising. The report made a recommendation to the Department of Premier and Cabinet to work with Treasury to ensure the requirements of the guidelines are fully reflected in the 'Cost-Benefit Analysis Framework for Government Advertising and Information Campaigns'. The report ‘Government advertising 2017–18’ found that one agency subject to the audit did not identify to what extent the benefits could be achieved without advertising, nor did it consider alternatives to advertising which could achieve the same impact as the advertising campaign.

Service NSW negotiated with a single creative agency in phase 2, making it difficult to demonstrate value for money

Agencies are required to obtain three quotes when procuring a creative agency on the prequalification scheme if the estimated cost of the creative content is greater than $150,000. In phase 2 of the campaign, Service NSW extended the contract with the creative agency used for phase 1 of the campaign and did not obtain three quotes despite the cost of the creative content for phase 2 being $731,480. The requirement to obtain three quotes was met in phase 1 when initially selecting this creative agency.

Service NSWs procurement policy details that direct negotiation may be appropriate where there is a compelling reason to renew or rollover a contract beyond temporal or convenience reasons or in the cases of a genuine emergency. In its briefing to the Chief Executive, Service NSW stated that this contract extension was sought due to the time-sensitive nature of the project and that if work was delayed by a tender process, Service NSW may not be able to meet marketing milestones and this could result in limited customer uptake. This reason is not a genuine emergency and is not compelling as it does not explain what consequences would occur if it did not meet the marketing milestones or if there was limited customer uptake.

Service NSW's procurement policy also states that under no circumstances must Service NSW employees enter into discussions with a supplier until the delegate has formally made their decision to enter into direct negotiation. Service NSW briefed the Chief Executive of Service NSW in relation to extending the contract on 5 September 2018. The briefing states that the creative agency had already begun developing creative content for phase 2 and Service NSW had already received quotes from the creative provider for the proposed work prior to 5 September 2018. Procurement sign-offs were not completed until 7 September 2018. The engagement of the creative provider prior to appropriate approvals was contrary to Service NSWs procurement policy.

The economy of the campaign may have been limited by not meeting the procurement requirements in phase 2. It is possible that the creative provider may have offered a more competitive rate if it was aware that Service NSW was seeking quotes from other creative providers. Additionally, it is possible that another creative provider could have provided better value for money.

In phase 3 of the campaign, the estimated cost of the creative exceeded $150,000 however Service NSW chose to contract two different creative agencies, and the cost for each agency fell below the threshold to obtain three quotes. Agencies are permitted to obtain one quote when using a creative provider on the prequalification scheme if the cost is between $50,000 to $150,000. Service NSW advised that it contracted two creative providers as two different project teams were responsible for the rebates, each with separate marketing budgets.

Service NSW allowed sufficient time for cost-efficient media placement

During the peer review process, the Department of Premier and Cabinet advised agencies about the time they should allow to ensure cost-efficient media placement. For example, the Department of Premier and Cabinet advised that agencies book television advertising six to 12 weeks in advance and that agencies book radio advertising two to eight weeks in advance.

Service NSW allowed sufficient time between the completion of the peer review process and the commencement of the first advertising. Service NSW signed the agreement with the approved Media Agency Services provider with sufficient time to achieve cost-efficient media placement for all types of media used in this campaign.

The campaign may have been misleading for some people who were not eligible for rebates

Advertisements we reviewed focused on the amount of savings that could be obtained from rebates, for example ‘Save up to $285’, and ended with a statement ‘To save, visit service.nsw.gov.au. This directed viewers to the Cost of Living website which contains eligibility information. However, the advertisements in phases 2 and 3 we reviewed did not contain any details on the eligibility for these rebates and not all advertisements stated that eligibility criteria apply. Service NSW advised that the eligibility criteria for each rebate is extensive and that it was not possible to include this in the creative material.

Post-campaign evaluations in phase 3 recommended that advertisements for Creative Kids should indicate eligibility (e.g. age criteria) as statements on savings have the potential to be misleading when not all viewers will be eligible for rebates. Social media analysis conducted following phase 2 showed ineligibility or inability to claim rebates or refunds caused anger for some respondents.

Some advertisements in phase 2 stated ‘we've got something for everyone’. However, as rebates were subject to eligibility criteria, it is possible that some residents in NSW would not be eligible for any rebates as part of the Cost of Living initiative. As such, this statement has the potential to be misleading.

The campaign included statements that underestimated the savings that some customers could obtain

The Guidelines require accuracy in the presentation of all facts, statistics, comparisons and other arguments. The Guidelines also require that all claims of fact included in government advertising campaigns must be able to be substantiated.

In phase 2, the possible savings customers could obtain for two rebates or savings exceeded the amounts stated in the advertising campaign. Exhibit 7 shows some advertisements in phase 2 which stated, ‘My Green Slip Saving Save up to $60’. However, the State Insurance Regulatory Authority website shows that savings for some types of motor vehicles under the 2017 CTP scheme exceed $60. The State Insurance Regulatory Authority website states that the average saving under this scheme has been $129. Service NSW advised that these advertisements were designed for regional markets and that it used different advertisements for metropolitan areas which contained different amounts of savings.

Some advertisements in phase 2 stated, ‘My Toll Relief save up to $700’. The Service NSW website states that drivers can obtain free vehicle registration if they have spent $1,352 or more in tolls in the previous financial year. The cost of registration for some vehicles exceeds $700. This means the savings detailed in the advertisement were lower than what some customers could actually save.

NSW Rural Fire Service conducted the 'How FireProof Is Your Plan?' (Fireproof) campaign. The Fireproof campaign is a three-year campaign which ran in 2018–19 (year one), 2019–20 (year two) and is planned for 2020–21 (year three). This audit examined year two of the campaign (2019–20).

The Fireproof campaign is a public safety campaign encouraging people to plan and prepare for bush fires across the summer period. The campaign aims to improve the quality of bush fire planning and preparation in the community and decrease the impact of fires on the community when they occur.

The Fireproof campaign (year two) complied with most requirements of the Act, the Regulations and the Guidelines. The campaign materials that we reviewed did not breach the prohibition on political advertising contained in section 6 of the Act. NSW Rural Fire Service set objectives and targets to be achieved over the life of the three-year Fireproof campaign. Post-campaign evaluation shows that the Fireproof campaign was effective in achieving increases against its three-year objectives during year two. However, NSW Rural Fire Service did not set targets to be achieved for each year of the campaign, making it difficult to evaluate the effectiveness of year two of the campaign. NSW Rural Fire Service achieved cost efficiencies by re-using creative material developed in the first year of the campaign. NSW Rural Fire Service received $4 million worth of free advertising time and space. The cost benefit analysis for the Fireproof campaign did not assess the costs and benefits of alternatives to advertising.

Campaign materials we reviewed did not breach section 6 of the Act

The audit team reviewed campaign materials developed as part of the paid advertising campaign for example radio advertisements, television commercials and digital displays. The audit team did not review the use of social media outside paid social media content as section four of the Act defines government advertising as the dissemination of information which is funded by or on behalf of a government agency. Examples of campaign materials are shown in Appendix two.

Section 6 of the Act prohibits political advertising as part of a government advertising campaign. A government advertising campaign must not:

be designed to influence (directly or indirectly) support for a political party
contain the name, voice or image of a minister, a member of parliament or a candidate nominated for election to parliament
contain the name, logo, slogan or any other reference to a political party.

The audit found no breaches of section 6 of the Act in the campaign material we reviewed.

NSW Rural Fire Service did not set targets for the second year of the campaign

The second year of the Fireproof campaign (2019–20) had the same objectives as the first year of the campaign (2018–19), however no specific targets were set for the second year. The advertising submission for the first year of the campaign (2018–19) details the targets for each objective as an increase of ten per cent against the baseline data to be achieved by March 2021, at the end of the three-year campaign.

The second year of the Fireproof campaign (2019–20) was one of the first campaigns approved under the new budget and peer review processes introduced by the Department of Customer Service in 2019–20. The new process for peer review introduced a new template for campaign submissions. The former template for campaign submissions contained more prompts for agencies to ensure the submission contained sufficient detail of campaign objectives, baseline measures, targets, dates for measurement and detail on how they would measure objectives. Despite this, the peer review process should have identified that NSW Rural Fire Service did not set targets for the second year of the campaign.

The 2016 Guidelines for Implementing NSW Government Evaluation Framework for Advertising and Communications requires campaign objectives to be SMART (specific, measurable, achievable, realistic and timed). NSW Rural Fire Service did not meet this requirement for year two of the Fireproof campaign.

Post-campaign evaluations showed increases against four out of five objectives, however there were no specific targets

NSW Rural Fire Service set three campaign objectives at the time it submitted the second year of the campaign (2019–20) to the Department of Customer Service for peer review. However, the post-campaign effectiveness report submitted to the Department of Customer Service measured campaign effectiveness against five campaign objectives. The objectives in the post-campaign effectiveness report were the same objectives set for the first year of the campaign, which is appropriate as this was a repeat campaign.

NSW Rural Fire Service achieved increases against four of their five objectives. However, as noted above there were no specific targets (such as percentage increases) against which performance of the 2019–20 campaign could be measured. Despite this, at the end of the second year, the Fireproof campaign had already achieved some of the targets that NSW Rural Fire Service had set for the end of the third year of the campaign. The post-campaign research showed that both audience recall and exposure to the campaign increased significantly from the prior year. The campaign objectives and results are shown in Exhibit 8.

For those people who already have a bush fire plan, the campaign aimed to increase the number of those plans which have included two or more elements from the Guide to Making a Bush Fire Survival Plan. Elements from the Guide to Making A Bush Fire Survival Plan include actions such as deciding what to take with you if you leave, ensuring you have the right equipment for defending your home and allocating responsibilities to members of a household. The post-campaign evaluation showed that the campaign did not achieve an increase against this objective for people who planned to stay and defend their property rather than leave.

Exhibit 8: Campaign objectives and results
Campaign objectives	Does the post-campaign evaluation show increases against the objective?
1. Continue to increase the number of people that have discussed and/or written a plan with regards to what they will do in the event of a fire.
2. Of those who indicate they have a plan, increase the number of people who have included two or more elements from the Guide to Making a Bush Fire Survival Plan:
for those who plan to leave
for those who plan to stay and defend.
3. Increase the frequency in completing preparation activities around a person’s property.
4. Increase the number of people who correctly assess it is their responsibility to complete preparation activities and enact their plan without direct intervention from emergency services.
5. Visits to MyFirePlan website.

Key

Yes

Source: NSW Rural Fire Service. Audit Office analysis.

NSW Rural Fire Service achieved cost efficiencies by reusing creative content developed in the first year of the campaign

Total creative and production costs incurred in year one of the campaign were $1.08 million. Rather than commissioning new creative materials, NSW Rural Fire Service re-used the same creative content in year two of the campaign. NSW Rural Fire Service incurred $100,000 in creative and production costs in year two of the campaign and achieved cost-efficiencies by reusing the same creative developed in the prior year.

NSW Rural Fire Service allowed sufficient time for cost-efficient media placement and received free media placements

The Department of Customer Service advises agencies to work with media contacts to book media in advance to ensure a cost-efficient placement. Prior to 2019–20, the Department of Premier and Cabinet provided suggested timeframes for agencies to book media as part of the peer review process. For example, it advised agencies to book television six to 12 weeks in advance and book radio advertising two to eight weeks in advance. NSW Rural Fire Service allowed sufficient time for a cost-efficient media placement.

NSW Rural Fire Service received $4 million of free advertising time and space donated by media companies due to the extent and impact of the 2019–20 fire season.

The cost benefit analysis (CBA) did not assess the costs and benefits of alternatives to advertising

Under the Government Advertising Act 2011, agencies are required to prepare a CBA when the cost of the campaign is likely to exceed $1 million. As part of the CBA, the Government Advertising Guidelines require agencies to consider options other than advertising to achieve the desired objective including a comparison of costs and benefits.

The CBA for the Fireproof campaign (year two) notes that the proposed campaign is one component of a broader community engagement strategy which has been developed over time and is based on research and evaluation. The CBA considers two options to achieve the objectives of the campaign. The first option is community engagement activities without an advertising campaign and the second option is community engagement activities alongside an advertising campaign. The CBA does not identify and assess the costs and benefits of both of the options in order to assess the most cost-efficient option.

Appendix one – Responses from agencies

Appendix two – About the campaigns

Appendix three – About the audit

Appendix four – Performance auditing

Copyright notice

Parliamentary reference - Report number #342 - released 19 November 2020

3 September 2020

Published

Credit card management in Local Government

Local Government

Internal controls and governance

Management and administration

Procurement

Risk

The Auditor-General for New South Wales, Margaret Crawford, released a report today examining credit card management in Local Government.

The audit was in response to a letter from the then Minister for Local Government in November 2018. The audit assessed the effectiveness of credit card management practices in six councils, including in the areas of policies, procedures, compliance and monitoring.

The audit found that all six councils had gaps in their credit card policies and procedures. The Auditor-General recommended that the Department of Planning, Industry and Environment publish guidelines on credit card management for the Local Government sector. The report also generated insights for the Local Government sector with respect to credit card management.

Read full report (PDF)

In 2018–19, all councils responding to an Audit Office survey (representing over 90 per cent of the sector) indicated they issued credit cards to staff members to make work-related purchases. As there are no sector-wide requirements or policies for credit card use and management in Local Government, councils have developed their credit card management frameworks to suit their own needs. The quality of credit card policies and procedures may therefore vary across the sector.

Credit cards are an efficient means of payment, especially for low-value purchases. Compared to the use of petty cash, credit card transactions provide better transparency and accountability for expenditure. By using credit cards, councils only need to make one payment each month, which can reduce the time spent on paying separate vendors, as in the case of purchase orders.

This audit assessed the effectiveness of credit card management practices in six councils: Dubbo Regional Council, Junee Shire Council, Lane Cove Council, Nambucca Valley Council, Penrith City Council and Shellharbour City Council. The councils selected represent a mix of rural, regional and metropolitan councils. They were also among the top ten users of credit cards within their geographical classification, in terms of the number of credit cards issued or the number of transactions per credit card.

This audit referenced the NSW Treasury's Policy and Guidelines Paper TPP17–09 'Use and Management of NSW Government Purchasing Cards', as its principles and recommendations for NSW Government agencies are relevant for councils.

The Audit Office of New South Wales Report on Local Government 2019 provided a high-level overview of credit card management across the sector. While over 90 per cent of councils reported that they had a credit card policy and a credit card acquittal process, the quality of these policies and procedures may vary across the sector as there is no standardised or recommended approach to credit card management for Local Government. This audit complements the Report on Local Government 2019 by providing a detailed discussion of the effectiveness of credit card management practices in councils.

Audit conclusion

All six audited councils had important gaps in their credit card policies and procedures. Their reconciliation of credit card transactions needs to be enhanced to enable detection of potential misuse or fraud.

The audit found important gaps in each of the six audited councils' credit card management practices. Their policies and procedures covered the essential aspects of credit card use and management, but a lack of coverage or clarity in some areas could lead to inconsistent and inappropriate use of credit cards. These areas included: eligibility to hold a credit card, aligning credit card limits with financial delegations, and the reconciliation procedures.

While all six councils conducted reconciliations of credit card transactions, the processes need to be enhanced to enable detection of potential misuse or fraud. Reconciliations had focused solely on verifying receipts, and did not require evidence of business-related purposes, even for transactions such as alcohol purchases or spending at entertainment venues. Five of the six councils also did not include compliance checks in their reconciliation process, such as checking that purchases were not for restricted items.

The level of senior management involvement in monitoring credit card use varied across the six councils. Three of the six councils did not generate regular reports for management oversight. Five of the six councils had no plans for internal audits or targeted reviews of credit card management and use.

Council staff provided with a credit card can purchase from a wide range of businesses, including online transactions with overseas vendors. However, councils may limit the types of purchases that staff can make through their policies and procedures or by setting controls that block certain transaction types such as cash advances. To examine credit card usage, the audit obtained credit card transaction data from 1 July 2016 to 30 June 2019 for the six councils in this review. The data included:

transaction date
amount
merchant category code (MCC)
merchant name.

The audit analysed the number and value of transactions by each council, and the types of purchases made using credit cards.

The existence of a documented approach to managing credit cards ensures transparency and consistency of use within the council. A credit card management framework that contains preventative and detective controls can also minimise risks of fraud, misuse and wastage.

There is no prescribed credit card management framework for Local Government, but typical components of a credit card management framework include:

policies and procedures
guidance for staff
monitoring and reporting.

With no detailed guidance notes similar to those in TPP17–09 for NSW Government, councils have developed their own credit card management framework based on their size, structure, resources and intended credit card usage. For instance, the size of a council has implications for the number of credit cards issued, which in turn influences the arrangements for training and guidance provided to cardholders and approvers.

The intended level of credit card usage may determine whether a council adopts a manual or electronic credit card management system and councils should identify the system that best meets their needs. For instance, a council with few credit cards may not be able to justify investment in an electronic system. On the other hand, a manual system may only be viable for councils with a low number of credit cards and a low number of transactions.

Among the six councils audited, the three councils with fewer cards and a lower number of transactions had a manual credit card management system, while the three councils with more cards and a higher number of transactions used an electronic system.

Exhibit 10 summarises the six councils' policies on use of credit cards.

Exhibit 10: Overview of the six councils' policies on credit card use
Council	Audit Office classification	Number of staff (full-time equivalent)	Number of credit cards issued (current at August 2019)	Policy on credit card use
Dubbo Regional Council	Regional	453	77	Purchase cards are used for official council business up to $5,000 and the policy allows cardholders to delegate the use of their purchase cards to other staff members.
Junee Shire Council	Rural	71	1	Corporate credit cards are for council business activities and minor purchases where a purchase order is not accepted. Items that can be purchased via a purchase order should not be purchased on a corporate credit card.
Lane Cove Council	Metropolitan	192	6	Corporate credit cards are for official council business, but should not be used when there is an alternative form of payment that aligns with the council's purchasing process.
Nambucca Valley Council	Rural	110	37	Purchase cards are used for the payment of goods and services associated with council businesses.
Penrith City Council	Metropolitan	1,031	167	Purchase cards are used for ‘low value and low risk procurement of goods and services’, while corporate cards are held by senior staff for ‘non-routine low value work related purchases’.
Shellharbour City Council	Regional	372	65	Credit cards are for purchases up to $9,999 and the preferred payment method for transactions under $1,000.

Source: Audit Office of New South Wales analysis of council credit card registers, policies and procedures 2020; staff numbers from Office of Local Government's 'Your Council' website, except for Junee Shire Council which comes from their Workforce Plan 2020–24.

While it is important for councils to have an established credit card management framework, it is equally important that they ensure compliance in practice. This chapter examines councils' credit card management practices – how well staff members were complying with policies and procedures, and how effective their credit card controls were. The chapter is structured to cover:

preventative controls (embedded in the issuance, use and cancellation of cards) that prevent fraud and misuse
detective controls (embedded in reconciliation and record keeping) that assist in detecting fraud and misuse.

Where ineffective credit card management practices are identified, councils should reflect on whether they need to more closely monitor compliance, or whether there are fundamental deficiencies in their policies and procedures that need to be refined.

Dubbo Regional Council had gaps in its credit card policy and procedures. It allowed cardholders to share their credit card with other staff members, which complicated credit card management, increased the risk of misuse and fraud, and breached its agreement with the credit card issuer. The council's reconciliation of credit card transactions needs to be enhanced to ensure it can review compliance with policy and detect potential misuse or fraud.

Dubbo Regional Council had 77 credit cards at the time of the audit. The council's policy on credit card sharing violated its agreement with the card issuer that each credit card should be for the respective cardholder's use only. Credit card sharing also increases the risk of misuse and fraud.

The council's credit card policy and procedures lacked clarity in several areas. The eligibility criteria were broad and there was a risk of inconsistency in granting approvals, especially since the council gave approval delegations to multiple senior staff members. The policy and procedures also lacked guidance on the reconciliation of the general manager's credit card and the management of Cabcharge.

The audit identified gaps in the council's credit card management practices. While the council had a clear policy on financial delegations, there was no evidence that credit card limits were monitored in line with financial delegations. The credit card register contained inaccurate information, and the council was also unable to provide records of certain transactions requested for review by the audit.

The council's credit card reconciliation process needs to be enhanced to enable detection of potential misuse or fraud. It did not include compliance checks or reviewing the business-related purpose of transactions. Purchases of restricted items such as fuel, meals and entertainment were not accompanied by evidence of need or exemption. Travel expenses were not checked against travel pre-approval forms. The audit also identified instances of split transactions. The council provided no evidence of the finance team's involvement in the reconciliation of credit card transactions.

Senior management oversight of credit card use was lacking, as the council did not produce reports on credit card use. There was also no evidence that the internal auditor had undertaken monitoring activities as required in the credit card policy.

Recommendations

Dubbo Regional Council should immediately:

1. amend its credit card policy to prevent cardholders from sharing their credit card with other staff.

By December 2020, Dubbo Regional Council should:

2. clarify in the credit card policy and procedures:

eligibility criteria for a credit card
reconciliation arrangements for the general manager’s credit card
Cabcharge management policy and procedures

3. ensure that credit card management practices include:

monitoring credit card limits in line with financial delegations
considering the use of credit card blocks
keeping the credit card register are up-to-date, accurate and complete
maintaining complete and accurate records

4. ensure reconciliation involves:

scrutinising business-related purposes and incident details of transactions
keeping a record of the finance team's review of transactions
reviewing transactions against travel pre-approval forms (where applicable)
recording vehicle details and mileage when credit cards are used in place of fuel cards
checking that there are no split transactions

5. ensure there is ongoing senior management oversight of credit card use

6. ensure the internal auditor undertakes monitoring activities as specified in the credit card policy.

Junee Shire Council had gaps in its credit card policy and procedures. The council's reconciliation of credit card transactions needs to be enhanced to ensure it can review compliance with policy and detect potential misuse or fraud.

Junee Shire Council had only one credit card, held by the general manager, at the time of the audit. Staff members could seek approval from the general manager to purchase using the credit card. This raises concerns of credit card sharing, which would be a violation of the council's agreement with its credit card issuer. Credit card sharing also increases the risk of misuse and fraud.

The council had fuel cards and store cards for use by staff members. However, its credit card policy and procedures did not cover the management of these types of cards. The lack of documented rules and guidance increases the risk of misuse and fraud.

The audit identified other gaps in the council's credit card management practices:

the credit card limit was not monitored in line with financial delegation
there was a lack of targeted guidance for the approver (the mayor) in reconciliation
the council was unable to provide records of certain transactions requested for review by the audit
the council did not review its credit card policy according to schedule.

The council's credit card reconciliation process needs to be enhanced to enable detection of potential misuse or fraud. It did not include reviewing the business-related purpose of transactions. The council also provided no evidence of the finance team's involvement in the reconciliation of credit card transactions.

As the cardholder, the general manager reviewed all transactions every month. As the approver, the mayor (or deputy mayor) had to sign off on these transactions. Hence, there was sufficient management oversight of the council's credit card use. However, there was a lack of periodic review of the council's credit card use, as it was not included in the council's forward program of internal audits.

Recommendations

Junee Shire Council should immediately:

1. amend its credit card policy to prevent cardholders from sharing their credit card with other staff.

By December 2020, Junee Shire Council should:

2. clarify in the credit card policy and procedures:

fuel card management policy and procedures
store card management policy and procedures

3. ensure that credit card management practices include:

monitoring credit card limits in line with financial delegations
considering the use of credit card blocks
providing approvers with targeted guidance
maintaining complete and accurate records

4. ensure reconciliation involves:

scrutinising business-related purposes and incident details of transactions
keeping a record of the finance team's review of transactions
checking travel pre-approval forms (where applicable)
recording vehicle details and mileage when credit cards are used in place of fuel cards
checking that there are no split transactions

5. develop a plan for periodic reviews (e.g. internal audit) of credit card use and management

6. ensure its credit card policy and procedures are reviewed according to schedule.

Lane Cove Council had gaps in its credit card policy and procedures. The council's reconciliation of credit card transactions needs to be enhanced to ensure it can review compliance with policy and detect potential misuse or fraud.

Lane Cove Council had six credit cards, held by the most senior staff members, at the time of the audit. During our interviews, cardholders advised that they had shared their credit card with reporting staff. Credit card sharing is a violation of the council's agreement with its credit card issuer, and it also increases the risk of misuse and fraud.

The council's credit card policy lacked clarity in several areas. While the general manager had delegation to authorise the issue of credit cards, the policy did not specify any eligibility criteria. The policy and procedures also lacked guidance on the reconciliation of the general manager's credit card and the management of fuel cards and store cards.

The audit identified gaps in the council's credit card management practices. There was no evidence that credit card limits were monitored in line with financial delegations. The credit card register contained inaccurate information, and the council was also unable to provide records of certain transactions requested for review by the audit.

The council's credit card reconciliation process needs to be enhanced to enable detection of potential misuse or fraud. The process also did not include compliance checks or reviewing the business-related purpose of transactions. Purchases of restricted items such as fuel and fine payments were not accompanied by adequate justification. There was a lack of targeted guidance for approvers in reconciliation, and the council only evidenced the finance team's involvement in an administrative capacity (i.e. entering data into the journals).

Senior management oversight of credit card use was lacking. Although the credit card policy referred to management reporting, the council had not been producing such reports at the time of the audit. Management reporting was implemented in December 2019 following our discussions. There was a lack of periodic review of the council's credit card use, as it was not included in the council's forward program of internal audits.

The council has adopted a new Management Directive in January 2020, which has clarified the eligibility criteria for credit cards.

Recommendations

Lane Cove Council should immediately:

1. amend its credit card policy to prevent cardholders from sharing their credit card with other staff.

By December 2020, Lane Cove Council should:

2. clarify in the credit card policy and procedures:

reconciliation arrangements for the general manager’s credit card
fuel card management policy and procedures
store card management policy and procedures

3. ensure that credit card management practices include:

monitoring credit card limits in line with financial delegations
considering the use of credit card blocks
providing approvers with targeted guidance
keeping the credit card register up-to-date, accurate and complete
maintaining complete and accurate records

4. ensure reconciliation involves:

scrutinising business-related purposes and incident details of transactions
keeping a record of the finance team's review of transactions
checking travel pre-approval forms (where applicable)
recording vehicle details and mileage when credit cards are used in place of fuel cards

5. develop a plan for periodic reviews (e.g. internal audit) of credit card use and management.

Nambucca Valley Council had gaps in its credit card policy and procedures. The council's reconciliation of credit card transactions needs to be enhanced to ensure it can review compliance with policy and detect potential misuse or fraud.

Nambucca Valley Council had 37 credit cards at the time of the audit. During our interviews, cardholders described instances of credit card sharing within the council. Credit card sharing is a violation of the council's agreement with its credit card issuer, and it also increases the risk of misuse and fraud.

The council's credit card policy lacked clarity in several areas. While the general manager had delegation to authorise the issue of credit cards, the policy did not specify any eligibility criteria. The policy and procedures lacked guidance on the management of fuel cards, store cards and Cabcharge. The policy also lacked coverage of the reconciliation arrangements for the general manager's credit card as the general manager did not hold a credit card. While the policy did not preclude the mayor and the general manager from holding a credit card, both opted not to do so.

The audit identified gaps in the council's credit card management practices. There was no evidence that credit card limits were monitored in line with financial delegations. The credit card register contained inaccurate information, and there was insufficient control in handling staff departures, as the audit identified one incident where a credit card was returned after the staff member's last day.

The council's credit card reconciliation process needs to be enhanced to enable detection of potential misuse or fraud. The process also did not include adequate compliance checks or reviewing the business-related purpose of transactions. Purchases of restricted items such as fuel and the use of third-party travel websites were not accompanied by adequate justification. Travel expenses were not checked against travel pre-approval forms. The audit also identified instances of split transactions.

Senior management oversight of credit card use was insufficient, as the council had been producing reports for only one manager for his department at the time of the audit. Management reporting for the Chief Finance Officer was implemented following our discussions. There was a lack of periodic review of the council's credit card use, as it was not included in the council's forward program of internal audits.

The audit acknowledges that the council had revised its credit card procedures following our discussions to address our preliminary findings. The council has also set additional credit card blocks in response to this audit. The recommendations below contain only the outstanding items.

Recommendations

Nambucca Valley Council should immediately:

1. ensure cardholders stop sharing their credit card with other staff.

By December 2020, Nambucca Valley Council should:

2. clarify in the credit card policy and procedures:

reconciliation arrangements for the general manager’s credit card (should the policy continue to allow the general manager to have one)
fuel card management policy and procedures

3. ensure that credit card management practices include:

monitoring credit card limits in line with financial delegations
keeping the credit card register up-to-date, accurate and complete

4. ensure reconciliation involves:

scrutinising business-related purposes and incident details of transactions
checking travel pre-approval forms (where applicable)
recording vehicle details and mileage when credit cards are used in place of fuel cards
checking that there are no split transactions

5. develop a plan for periodic reviews (e.g. internal audit) of credit card use and management.

Penrith City Council had gaps in its credit card policy and procedures. The council's reconciliation of credit card transactions needs to be enhanced to ensure it can review compliance with policy and detect potential misuse or fraud.

Penrith City Council had 167 credit cards at the time of the audit. During our interviews, cardholders described instances of credit card sharing within the council. Credit card sharing is a violation of the council's agreement with its credit card issuer, and it also increases the risk of misuse and fraud.

The audit identified gaps in the council's credit card policy and procedures. There was no documented arrangement for the reconciliation of the general manager's credit card. There was also no guidance on the management of Cabcharge. The credit card register contained inaccurate information, and the council was also unable to provide records of certain transactions requested for review by the audit.

The council's credit card reconciliation process needs to be enhanced to enable detection of potential misuse or fraud. The process did not include adequate compliance checks or reviewing the business-related purpose of transactions. The council's policy required prior approval for conferences, accommodation or meal expenses. However, there was no evidence that such approvals were checked during credit card reconciliation. The audit also identified instances of split transactions.

The council implemented monthly reporting for managers in July 2019.

There was a lack of periodic review of the council's credit card use, as it was not included in the council's forward program of internal audits.

Recommendations

Penrith City Council should immediately:

1. ensure cardholders stop sharing their credit card with other staff.

By December 2020, Penrith City Council should:

2. clarify in the credit card policy and procedures

reconciliation arrangements for the general manager’s credit card
Cabcharge management policy and procedures

3. ensure that credit card management practices include:

considering the use of credit card blocks
keeping the credit card register up-to-date, accurate and complete
maintaining complete and accurate records

4. ensure reconciliation involves:

scrutinising business-related purposes and incident details of transactions
keeping a record of the finance team's review of transactions
checking travel pre-approval forms (where applicable)
recording vehicle details and mileage when credit cards are used in place of fuel cards
checking that there are no split transactions

5. develop a plan for periodic reviews (e.g. internal audit) of credit card use and management.

Shellharbour City Council had gaps in its credit card policy and procedures. The council's reconciliation of credit card transactions needs to be enhanced to ensure it can review compliance with policy and detect potential misuse or fraud.

Shellharbour City Council had 65 credit cards at the time of the audit. During our interviews, cardholders described instances of credit card sharing within the council. Credit card sharing is a violation of the council's agreement with its credit card issuer, and it also increases the risk of misuse and fraud.

The council's credit card policy lacked clarity in several areas. While the general manager had delegation to authorise the issue of credit cards, the policy did not specify any eligibility criteria. The council did not align credit card limits with financial delegations, and while blocking codes were used, there was no explanation in the policy or procedures. Although the mayor and general manager's credit card transactions were reviewed during the council's monthly Executive Leadership Team meetings, the policy and procedures lacked guidance on the reconciliation of their credit cards. The council also did not have sufficiently detailed documentation for the management of fuel cards.

The audit identified gaps in the council's credit card management practices:

The council's training material had not been updated following the review of its credit card policy and procedures.
The credit card register contained inaccurate information.
The council was unable to provide records of certain transactions requested for review by the audit.
The council did not review its credit card policy according to schedule.

The council's credit card reconciliation process needs to be enhanced to enable detection of potential misuse or fraud. The process did not include compliance checks or reviewing the business-related purpose of transactions. Purchases of restricted items, such as fuel and fine payments, were not accompanied by adequate justification. The audit identified instances of split transactions, and travel or conference approval forms were also not checked during reconciliation. There was a lack of targeted guidance for approvers in reconciliation, and the council also provided no evidence of the finance team's involvement in the reconciliation of credit card transactions.

The council's Executive Leadership Team was involved in the monthly review of credit card transactions, hence there was management oversight of credit card use. However, there was a lack of periodic review of the council's credit card use, as it was not included in the council's forward program of internal audits.

Recommendations

Shellharbour City Council should immediately:

1. ensure cardholders stop sharing their credit card with other staff.

By December 2020, Shellharbour City Council should:

2. clarify in the credit card policy and procedures:

eligibility criteria for a credit card
the use of blocking codes
reconciliation arrangements for the general manager’s credit card
fuel card management policy and procedures (with more details)

3. ensure that credit card management practices include:

monitoring credit card limits in line with financial delegations
providing approvers with targeted guidance
keeping the credit card register up-to-date, accurate and complete
maintaining complete and accurate records
updating the training material to reflect the latest policy and procedures

4. ensure reconciliation involves:

scrutinising business-related purposes and incident details of transactions
keeping a record of the finance team's review of transactions
checking travel pre-approval forms (where applicable)
recording vehicle details and mileage when credit cards are used in place of fuel cards
ensuring no split transactions

5. develop a plan for periodic reviews (e.g. internal audit) of credit card use and management

6. ensure its credit card policy and procedures are reviewed according to schedule.

Appendix one – Responses from councils and the Department of Planning, Industry and Environment

Appendix two – About the audit

Appendix three – Performance auditing

Copyright notice

Parliamentary reference - Report number #340 - released 3 September 2020

4 June 2020

Published

Universities 2019 audits

Universities

Cyber security

Financial reporting

Internal controls and governance

Procurement

This report contains findings on the results of financial audits of NSW universities for the year ended 31 December 2019.

All ten NSW universities received unqualified audit opinions. The 2019 financial results for universities are reported as at 31 December and reflect results from operations before the impact of the COVID‑19 pandemic.

The combined revenues for all NSW universities increased by $381 million to $11.4 billion in 2019, driven by increases in student revenues. Revenue from overseas students continued to grow faster than that from domestic students and contributed $3.6 billion in course fees to NSW universities in 2019.

Overseas students from the top three countries of origin, being China, India and Nepal, represented 72.4 per cent of all enrolments of overseas students and 65.4 per cent of all overseas student revenues for 2019. Revenue from students from these three countries comprised 40.9 per cent of total student revenues for all NSW universities, creating a considerable concentration risk for NSW universities.

The COVID‑19 pandemic may significantly impact the financial results of NSW universities in 2020. NSW universities provided data on COVID‑19 impacted student enrolments for semester one 2020. Overall numbers of student enrolments in semester one 2020 were 5.8 per cent beneath projections. Overseas student enrolments were 13.8 per cent beneath expectations and domestic student enrolments were 2.4 per cent below expectations.

The report makes recommendations to the NSW universities, aimed at strengthening controls over information technology, cyber security, validating published performance information, procurement practices and the oversight of their overseas controlled entities' legal and policy compliance functions.

Read full report (PDF)

This report analyses the results of our audits of the financial statements of the ten NSW universities for the year ended 31 December 2019. The table below summarises our key observations.

1. Financial reporting

Financial reporting	The 2019 financial statements of all ten NSW universities received unmodified audit opinions. One controlled entity of the Western Sydney University received a qualified audit opinion. Five NSW universities finalised their audited financial statements this year on or before the date they did last year. New accounting standards, which changed how universities report income and treat operating leases, became effective from 1 January 2019.
Sources of revenue from operations	Government grants as a proportion of the total income of NSW universities continued to decrease. Fee revenue from overseas students continued to grow faster than fees from domestic students. Forty-one per cent of NSW universities' total student revenue came from overseas students from three countries. Five NSW universities increased the proportion of revenue they receive from overseas students from a single country. Two universities sourced over 73 per cent of their total overseas student revenue from students from a single country of origin in 2019.
Other revenues	Two universities attracted over 69.5 per cent of the total philanthropic revenue of $174 million received by all NSW universities in 2019.
Operating expenditures	Combined total operating expenditure for NSW universities increased to $9.9 billion in 2019, a rise of 5.2 per cent from 2018.
Current ratio	At 31 December 2019, five NSW universities had a current ratio of less than one, meaning those universities need to actively manage their cash to meet current obligations.
Controlled entities	All six NSW universities with overseas controlled entities have devolved responsibility for governance and legislative compliance to their overseas controlled entities. Recommendation (repeat issue): NSW universities should strengthen their governance arrangements to oversight their overseas controlled entities' legal and policy compliance functions.
COVID-19 impacts and responses	The 2019 financial results for universities are reported as at 31 December. Consequently, the results for the 2019 year were unaffected by the impact of the COVID-19 pandemic. NSW universities provided data on the COVID-19 impacted student enrolments for semester one 2020. Overall numbers of student enrolments were 5.8 per cent beneath projections. Overseas student enrolments were 13.8 per cent beneath expectations and domestic student enrolments were 2.4 per cent beneath expectations. NSW universities are responding to the challenges presented by COVID-19 by moving course delivery online, expanding student support and introducing cost saving measures.

2. Internal controls and governance

Internal control findings	Our audits identified 108 internal control deficiencies in 2019 (99 in 2018). Gaps in information technology (IT) controls comprised the majority of these deficiencies. Deficiencies included a lack of sufficient user access reviews, inadequate review and approval of change management processes, and issues with password settings. We identified one high risk financial control deficiency at the University of New South Wales, which resulted in the University providing for a potential underpayment of casual staff salaries. NSW universities continue to implement recommendations arising from 35 findings raised in previous years.
Performance reporting	Five NSW universities still do not have formal processes to internally review and validate performance information published in their annual reports. Recommendation (repeat issue): NSW universities should strengthen processes to review and validate published performance information.
Cyber security	Two universities have not yet implemented a cyber risk policy and three universities have not formally trained staff in cyber awareness. Recommendation (repeat issue): NSW universities should strengthen cyber security frameworks and controls to protect sensitive data and prevent financial and reputational losses.
Management of IT service providers	NSW universities have contracts with vendors to support their computer systems. Five universities have not formally established frameworks to manage these contracts. Poor contract management can compound risks associated with IT control deficiencies.
Data breach management	Universities are required to maintain the privacy of sensitive data which, if disclosed or used inappropriately, could result in harm to individuals, financial loss, or loss of intellectual property. Two NSW universities have not established formal policies to manage data breaches.
Procurement	All universities have a procurement policy. Most universities have a documented procurement manual and contact management policy. Recommendation: NSW universities should review their procurement and contract management policies and procedures to ensure that they are relevant and effective in reducing risk and improving purchasing outcomes.

3. Teaching and research

Graduate employment outcomes

Eight out of ten NSW universities exceeded the national average for full-time employment rates of their undergraduates in 2019. Six universities performed better than the national average for full-time employment outcomes of their postgraduates in 2019.

Student enrolments by field of education

Enrolments at NSW universities increased the most in Management and Commerce courses in 2019.

Achieving diversity outcomes

Five universities in 2018 (five in 2017) met the target enrolment rate for students from low socio-economic status (SES) backgrounds.

Eight universities increased enrolments of students from Aboriginal and Torres Strait Islander backgrounds in 2018.

This report provides Parliament with the results of our financial audits of New South Wales universities and their controlled entities in 2019, including our analysis, observations and recommendations in the following areas:

financial reporting
internal controls and governance
teaching and research.

Financial reporting is an important element of governance. Confidence and transparency in university sector decision making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations on the financial reporting of NSW universities for 2019.

Appropriate and robust internal controls help reduce risks associated with managing finances, compliance and administration of NSW universities.

This chapter outlines the internal controls related observations and insights across NSW universities for 2019, including overall trends in findings, level of risk and implications.

Our audits do not review all aspects of internal controls and governance every year. The more significant issues and risks are included in this chapter. These along with the less significant ones are reported to universities for them to address.

Universities' primary objectives are teaching and research. They invest most of their resources to achieve quality outcomes in academia and student experience. Universities have committed to achieving certain government targets and compete to advance their reputation and international and Australian rankings.

This chapter outlines teaching and research outcomes for NSW universities for 2019.

Appendix one – List of 2019 recommendations

Appendix two – Status of 2018 recommendations

Appendix three – NSW universities’ controlled entities and associated entities

Copyright notice

2 June 2020

Published

Funding enhancements for police technology

Justice

Community Services

Information technology

Management and administration

Procurement

Project management

This report focuses on how the NSW Police Force managed a $100 million program to acquire new technology. The program invested in technologies intended to make police work safer and quicker. These included body-worn video (BWV) cameras, smart phone devices, mobile fingerprint scanners and hand-held drug testing devices.

The audit found that while the NSW Police Force mostly managed the ‘Policing for Tomorrow’ program effectively, investment decision making could be improved in the future. The NSW Police Force missed an opportunity to take a whole-of-organisation approach to identify capability gaps and target the acquired technologies to plug these.

The NSW Police Force has processes in place to monitor the benefits of some of the larger technology, but it does not do this consistently for all procured technology. It could not demonstrate that smaller projects are improving the efficiency or effectiveness of policing.

The audit also found that the NSW Police Force does not routinely engage with external stakeholders on the use or impacts of new technology that changes how officers interact with the public, noting that this will not always be possible for particularly sensitive procurements that involve covert technologies or methodologies.

The Auditor-General made three recommendations to guide improvement of NSW Police Force ICT procurement, benefits management and stakeholder engagement processes.

Read full report (PDF)

Ahead of the March 2015 election, the NSW Government announced a $100 million Policing for Tomorrow fund for the NSW Police Force to acquire technology intended to make police work safer and quicker. The announcement committed the NSW Police Force to several investment priorities, including body-worn video (BWV) cameras, smart phone devices (MobiPOL), mobile fingerprint scanners and hand-held drug testing devices. Otherwise, the NSW Police Force was allowed flexibility in identifying and resourcing suitable projects.

This audit assessed whether the Policing for Tomorrow fund was effectively managed to improve policing in New South Wales. We addressed the audit objective with the following audit questions:

Did the NSW Police Force efficiently and effectively identify, acquire, implement and maintain technology resourced by the fund?
Did the NSW Police Force establish effective governance arrangements for administering the fund, and for monitoring expected benefits and unintended consequences?
Did technology implemented under the fund improve the efficiency and effectiveness of policing in New South Wales?

Conclusion

The NSW Police Force's management of the Policing for Tomorrow fund was mostly effective. There are measures in place to assess the impact of the technologies on the efficiency and effectiveness of policing in NSW. However, these measures are not in place for all technologies funded by Policing for Tomorrow. A strategic whole-of-organisation approach to identifying and filling technology capability gaps may have assisted in better targeting funds and managing expected benefits.

The NSW Police Force identified, acquired, implemented and maintained a range of technologies resourced by the fund in an efficient and effective way. The election announcement committed the NSW Police Force to four specific projects which made up over three quarters of the fund value. Investment decisions for remaining funds were driven by the availability of funding and individual technology requirements rather than targeting improved policing outcomes and the capability necessary to achieve these.

The NSW Police Force missed an opportunity to take a whole-of-organisation approach to selecting technology projects for the remainder of the funds where it had discretion. This may have included considering less obvious back office technology or making different investment decisions driven by gaps in the agency's technology capabilities.

The NSW Police Force used effective governance arrangements for administering the Policing for Tomorrow fund, including using its existing ICT Executive Board. The NSW Police Force has adequate processes in place to drive benefits and monitor the impact of technology on the efficiency and effectiveness of policing for the larger projects funded by Policing for Tomorrow. Further work is required to ensure this for smaller projects.

The NSW Police Force tends to consider only impacts on the organisation in managing benefits and identifying unintended consequences. It does not routinely engage proactively with stakeholders, including partner criminal justice agencies and members of the community, on new technology that changes how police interact with the public.

We examined how effectively the NSW Police Force governed the Policing for Tomorrow fund, to ensure that key accountability and decision-making arrangements were in place to direct the $100 million spend to appropriate technologies. We also assessed how the NSW Police Force acquired, implemented and maintained technology funded by Policing for Tomorrow to determine the effectiveness of the relevant asset management.

The Policing for Tomorrow election commitment aimed to invest in technology to ‘make police work safer and quicker – meaning more time on the street combatting crime’. We assessed whether the NSW Police Force ensured that funded technologies have improved policing efficiency and effectiveness. We did not seek to independently assure the benefits or outcomes resulting from the technologies.

Appendix one – Response from agency

Appendix two – Policing for Tomorrow projects and expenditure

Appendix three – About the audit

Appendix four – Performance auditing

Copyright notice

Parliamentary reference - Report number #334 - released 2 June 2020

9 April 2020

Published

Destination NSW's support for major events

Treasury

Financial reporting

Management and administration

Procurement

Project management

Service delivery

This report focuses on whether Destination NSW (DNSW) can demonstrate that its support for major events achieves value for money.

The audit found that DNSW’s processes for assessing and evaluating the major events it funds are mostly effective, but its public reporting does not provide enough transparency.

DNSW provides clear information to event organisers seeking funding and has a comprehensive methodology for conducting detailed event assessments. However, the reasons for decisions to progress events from the initial assessment to the detailed assessment stage are not documented in sufficient detail.

DNSW does not publish detailed information about the events it funds or the outcomes of these events. This means that members of the public are unable to see whether its activities achieve value for money. However, DNSW’s internal reporting to its key decision‑makers, including the CEO, the Board and the Minister is appropriate.

The Auditor-General made four recommendations to DNSW, aimed at improving the transparency of its activities, improving the documentation of decisions and certain compliance matters, and streamlining its approach to assessing and evaluating events that receive smaller amounts of funding.

Read full report (PDF)

Destination NSW (DNSW) provides funding to attract a range of major events to New South Wales, including high-profile professional sports matches and tournaments, musicals, art and museum exhibitions, and participation-focused events such as festivals and sports events that members of the public can enter. The NSW Government's rationale for providing funding is to encourage event organisers to hold events in New South Wales, and to ensure that events held in New South Wales maximise the potential for attracting overseas and interstate visitors.

This audit assessed whether DNSW can demonstrate that its support for major events achieves value for money. In making this assessment, the audit examined whether:

DNSW effectively assesses proposals to support major events
DNSW effectively evaluates the impact of its support for major events.

This audit focused on DNSW's work to attract major events to New South Wales. It did not assess DNSW's tourism promotion or development work, which includes developing tourism strategies, marketing and advertising campaigns, national and international partnerships, and regional programs.

Conclusion

Destination NSW's processes for assessing event applications and evaluating its support for major events are mostly effective. DNSW's internal systems allow it to know whether its decisions are achieving value for money. Its public reporting does not provide enough information about its activities and their outcomes, although it is consistent with that of equivalent organisations in other Australian jurisdictions.

DNSW's process for assessing applications for funding from organisers of major events is mostly effective. Clear information is provided to event organisers seeking funding, and DNSW has a comprehensive methodology for conducting detailed event assessments. However, the reasons for decisions to progress events from the initial assessment to the detailed assessment stage are not documented in sufficient detail.

DNSW has a framework for disclosure and monitoring staff conflicts of interest. However, its forms for staff to disclose conflicts of interest on specific events they are working on are ambiguous. DNSW's management of gifts and benefits broadly complies with the minimum standards set by the Public Service Commission, but there are some gaps in its implementation of these.

DNSW conducts an evaluation of each major event it supports. DNSW articulates expected outcomes in contracts with event organisers and uses a sound methodology to evaluate events. Internal reporting to its key decision-makers, including the CEO, the Board and the Minister is appropriate. However, DNSW does not publish detailed information about the events it funds or the outcomes of these events. This means that members of the public are unable to see whether its activities achieve value for money.

Appendix one – Response from Destination NSW

Appendix two – About the audit

Appendix three – Performance auditing

Copyright Notice

Parliamentary reference - Report number #332 - released 9 April 2020.

5 March 2020

Published

Report on Local Government 2019

Local Government

Asset valuation

Cyber security

Financial reporting

Information technology

Infrastructure

Internal controls and governance

Management and administration

Procurement

Project management

Service delivery

Shared services and collaboration

Workforce and capability

I am pleased to present my third report to the Parliament on the 2019 audits of local government councils in New South Wales.

This report notes that unqualified audit opinions were issued on the 2018–19 financial statements of 134 councils and 11 joint organisations. The opinion for one council was disclaimed and three audits are yet to complete.

The report also highlights improvements I have seen in financial reporting and governance arrangements across councils. Fewer errors were identified. More councils have audit, risk and improvement committees and internal audit functions. Risk management practices, including fraud control systems, have also improved.

These are very pleasing indicators of the gradual strengthening of governance and financial oversight of the sector. I want to acknowledge the investment councils have made in working with the Audit Office to improve consistency of practice and accountability generally.

Of course there is more work to do, particularly to prepare for new accounting standards and to strengthen controls over information technology and cyber security management. Asset management practices can also be improved. This report provides some guidance to council on these matters and we will continue to partner with the Office of Local Government in the Department of Planning, Industry and Environment to support good practice.

Margaret Crawford

Auditor-General
5 March 2020

This report focuses on key observations and findings from the 2018–19 financial audits of councils and joint organisations.

Unqualified audit opinions were issued on the financial statements for 134 councils and 11 joint organisations. The audit opinion for Bayside’s 2017–18 and 2018–19 financial statements were disclaimed. Three audits are still in progress and will be included in next year’s report.

The report highlights a number of areas where there has been improvement. There was a reduction in errors identified in council financial statements and high risk issues reported in audit management letters. More councils have audit, risk and improvement committees and internal audit functions. Risk management practices and fraud control systems have also improved.

The report also found that councils could do more to be better prepared for the new accounting standards, asset management practices could be strengthened, and information technology controls and cyber security management could be improved.

The Auditor-General recommended that the Office of Local Government within the Department of Planning, Industry and Environment develop a cyber security policy by 30 June 2021 to ensure a consistent response to cyber security risks across councils.

Read the PDF Report

Financial reporting is an important element of good governance. Confidence in and transparency of public sector decision making is enhanced when financial reporting is accurate and timely. Strong financial performance provides the platform for councils to deliver services and respond to community needs.

This chapter outlines our audit observations on the financial reporting and performance of councils and joint organisations.

Section highlights

There was a reduction in the number and dollar value of errors identified in councils' financial statements.
We continue to identify prior period errors, which are predominantly asset-related.
Unqualified audit opinions were issued for 99 per cent of completed audits for councils and joint organisations.
Three audits remain outstanding, with the outcomes to be reported in next year's Report to Parliament.
Seventy-nine per cent of councils and joint organisations lodged their financial reports by 31 October 2019.
Councils that performed some early reporting procedures achieved better outcomes in terms of the quality and timeliness of financial reporting.
Councils are at various levels of preparedness to implement the new accounting standards for the 2019–20 financial year. Some have made the necessary modifications to systems and processes, but others are still assessing impacts.
Most councils met the prescribed benchmarks for the liquidity and working capital performance measures over the past three years.
More councils reported negative operating performance compared with the prior year, meaning their operating expenditure exceeded their operating revenue.

Strong governance systems and internal controls help councils to operate effectively and efficiently, produce reliable financial reports, comply with laws and regulations and support ethical government.

This chapter outlines the overall trends related to governance and internal control issues across councils and joint organisations for 2018–19.

Section highlights

While the total number of issues reported in our management letters increased compared with the prior year, the total number of high risk issues have decreased. Of the high-risk issues, 41 per cent were deficiencies in information technology controls.
More councils have established audit, risk and improvement committees and internal audit functions.
Councils have improved risk management practices, with over 75 per cent of councils now having a risk management policy and register.
While most councils have policies and processes to manage gifts and benefits, we identified some instances of non-compliance with the Model Code of Conduct.
Most councils have policies and processes to manage the use of credit cards.
Councils can strengthen policies and practices for managing fraud controls and legislative compliance.
There are further opportunities for councils to improve internal controls over revenue, purchasing, payroll, cash, financial accounting and governance processes.

Councils rely on information technology (IT) to deliver services and manage information. While IT delivers considerable benefits, it also presents risks that council needs to address.

In prior years, we reported that councils need to improve IT governance and controls to manage key financial systems. This chapter outlines the progress made by councils in the management of key IT risks and controls, with an added focus on cyber security.

Section highlights

We continue to report deficiencies in information technology controls, particularly around user access management. These controls are key to ensuring IT systems are protected from inappropriate access and misuse.
Many councils do not have IT policies and procedures and others do not identify, monitor or report on IT risks.
Cyber security management requires improvement, with some basic elements of governance not yet in place for many councils.

Councils are responsible for managing a significant range of assets to deliver services on behalf of the community.

This chapter outlines our asset management observations across councils and joint organisations.

Section highlights

There was an increase in the total number of issues reported in our management letters for asset management processes.
There were less high-risk issues reported compared to the previous year.
We continue to identify discrepancies between the council's Crown land asset records and the Crown Land Information Database (CLID) managed by the former Department of Industry (DOI).
Inconsistent practices remain across the Local Government sector in accounting for landfill sites.

Appendix one – Response from the Office of Local Government within the Department of Planning, Industry and Environment

Appendix two – Status of 2018 recommendations

Appendix three – Status of audits

Copyright notice

6 December 2016

Published

Planning and Environment 2016

Planning

Environment

Asset valuation

Compliance

Financial reporting

Fraud

Information technology

Internal controls and governance

Project management

Auditor-General, Margaret Crawford released a report on the planning and environment cluster today, concluding that the quality of financial reporting is improving. However, the cluster can improve its financial controls and governance framework.

17 November 2016

Published

Family and Community Services 2016

Community Services

Asset valuation

Compliance

Financial reporting

Fraud

Information technology

Internal controls and governance

Project management

Risk

The Family and Community Services report was released today by the Acting Deputy Auditor-General. Financial reporting within the cluster continues to improve but there are opportunities to improve governance and performance reporting.

Audit progress

Sector

Year

Report type

Topic

Reports

Recommendations

Documented justification of procurement needs

Segregation of duties

Assessment of supplier performance

Centralised contract register

Evaluation of community outcomes and value for money

Procurement training

1. Internal control trends

2. Information technology controls

3. Business continuity and disaster recovery planning

4. Procurement, including emergency procurement

5. Delegations

6. Status of 2019 recommendations

Conclusion

Campaign materials we reviewed did not breach section 6 of the Act

Post-campaign evaluations measured sentiment towards and confidence in the NSW Government

Service NSW did not set targets for all rebates advertised in phase 2

The post-campaign evaluation for phase 2 shows that the advertising campaign met most of its objectives

The post-campaign evaluation for phase 3 shows that the advertising campaign met most of its objectives

The timing of campaign phases meant that it was difficult for Service NSW to evaluate each distinct campaign phase and reduced opportunities to incorporate learnings from previous phases

Service NSW allocated 7.5 per cent of its media budget to communications with culturally and linguistically diverse (CALD) and Aboriginal audiences

The cost-benefit analysis (CBA) for phase 2 did not accurately assess the benefits of the campaign and did not assess the costs and benefits of alternatives to advertising

Service NSW negotiated with a single creative agency in phase 2, making it difficult to demonstrate value for money

Service NSW allowed sufficient time for cost-efficient media placement

The campaign may have been misleading for some people who were not eligible for rebates

The campaign included statements that underestimated the savings that some customers could obtain

Campaign materials we reviewed did not breach section 6 of the Act

NSW Rural Fire Service did not set targets for the second year of the campaign

Post-campaign evaluations showed increases against four out of five objectives, however there were no specific targets

NSW Rural Fire Service achieved cost efficiencies by reusing creative content developed in the first year of the campaign

NSW Rural Fire Service allowed sufficient time for cost-efficient media placement and received free media placements

The cost benefit analysis (CBA) did not assess the costs and benefits of alternatives to advertising

Audit conclusion

Recommendations

Recommendations

Lane Cove Council had gaps in its credit card policy and procedures. The council's reconciliation of credit card transactions needs to be enhanced to ensure it can review compliance with policy and detect potential misuse or fraud.

Recommendations

Nambucca Valley Council had gaps in its credit card policy and procedures. The council's reconciliation of credit card transactions needs to be enhanced to ensure it can review compliance with policy and detect potential misuse or fraud.

Recommendations

Penrith City Council had gaps in its credit card policy and procedures. The council's reconciliation of credit card transactions needs to be enhanced to ensure it can review compliance with policy and detect potential misuse or fraud.

Recommendations

Shellharbour City Council had gaps in its credit card policy and procedures. The council's reconciliation of credit card transactions needs to be enhanced to ensure it can review compliance with policy and detect potential misuse or fraud.

Recommendations

1. Financial reporting

2. Internal controls and governance

3. Teaching and research

Conclusion

Section highlights

Section highlights

Section highlights

Section highlights