Refine search Expand filter

Reports

Search filters applied: finance, health, transport AND performance audit AND 2020 AND financial reporting, information technology .

In progress

Actions for Managing cyber risks

Managing cyber risks

Finance
Compliance
Cyber security
Information technology
Internal controls and governance
Risk

Following our 2018 audit of detecting and responding to cyber security incidents, this audit will examine how effectively agencies identify and manage their cyber security risks. This will include consideration of their compliance with the NSW Cyber Security Policy that came into effect in February 2019.

In progress

Actions for WestConnex: Changes since 2014

WestConnex: Changes since 2014

Transport
Compliance
Financial reporting
Infrastructure
Internal controls and governance
Management and administration
Procurement
Project management
Risk
Service delivery

The WestConnex project is a motorway project that will link the M4 and M5 motorways with 33km of new motorway tunnels in Sydney. We conducted a performance audit of the WestConnex business case review process in 2014. Since then, the scope and projects included in WestConnex have changed. This audit will assess whether Transport for NSW and Infrastructure NSW effectively assessed and justified major scope changes to the WestConnex project since December

Planned

Actions for Compliance review: Cybersecurity

Compliance review: Cybersecurity

Community Services
Education
Environment
Finance
Health
Justice
Local Government
Planning
Premier and Cabinet
Industry
Transport
Treasury
Whole of Government
Cyber security
Information technology
Risk

In February 2019 the Department of Finance, Services and Innovation launched the NSW Cyber Security Policy to ensure all NSW Government Departments and Public Service Agencies are managing cyber security risks to their information and systems. The policy mandates a number of requirements that are a minimum that all agencies must implement. In addition agencies must assess their level of cyber maturity. This audit will examine whether agencies are complyi

Planned

Actions for Security and privacy of patient information

Security and privacy of patient information

Health
Cyber security
Information technology
Internal controls and governance
Management and administration
Risk

Local Health Districts manage large volumes of private patient information and have their own systems for data management with differing approaches to data protection. Clinicians in busy hospital environments require timely access to data and systems to effectively treat patients. Increased accessibility may in turn increase the risk of poor data and system security practices. Recent experience in other jurisdictions has also demonstrated that operationa

Planned

Actions for Government Advertising

Government Advertising

Finance
Compliance
Financial reporting
Internal controls and governance
Management and administration
Project management
Service delivery

Under the NSW Government Advertising Act 2011, the Auditor-General is required to undertake a performance audit on government advertising activities undertaken by agencies in each financial year. This audit will examine selected government advertising campaigns approved and/or conducted in 2018–19 and 2019–20.