Refine search Expand filter

Audit progress

- Any -

Sector

- Any -

Year

- Any -

Report type

- Any -

Topic

- Any -

Reports

Published

Cyber security in local government

Local Government
Cyber security
Information technology
Internal controls and governance
Management and administration
Risk

What this report is about

NSW local councils provide a wide range of essential services and infrastructure to their communities and are increasingly reliant on digital technologies.

Councils need to manage cyber security risks to ensure their information, data and systems are appropriately safeguarded. Councils also need to be prepared to detect, respond and recover when a cyber security incident occurs.

The audit assessed how effectively three selected councils identified and managed cyber security risks.

The audit also included the Department of Planning, Housing and Infrastructure (Office of Local Government) and Department of Customer Service (Cyber Security NSW), due to their roles in providing guidance and support to local councils.

Audit findings

The audit found that the selected councils are not effectively identifying and managing cyber security risks. Each of the councils undertook activities to improve their cyber security during the audit period, but this audit found significant gaps in their cyber security risk management and cyber security processes.

Such gaps result in unmitigated risks to the security of information and assets which, if compromised, could impact their local communities, service delivery and public infrastructure.

Cyber Security NSW and the Office of Local Government recommend that councils adopt requirements in the Cyber Security Guidelines for Local Government, but could do more to monitor whether the Guidelines are enabling better cyber security risk management in the sector.

Audit recommendations

In summary, the councils should:

  • integrate assessment and monitoring of cyber security risks into corporate governance processes
  • self-assess their performance against Cyber Security NSW's guidelines for local government
  • develop and implement a risk-based cyber security improvement plan and program of activities
  • develop, implement and test a cyber incident response plan.

Cyber Security NSW and the Office of Local Government should regularly consult on cyber security risks facing local government, and review the effectiveness of guidelines and related resources for the sector.

While this report focuses on the performance of the selected councils, the findings and recommendations should be considered by all councils to better understand their risks and challenges relevant to managing cyber security risks.

 

Read the PDF report

Parliamentary reference - Report number #392- released 26 March 2024

Published

Local Government 2023

Local Government
Asset valuation
Cyber security
Financial reporting
Fraud
Information technology
Internal controls and governance

What this report is about

Results of the local government sector financial statement audits for the year ended 30 June 2023.

Findings

Unqualified audit opinions were issued for 85 councils, eight county councils and 12 joint organisations.

Qualified audit opinions were issued for 36 councils due to non-recognition of rural firefighting equipment vested under section 119(2) of the Rural Fires Act 1997.

The audits of seven councils, one county council and one joint organisation remain in progress at the date of this report due to significant accounting issues.

Fifty councils, county councils and joint organisations missed the statutory deadline of submitting their financial statements to the Office of Local Government, within the Department of Planning, Housing and Infrastructure, by 31 October.

Audit management letters included 1,131 findings with 40% being repeat findings and 91 findings being high-risk. Governance, asset management and information technology continue to represent 65% of the key areas for improvement.

Fifty councils do not have basic governance and internal controls to manage cyber security.

Recommendations

To improve quality and timeliness of financial reporting, councils should:

  • adopt early financial reporting procedures, including asset valuations
  • ensure integrity and completeness of asset source records
  • perform procedures to confirm completeness, accuracy and condition of vested rural firefighting equipment.

To improve internal controls, councils should:

  • track progress of implementing audit recommendations, and prioritise high-risk repeat issues
  • continue to focus on cyber security governance and controls.

 

Read the PDF report

Published

Regulation insights

Environment
Finance
Health
Local Government
Planning
Whole of Government
Compliance
Cyber security
Internal controls and governance
Management and administration
Procurement
Regulation
Risk

What this report is about

In this report, we present findings and recommendations relevant to regulation from selected reports between 2018 and 2024.

This analysis includes performance audits, compliance audits and the outcomes of financial audits.

Effective regulation is necessary to ensure compliance with the law as well as to promote positive social and economic outcomes and minimise risks with certain activities.

The report is a resource for public sector leaders. It provides insights into the challenges and opportunities for more effective regulation.

Audit findings

The analysis of findings and recommendations is structured around four key themes related to effective regulation:

  • governance and accountability
  • processes and procedures
  • data and information management
  • support and guidance.

The report draws from this analysis to present insights for agencies to promote effective regulation. It also includes relevant examples from recent audit reports.

In this report, we also draw out insights for agencies that provide a public sector stewardship role.

The report highlights the need for agencies to communicate a clear regulatory approach. It also emphasises the need to have a consistent regulatory approach, supported by robust information about risks and accompanied with timely and proportionate responses.

The report highlights the need to provide relevant support to regulated parties to facilitate compliance and the importance of transparency through reporting of meaningful regulatory information.

 

Read the PDF report

Published

Transport 2023

Transport
Whole of Government
Asset valuation
Compliance
Financial reporting
Information technology
Infrastructure
Internal controls and governance
Management and administration
Procurement
Risk

What this report is about

Result of the Transport portfolio of agencies' financial statement audits for the year ended 30 June 2023.

The audit found

Unqualified audit opinions were issued for all Transport portfolio agencies.

An 'emphasis of matter' paragraph was included in the Transport Asset Holding Entity of New South Wales' (TAHE) independent auditor's report, which draws attention to management's disclosure regarding proposed changes to TAHE's operating model.

Government's decision to convert TAHE into a non-commercial Public Non-Financial Corporation may impact the future valuation and the control of TAHE's assets.

Transport for NSW's valuation of roads and bridges resulted in a net increase to its asset value by $15.7 billion.

Transport for NSW and Sydney Metro have capitalised over $300 million of tender bid costs paid to unsuccessful tender bidders relating to significant infrastructure projects. Whilst NSW Treasury policy provides clarity on the reimbursement of unsuccessful bidders' costs, clearer guidance on how to account for these costs in agency's financial statements is required.

The key audit issues were

The number of issues reported to management decreased from 53 in 2021–22 to 49 in 2022–23.

High-risk findings include:

  • gaps in how Sydney Metro manages its contractors and how conflicts of interest are recorded and managed
  • future financial reporting implications to account for government's proposed changes to TAHE's future operating model, including asset valuations and control assessments of assets and operations
  • Parramatta Park Trust's tree assets' valuation methodology needs to be addressed.

Recommendations were made to address the identified deficiencies.

This report provides Parliament and other users of the Transport portfolio of agencies’ financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

  • financial reporting
  • audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Transport portfolio of agencies (the portfolio) for 2023.

Section highlights

  • Unqualified audit opinions were issued on all the portfolio agencies’ 30 June 2023 financial statements.
  • An 'Emphasis of Matter' paragraph was included in the Transport Asset Holding Entity of New South Wales’ (TAHE) Independent Auditor's Report to draw attention to management's disclosure regarding the proposed changes to TAHE's future operating model.
  • The total number of errors (including corrected and uncorrected) in the financial statements increased by 59% compared to the prior year.
  • The recent government's decision to convert TAHE into a non-commercial Public Non-Financial Corporation may impact the future valuation and the control of TAHE’s assets.
  • Transport for NSW needs to further improve its quality assurance processes over comprehensive valuations, in particular, ensuring key inputs used in the valuations are properly supported and verified.
  • Transport for NSW and Sydney Metro capitalised over $300 million of bid costs paid to unsuccessful bidders. NSW Treasury’s Bid Cost Contributions Policy does not contemplate how these costs should be recognised in agency’s financial statements. Transport agencies should work with NSW Treasury to develop an accounting policy for the bid cost contributions to ensure consistent application across the sector.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.
This chapter outlines our observations and insights from our financial statement audits of agencies in the Transport portfolio.

Section highlights

  • The 2022–23 audits identified four high risks and 28 moderate risk issues across the portfolio. Thirty-nine per cent of issues were repeat findings.
  • Four high risk findings include:
    • TAHE’s asset valuations (new)
    • TAHE’s control of assets and operations (new)
    • Sydney Metro’s management of contractors and conflicts of interest (new)
    • Parramatta Park Trust’s valuation of trees (repeat).
  • The total number of findings decreased from 53 in 2021–22 to 49 in 2022–23. Many repeat findings related to control weaknesses over the asset valuation, payroll processes, conflicts of interest and information technology user access administration.


Appendix one – Misstatements in financial statements submitted for audit 

Appendix two – Early close procedures

Appendix three – Timeliness of financial reporting 

Appendix four – Financial data 

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

Regional road safety

Transport
Health
Community Services
Internal controls and governance
Management and administration
Project management
Risk

What this report is about

Around one-third of the state’s population lives in regional NSW, but deaths on regional roads make up around two-thirds of the state’s road toll.

Transport for NSW (TfNSW) is responsible for managing road safety outcomes across the NSW road network. This audit assessed the effectiveness of TfNSW’s delivery of road safety strategies, plans and policies in regional areas.

The NSW Road Safety Action Plan 2022–2026 has the stated goal of ‘no death or serious injury occurring on the road transport network’ by 2050.

What we found

There is a disproportionate amount of trauma on regional roads, but there are no specific road safety plans or trauma reduction targets for regional NSW.

TfNSW advises that the setting of state-wide road safety targets is consistent with other jurisdictions and international best practice. However, the proportion of road fatalities and serious injuries in regional NSW is almost the same as ten years ago.

There is no regional implementation plan to assist TfNSW to target the Road Safety Action Plan 2026 to regional areas.

TfNSW considers that local road safety outcomes should be managed by councils, but only 52% of regional councils participated in its Local Government Road Safety Program (LGRSP) in 2022–23. This program has not been updated since 2014, despite commitments to do so in 2021 and 2022.

TfNSW has not undertaken a systematic and integrated analysis of the combined impact of its road safety strategies and plans in regional NSW since 2012.

TfNSW reports against the Community Road Safety Fund (CRSF) annually but there is no consolidated, public reporting on total road safety funding allocated to regional NSW. The Fund underspend increased from 12% in 2019–20 to 20% in 2022–23.

What we recommended

We recommended TfNSW:

  • develop a regional implementation plan to support the NSW Road Safety Action Plan, including a framework to annually measure, analyse and publicly report on progress
  • develop a plan to measure and mitigate risks causing underspend in the CRSF
  • expedite the review of the LGRSP including recommendations to increase involvement of regional councils.

Disclosure of confidential information

Under the Government Sector Audit Act 1983 (the Act), the Auditor-General may disclose confidential information if, in the Auditor-General’s opinion, the disclosure is in the public interest, and that disclosure is necessary for the exercise of the Auditor-General’s functions.

Confidential information in the Act means Cabinet information or information subject to legal privilege. This performance audit report contained confidential information.

The NSW Premier has certified that in his opinion the disclosure of the confidential information was not in the public interest.

The confidential information has been redacted from this report.

Under section 36A(2) of the Government Sector Audit Act 1983, the Auditor-General may authorise the disclosure of confidential information if, in the Auditor-General’s opinion, the disclosure is in the public interest and necessary for the exercise of the Auditor-General’s functions. Confidential information under the Government Sector Audit Act 1983 means Cabinet information, or information that could be subject to a claim of privilege by the State or a public official in a court of law. This performance audit report contained confidential information which, in the opinion of the Auditor-General, is in the public interest to disclose and that disclosure is necessary for the exercise of the Auditor-General’s functions.

On 26 October 2023, pursuant to section 36A(2)(b) of the Government Sector Audit Act 1983, the Auditor-General notified the NSW Premier of the intention to include this information in the published report, having formed the opinion that its disclosure is in the public interest and is necessary for the exercise of the Auditor-General’s functions.

On 23 November 2023, pursuant to section 36A(2)(c) of the Government Sector Audit Act 1983, the NSW Premier certified that, in his opinion, the proposed disclosure of the confidential information contained in this report was not in the public interest. The Premier’s certificate follows. Section 36A(4) states that a certificate of the Premier that it is not in the public interest to disclose confidential information is conclusive evidence of that fact.

The issuance of the certificate by the NSW Premier prevents the publication of this information. The relevant sections of the report containing confidential information have been redacted.

One-third of the New South Wales population resides in regional areas, but two-thirds of the state’s road crash fatalities take place on regional roads.

Between 2017 and 2021, the average number of fatalities for every 100,000 of the population living in regional New South Wales was 8.33 — approximately four times higher than the equivalent measure for Greater Sydney. Similarly, the average number of serious injuries in regional New South Wales over the same period was 75.24 per 100,000 of the population, compared with 50.53 in Greater Sydney. Further, more than 70% of people who lose their lives in accidents on regional roads are residents of regional areas.

Residents of regional areas face particular transport challenges. They often need to travel longer distances for work, health care, or recreation purposes, yet their public transport options are more limited than metropolitan residents. Vehicle safety is also an issue. According to the NSW Road Safety Progress Report 2021, of the light vehicles registered in New South Wales that were manufactured in or after 2000, 48.4% of light vehicles in regional areas had a five-star Australasian New Car Assessment Program (ANCAP) rating, compared to 54.8% in metropolitan areas. Road conditions in regional areas can also be more challenging for drivers.

Regional New South Wales covers 98.5% of the total area of the state. The road network in New South Wales is vast — spanning approximately 200,000 kilometres.

The road network includes major highways, state roads and local roads. Speed limits range from 10 km/hr in high pedestrian shared zones, up to 110 km/hr on high volume and critical road corridors. Eighty per cent of the network has a 100 km/h speed limit, which is mostly applied as a default speed limit, regardless of the presence of safety features and treatments.

Speed is the primary causal factor in more crashes in New South Wales than any other factor, and car crashes in regional areas are more likely to be fatal because of the higher average speeds involved.

The responsibility for managing road safety outcomes across the entire New South Wales road network lies with Transport for NSW (TfNSW), pursuant to Schedule 1 of the Transport Administration Act 1988.

While its safety responsibilities are state-wide, TfNSW does not own or directly manage all of the road network in regional New South Wales, which spans approximately 200,000 kilometres. Approximately 80% of the roads are classified as Local Roads and are administered and managed by local councils. Local councils also maintain Regional Roads that run through their local government areas. TfNSW is responsible for managing State Roads (approximately 20% of roads), which are major arterial roads. It also provides funding for councils to manage over 18,000 km (approximately 10%) of state-significant Regional Roads.

According to TfNSW, between 2016 and 2020, there were 9,776 people killed or seriously injured on roads in regional New South Wales. Adding to the tragic loss of life, according to TfNSW, the estimated cost to the community between 2016 and 2020 resulting from regional road trauma and fatalities was around $13.7 billion.

TfNSW also noted that the ‘risk of road trauma is pervasive, and a combination of effective road safety measures is required to systematically reduce this risk’.

TfNSW released its first long-term road-safety strategy in December 2012, which introduced the goal of ‘Vision Zero’ — a long-term goal of zero deaths or serious injuries on NSW roads. The terminology was changed to ‘Towards Zero’ in the 2021 Road Safety Plan and has been retained in the NSW Road Safety Action Plan 2022–2026. Towards Zero has the stated goal of ‘no death or serious injury occurring on the road transport network’ by 2050.

The objective of this audit is to assess the effectiveness of TfNSW’s delivery of ‘Towards Zero’ in regional areas.

In making this assessment, the audit examined whether TfNSW:

  • is effectively reducing the number of fatalities and serious injuries on regional roads
  • has an effective framework, including governance arrangements, for designing and refreshing the NSW Road Safety Strategy 2012–2021 and the NSW Road Safety Action Plan 2022–2026
  • effectively makes use of whole-of-government and other relevant sources of data to support decision-making, and to evaluate progress and outcomes
  • effectively manages accountabilities, including roles and responsibilities, with respect to road safety outcomes and the use of data.

This audit focused on the policies and strategies used by TfNSW for managing road safety outcomes in regional areas. We did not evaluate individual road safety projects, programs and initiatives as part of this audit.

Whilst Regional Roads and Local Roads (as defined by the Road Network Classifications) are owned and maintained by local councils, we included these roads in this audit as TfNSW may advise and assist councils to promote and improve road safety, as well as manage grant programs that focus on improving road safety outcomes on these roads. Hereafter, unless otherwise stated, references to ‘regional roads’ refer to all classifications of roads in the state which are in regional New South Wales, irrespective of their ownership.

Local councils in regional areas are key stakeholders for the purposes of this audit, and we interviewed eight as part of the audit process (noting that this was not intended to be a representative sample). Road asset management by local councils is also out of scope for this audit as it is the focus of a subsequent performance audit by the Audit Office of New South Wales.b

The Audit Office of New South Wales has undertaken several performance audits relating to road safety since 2009 and these have been referenced while undertaking this audit. They include:

  • Condition of State Roads (August 2006)
  • Improving Road Safety: Heavy Vehicles (May 2009)
  • Improving Road Safety: School Zones (March 2010)
  • Improving Road Safety: Speed Cameras (July 2011)
  • Regional Assistance Programs (May 2018)
  • Mobile speed cameras (October 2018)
  • Rail freight and Greater Sydney (October 2021).

Conclusion

TfNSW has acknowledged that there is a disproportionate amount of road trauma on regional roads in the NSW Road Safety Strategy 2012–2021, the NSW Road Safety Plan 2021, and the NSW Road Safety Action Plan 2022–2026. However, TfNSW has not articulated or evaluated a strategy for implementing road safety policy in regional New South Wales to assist in guiding targeted activities to address regional road trauma. There is also no transparency about the total amount of funding invested in improving road safety outcomes for regional New South Wales.

People living in regional New South Wales make up one-third of the state’s population, but deaths on regional roads make up around two-thirds of the state’s total road toll. This statistic is almost the same in 2023 as it was ten years ago when TfNSW released its first long-term road safety strategy.

More than 70% of people who died on roads between 2012 and 2022 in regional New South Wales were residents of regional areas. Speed is the greatest contributing factor to road fatalities and serious injuries across the entire state. However, it is responsible for more fatalities on regional roads (43%) than in Greater Sydney (34%).

TfNSW’s road safety strategies and plans acknowledge that most road fatalities occur in regional New South Wales but none of its existing strategies or plans show evidence of tailoring measures to suit particular regional settings or ‘hot spots’. There are infrastructure initiatives (such as Saving Lives on Country Roads) and behavioural programs targeting regional areas (such as Driver Reviver). However, these activities are not aligned to a regional-specific strategy or plan that addresses issues specific to regional areas.

TfNSW has state-wide responsibility for managing road safety outcomes. TfNSW advised the audit that a regional plan and regional trauma reduction targets are not needed as the state-wide plan and targets apply equally for all areas of New South Wales, and local road safety factors are best managed by local councils. TfNSW partners with local councils. However, only 52% of councils in regional New South Wales participate in TfNSW’s Local Government Road Safety Program, compared to 84% of councils in metropolitan areas. TfNSW has not undertaken any evaluations to determine whether projects completed under the Local Government Road Safety Program have reduced road trauma at the local level.

Notwithstanding the above points, TfNSW works with local councils (who are road authorities for local roads in their respective areas under the Roads Act 1993) and other key stakeholders such as the NSW Police Force to achieve the NSW Government’s road safety policy objectives.

TfNSW advised that ‘the setting of state-wide road safety targets is consistent with other jurisdictions and international best practice. Importantly, delivery of road safety countermeasures is tailored and applied with a focus on road user groups across all geographic locations to maximise trauma reductions’. There may be legitimate reasons for the existing approach, as articulated by TfNSW. However, the proportion of road fatalities in regional New South Wales roads has not reduced since 2012 – despite a long-term reduction in the overall number of deaths on the state’s roads between 2012–2021. The audit report has recommended that a regionally focused implementation plan could address this issue. TfNSW has accepted this report’s recommendation that such a plan be developed.

Specific road safety initiatives targeted to regional areas have not been implemented or expanded

Text removed pursuant to section 36A of the Government Sector Audit Act 1983 (NSW), in compliance with the issuance of a Premier’s certificate preventing the publication of this information.

TfNSW increased the use of other forms of automated enforcement (such as tripling enforcement hours in mobile speed cameras).
However, the use of automated enforcement has a strong metropolitan focus with most red light and fixed speed cameras being in metropolitan areas. Average speed cameras are the only camera type overwhelmingly located in regional areas but these apply only to heavy vehicles and are positioned on major freight routes. 

There is no consolidated, public reporting of what proportion of total road safety funding is directed to regional New South Wales each year. The main source of funding for road safety in New South Wales, the Community Road Safety Fund, has been underspent since 2019.

Fines from camera-detected speeding, red-light and mobile phone use offences are required to be used solely for road safety purposes through the Community Road Safety Fund (CRSF), as set out in the Transport Administration Amendment (Community Road Safety Fund) Act 2012.

The CRSF has been underspent every year since 2019–20. The underspend has increased from 12% in 2019–20 to 20% in 2022–23 where the full year underspend was forecasted to be $104 million. Of this underspend, $13.5 million was dedicated for regional road infrastructure projects. TfNSW advised the audit that much of the underspend is the result of delays to infrastructure projects due to COVID-19, bushfires, and floods, as well as skills shortages. However, TfNSW has not provided any evidence that it had a plan to mitigate these risks – meaning the level of underspend could continue to grow. TfNSW also advised ‘there is no reason to expect budget management and controls will not return to pre-COVID circumstances’.

In total, TfNSW received $700 million in funding for road safety in 2021–22 (including federal contributions and the Community Road Safety Fund). Of this, $411 million (or ~59%) was directed to regional New South Wales. This is the most recent comprehensive financial data that was provided by TfNSW to the audit team. The 2022–23 NSW Budget allocated $880 million for road safety in 2022–23, with a forecasted total allocation for road safety of $1.6 billion in recurrent expenses and $0.8 billion in capital expenditure over the period 2022–23 to 2025–26.

Appendix one – Response from Transport for NSW

Appendix two – The Safe Systems framework and NSW road safety strategies and plans

Appendix three – About the audit

Appendix four – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #386 - released 30 November 2023

Published

State heritage assets

Environment
Local Government
Planning
Compliance
Management and administration
Regulation
Risk

What the report is about

This audit assessed how effectively the Department of Planning and Environment (Heritage NSW) is overseeing and administering heritage assets of state significance.

Heritage that is rare, exceptional or outstanding to New South Wales may be listed on the State Heritage Register under the Heritage Act 1977. This provides assets with legal recognition and protection. Places, buildings, works, relics, objects and precincts can be listed, whether in public or private ownership.

Heritage NSW has administrative functions and regulatory powers, including under delegation from the Heritage Council of NSW, relevant to the listing, conservation and adaptive re-use of heritage assets of state significance.

In summary, the audit assessed whether Heritage NSW:

  • is effectively administering relevant advice and decisions
  • is effectively supporting and overseeing assets
  • has established clear strategic priorities and can demonstrate preparedness to implement these.

What we found

Heritage NSW does not have adequate oversight of state significant heritage assets, presenting risks to its ability to promote the objects of the Heritage Act.

Information gaps and weaknesses in quality assurance processes limit its capacity to effectively regulate activities affecting assets listed on the State Heritage Register.

Heritage NSW has adopted a focus on customer service and recently improved its timeliness in providing advice and making decisions about activities affecting listed assets. But Heritage NSW has not demonstrated how its customer-focused priorities will address known risks to its core regulatory responsibilities.

Listed assets owned by government entities are often of high heritage value. Heritage NSW could do more to promote effective heritage management among these entities.

What we recommended

The report made eight recommendations to Heritage NSW, focusing on:

  • improving quality assurance over advice and decisions
  • improving staff guidance and training
  • defining and maintaining data in the State Heritage Register
  • clarifying its regulatory intent and approach
  • sector engagement and interagency capability to support heritage outcomes.

The Heritage Act 1977 (the Heritage Act) and accompanying regulation provide the legal framework for the identification, conservation and adaptive re-use of heritage assets in New South Wales.

The Department of Planning and Environment (Heritage NSW) has responsibility for policy, legislative and program functions for state heritage matters, including supporting the Minister for Heritage to administer the Heritage Act.

Heritage assets that are rare, exceptional or outstanding beyond a local area or region may be listed on the State Heritage Register under the Heritage Act. These assets include places, buildings, works, relics, moveable objects and precincts, and assets that have significance to Aboriginal communities in New South Wales. Assets nominated for and listed on the State Heritage Register ('listed assets') may be owned privately or publicly, including by local councils and state government entities.

The Heritage Act establishes the Heritage Council of NSW (the Heritage Council) to undertake a range of functions in line with its objectives. Heritage NSW provides administrative support to the Heritage Council, for example providing advice on assets that have been nominated for listing on the State Heritage Register. Many of Heritage NSW’s core activities also relate to exercising functions and powers under delegation from the Heritage Council. These include making administrative decisions about works affecting listed assets, and exercising powers to regulate asset owners’ compliance with requirements under the Heritage Act.

Heritage NSW states that heritage:

…gives us a sense of our history and provides meaningful insights into how earlier generations lived and developed. It also enriches our lives and helps us to understand who we are.  

According to Heritage NSW, an effective heritage system will facilitate the community in harnessing the cultural and economic value of heritage.

The objective of this audit was to assess how effectively the Department of Planning and Environment (Heritage NSW) is overseeing and administering heritage assets of state significance.

For this audit, ‘heritage assets of state significance’ refers to items (including a place, building, work, relic, moveable object or precinct) listed on the State Heritage Register ('listed assets'), and those which have been nominated for listing.

Conclusion

The Department of Planning and Environment (Heritage NSW) does not have adequate oversight of state significant heritage assets. Information gaps and weaknesses in certain assurance processes limit its capacity to effectively regulate activities affecting assets listed on the State Heritage Register. These factors also constrain its ability to effectively support voluntary compliance and promote the objects of the Heritage Act, which include encouraging conservation and adaptive re-use.
Heritage NSW has adopted a focus on customer service and recently improved the timeliness of its advice and decisions on activities affecting listed assets. But Heritage NSW has not demonstrated how its customer service priorities will address known risks to its regulatory responsibilities. It could also do more to enable and promote effective heritage management among state government entities that own listed assets.

The information that Heritage NSW maintains about assets listed on the State Heritage Register ('listed assets') is insufficient for its regulatory and owner engagement purposes. Data quality and completeness issues have arisen since the register was established in 1999. But Heritage NSW's progress to address important gaps in the register, and its other information systems, has been limited in recent years. These gaps limit Heritage NSW’s capacity to detect compliance breaches early and implement risk-based regulatory responses, and to strategically target its owner engagement activities to promote conservation and re-use.

Heritage NSW makes decisions on applications for works on listed assets, requiring technical skills and professional judgement. But Heritage NSW does not provide its staff with adequate guidance to ensure that consistent approaches are used, and it lacks sufficient quality assurance processes. There are similar weaknesses in Heritage NSW's oversight of decisions on applications that are delegated to other government entities.

Heritage NSW has prioritised the implementation of customer service-focused activities, policies, and programs to reduce regulatory burdens on asset owners since 2017. For example, Heritage NSW has refreshed its website, introduced new information management systems, and implemented new regulation for the self-assessment of exemptions for minor works. However, Heritage NSW has not taken steps to mitigate oversight and quality risks introduced with the reduced regulatory burdens. Heritage NSW has made some, but to date insufficient, progress on a key project to update its publications. These documents (over 150 publications) are intended to play an important role in promoting voluntary compliance and supporting heritage outcomes. Heritage NSW started a new project to update relevant publications in April 2023.

Heritage NSW has recently implemented processes to improve its efficiency, such as screening new nominations for listing on the State Heritage Register. Heritage NSW has also reported improvements in the time it takes to decide on applications for works affecting listed assets. In the third quarter of 2022–23, 87% of decisions were made within the statutory timeframes. This compares to 48% in 2021–22. Heritage NSW has similarly improved how quickly it provides heritage advice on major projects, with 90% of advice reported as delivered on time in the third quarter of 2022–23, compared to 44% in 2020–21.

Assets owned by state government entities comprise a large proportion of State Heritage Register listings. These assets are often of high heritage value or situated within large and complex precincts or portfolios. But Heritage NSW does not implement targeted capability building activities to support good practice heritage management among state government entities and to promote compliance with their obligations under the Heritage Act.

The expected interaction between Heritage NSW's strategic plans and activities, and the priorities of the Heritage Council of NSW, is unclear. Actions to clarify the relevant governance arrangements have also been slow following a review in 2020 but this work re-commenced in late 2022.

Heritage NSW has been progressing work to draft reforms to the Heritage Act. This follows recommendations made in a 2021 Upper House Inquiry into the Heritage Act. To build preparedness for future reforms, Heritage NSW will need to do more to address the risks and opportunities identified in this audit report. In particular, it will need to ensure it has sufficient information and capacity to implement a risk-based regulatory approach; clear and effective governance arrangements with the Heritage Council of NSW; and enhanced engagement with government entities to promote the conservation and adaptive re-use of listed assets in public ownership.

This chapter assesses the effectiveness of Heritage NSW's oversight of state heritage assets, including its visibility of listed assets, and its oversight of regulatory decision-making. It also assesses Heritage NSW's activities to engage with owners to meet their obligations under the Heritage Act and to support heritage outcomes.

This chapter assesses the timeliness of Heritage NSW’s provision of advice, recommendations, and decisions on heritage issues to support heritage management outcomes with respect to listed assets.

This chapter assesses whether the Department of Planning and Environment (Heritage NSW) has established clear strategic priorities to effectively oversee and administer activities related to listed assets, and its preparedness to implement reforms. It also assesses the adequacy of planning activities and governance arrangements to support the achievement of strategic directions.

Appendix one – Response from agency

Appendix two – About the audit

Appendix three – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #384 - released 27 June 2023

Published

Financial Management and Governance in MidCoast Council

Local Government
Financial reporting
Internal controls and governance
Management and administration
Risk

Introduction

The Auditor-General's financial and performance audits of local councils aim to improve financial management, governance and public accountability across the local government sector.

Annual Local Government reports to Parliament have consistently highlighted risks and weaknesses across the sector in relation to financial management and governance. We will continue to focus on these matters as a priority area in our forward work program.

While this report focuses on MidCoast Council, the findings should be considered by all councils to better understand the challenges and opportunities when addressing financial sustainability and financial management needs.

Findings and recommendations around the effectiveness of long-term financial planning, comprehensive and timely financial reporting and financial management governance arrangements are relevant for all councils.

What this report is about

The Local Government Act 1993 requires councils to apply sound financial management principles, including sustainable expenditure, effective financial management and regard to intergenerational equity.

This audit assessed whether MidCoast Council has effective financial management arrangements that support councillors and management to fulfill their responsibilities as financial stewards.

What we found

MidCoast Council has not met all legislative and policy requirements for long-term financial planning.

From FY2019–20 to FY2020–21, the Council had financial management and governance gaps. Some gaps were addressed throughout FY2021–22.

MidCoast Council experienced significant challenges in its implementation of a consolidated financial management system following amalgamation in 2016 and the merging of MidCoast Water in 2017. This led to gaps in finance processes and data quality.

What we recommended

The report recommends that MidCoast Council should:

  • ensure its long-term financial plan meets legislative and policy requirements
  • undertake service reviews to better understand net costs to inform budget and financial planning decisions
  • improve the quality of asset management information to inform budget and financial planning decisions
  • use the financial management components of the MC1 system to its full potential
  • address control and process gaps identified in audits and reviews
  • ensure competency of those responsible for finance and budget
  • ensure financial sustainability initiatives account for the cost of services and asset management information.

Effective financial management is important in ensuring that councils achieve their long-term objectives, remain financially viable and deliver intended benefits to the community.

Sustainable financial management has been a priority for the local government sector since 2013 and continues to be one of the highest rated risks and priorities among councils in 2023.

According to data provided by the Department of Planning and Environment, during FY2020–21, NSW local councils:

  • collected $7.8 billion in rates and annual charges
  • received $5.8 billion in grants and contributions
  • incurred $4.8 billion of employee benefits and on costs
  • held $16.8 billion of cash and investments
  • managed $175.2 billion in infrastructure, property plant and equipment
  • entered into $3.7 billion of borrowings.

The Local Government Act 1993 (LG Act) requires local councils to apply sound financial management principles including responsible and sustainable expenditure, investment, and effective financial and asset management. Under the LG Act and the Local Government Regulation 2021 (LG Regulation) councils are required to:

  • establish and monitor their budget position
  • clearly establish approaches to raise revenue, including from rates and other sources
  • develop and implement integrated planning to ensure financial sustainability in line with community priorities and needs
  • regularly report on their financial performance through financial statements.

The objective of the audit is to assess whether MidCoast Council (the Council) has effective financial management arrangements that support councillors and management to fulfil their financial stewardship responsibilities. It considers whether:

  • the Council has an effective governance framework for financial management, through the existence of governance, risk management, internal controls and provision of adequate financial management training, including whether:
    • governance, risk management and internal controls are in place for financial management
    • adequate financial management and governance training and support has been provided to councillors, management and operational managers.
  • the Council has quality and comprehensive internal financial management reporting, including whether:
    • councillors and management have identified and implemented essential internal financial management reporting elements
    • council’s financial systems and data have integrity, and support identified financial management report production requirements
    • council reports are relevant, consistent, reliable, understandable, and tailored towards the requirements of key users (appendix two provides more information about the characteristics of effective financial management reporting).
  • the financial management governance and reporting arrangements support councillors and management to fulfil their financial stewardship responsibilities, including whether councillors and management use internal financial management reporting to:
    • support budget decisions, resource allocation and cost setting (for example fees and charges)
    • monitor financial sustainability
    • assess operational efficiency, financial services and investments
    • make improvements where necessary.

This audit completed fieldwork during November 2022 to February 2023. The audit period of review was from 1 July 2019 to 30 June 2022.

Conclusion

MidCoast Council has not effectively carried out long-term financial planning to address its identified long-term financial sustainability challenges.

MidCoast Council has not met all legislative and policy requirements to effectively carry out long-term financial planning. It has not effectively considered and communicated how it will achieve financial sustainability goals and has not identified options to achieve such goals through its long-term financial plan.

Since 2020, and throughout 2021 and 2022, MidCoast Council has identified a need to focus on developing strategies for financial sustainability following the projected operating deficit for its general fund over the next ten years.

In September 2022, the Council took early steps to implement plans that aim to address the identified financial sustainability issues, but the Council has not yet established effective processes to analyse the true cost of services and address its unreliable asset condition data. Both are required to accurately inform its long-term resourcing strategy.

Between FY2019–20 and FY2020–21, MidCoast Council had gaps in its financial management and governance arrangements. The Council has taken some actions to address the gaps throughout FY2021–22.

Between FY2019–20 and FY2020–21, MidCoast Council did not ensure effective financial management governance and reporting arrangements. Over that time, the Council did not perform monthly reconciliation and reporting processes that would provide timely information and assurance to management and councillors over the Council's finances. It did not ensure that all financial management reporting met statutory deadlines for submission to councillors.

During this period, reviews, financial audits and internal audits identified risks to, and gaps in, finance processes, systems and controls. The consequences of these gaps were increased use of manual processes, and risks to the integrity of financial data and information used by management.

During FY2021–22, MidCoast Council implemented actions and processes that have increased transparency and led to improved financial governance. These include addressing and implementing some audit recommendations, and implementing monthly financial management reporting and month-end reconciliations.

MidCoast Council has commenced a $21 million program to improve its customer experience, asset management, ICT and back office business processes. The Council advises that this program has a five-year implementation timeframe and it expects to achieve financial benefits over the ten years following commencement.

MidCoast Council experienced significant challenges in its implementation of a consolidated financial management system following amalgamation in 2016 and the merging of MidCoast Water functions in 2017. This has led to gaps in finance processes and data quality within the system.

In 2016, following amalgamation, MidCoast Council commenced work to procure and implement an enterprise resource planning system which included a consolidated financial management system. In 2017, Council further merged with MidCoast Water and arrangements were made to implement the system (MC1) after the functions of MidCoast water were incorporated. The Council continued to use four separate financial management systems until it commenced a progressive implementation of MC1 from 2019 to 2021. Across MC1's implementation, the Council experienced significant challenges relating to change management, user functionality and configuration.

This meant that the Council did not ensure that all of its staff were using MC1 effectively and efficiently, which led to gaps in finance processes and data quality, and delays in delivering integrated and automated financial processes across the amalgamated Council.

Since implementation, MidCoast Council has used MC1 to carry out finance processes required to collect rates, prepare budgets, monitor expenditure and income and prepare financial statements. 

Appendix one – Response from agency

Appendix two – Characteristics of effective financial management reporting

Appendix three – About the audit 

Appendix four – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #381 - released 16 June 2023

Published

Local Government 2022

Local Government
Asset valuation
Cyber security
Financial reporting
Information technology

This report is about

Results of the local government sector financial statement audits for the year ended 30 June 2022.

What we found

Unqualified audit opinions were issued for 83 councils, 11 joint organisations and nine county councils' financial statements.

The financial audits for two councils and two joint organisations are in progress due to accounting issues.

Fifty-seven councils and joint organisations (2021: 41) required extensions to submit their financial statements to the Office of Local Government (OLG), within the Department of Planning and Environment (the department).

The audit opinion on Kiama Municipal Council's 30 June 2021 financial statements was disclaimed due to deficient books and records.

Qualified audit opinions were issued on 43 councils' financial statements due to non-recognition of rural firefighting equipment vested under section 119 (2) of the Rural Fires Act 1997. Forty-seven councils appropriately recognised this equipment.

What we recommended

Consistent with the NSW Government's accounting position and the department's role of assessing councils' compliance with legislative responsibilities, standards or guidelines, the department should intervene where councils do not recognise vested rural firefighting equipment.

The key issues

There were 1,045 audit findings reported to councils in audit management letters, with 52% being unresolved from prior years.

What we recommended

Councils need to track progress of implementing audit recommendations, giving priority to high-risk and repeat issues.

Ninety-three high-risk matters were identified across the sector mainly relating to asset management, information technology, financial accounting and council governance procedures.

Asset valuations

Audit management letters reported 267 findings relating to asset management. Fifty-three councils had deficiencies in processes that ensure assets are fairly stated.

What we recommended

Councils need to complete timely asset valuations (repeat recommendation).

Integrity and completeness of asset source records

Fifty-two councils had weak processes over the integrity of fixed asset registers.

What we recommended

Councils need to improve controls that ensure integrity of asset records (repeat recommendation).

Cybersecurity

Our audits found that 47% of councils did not have a cyber security plan.

What we recommended

All councils need to prioritise creation of a cyber security plan to ensure data and assets are safeguarded.

Pursuant to the Local Government Act 1993 I am pleased to present my Auditor-General's report on Local Government 2022. My report provides the results of the 2021–22 financial audits of 126 councils, 11 joint organisations and nine county councils. The audits for two councils and two joint organisations are in progress due to significant accounting issues.

Unqualified audit opinions were issued for 83 councils, 11 joint organisations and nine county councils' 2021–22 financial statements. The statements for 43 councils were qualified due to non-recognition of rural firefighting equipment vested under section 119 (2) of the Rural Fires Act 1997. And the audit opinion on Kiama Municipal Council's 30 June 2021 financial statements was disclaimed due to deficiencies in books and records.

This year has again been challenging for many New South Wales local councils still recovering from the impact of emergency events and facing cost and resourcing pressures. We appreciate the efforts of council staff and management in meeting their financial reporting obligations. We share a mutual interest in raising the standard of financial management in this sector, and the importance of accurate and transparent reporting.

Disappointingly, accounting for the value of rural firefighting equipment vested in councils continued to be an unnecessary distraction and resulted in 43 councils having their financial statements qualified. We continue to recommend that the Office of Local Government should intervene where councils fail to comply with Australian Accounting Standards by not recognising assets vested to them under section 119(2) of the Rural Fires Act 1997.

Sound financial management is critical to councils' ability to instil trust and properly serve their communities. The recommendations in this report are intended to further improve their financial management and reporting capability, and encourage sound governance arrangements and cyber resilience. I am committed to continuing this work with councils in the 2022–23 year and beyond.

 

Margaret Crawford PSM

Auditor-General for New South Wales

Financial reporting is an important element of good governance. Confidence in and transparency of public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines audit observations related to the financial reporting audit results of councils and joint organisations.

Section highlights

  • Ninety-three councils and joint organisations (2020–21: 109) lodged audited financial statements with OLG by the statutory deadline of 31 October.
  • More councils received extensions. Fifty-seven councils and joint organisations (2020–21: 41) received extensions to submit audited financial statements to OLG.
  • Unqualified audit opinions were issued for 83 councils, 11 joint organisations and nine county councils 2021–22 financial statements.
  • A disclaimer of audit opinion was issued to Kiama Municipal Council relating to the 30 June 2021 financial statements.
  • The audits of two councils and two joint organisations are still in progress as at the date of this report due to significant accounting issues.
  • Qualified audit opinions were issued for 43 councils (2020–21: one) due to non-recognition of rural firefighting equipment vested to councils under the Rural Fires Act 1997 in their financial statements. Forty-seven councils appropriately recognised this equipment.
  • Since 2017, the Audit Office of New South Wales has recommended that OLG address the different practices across the local government sector in accounting for the rural firefighting equipment. Despite repeated recommendations, the OLG has not been effective in resolving this issue.
  • The OLG within the department should now intervene where councils do not recognise rural firefighting equipment.
  • The total number of errors and total dollar values (including corrected and uncorrected) in the financial statements decreased compared to prior year.
  • Eighty-two per cent of councils performed some early financial reporting procedures (2020–21: 59%). We continue to recommend that OLG should require early close procedures across the local government sector.

A strong system of internal controls enables councils to operate effectively and efficiently, produce reliable financial reports, comply with laws and regulations, and support ethical government.

This chapter outlines the overall trends in governance and internal controls across councils and joint organisations in 2021–22.

Financial audits focus on key governance matters and internal controls supporting the preparation of councils’ financial statements. Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues are reported to management and those charged with governance through audit management letters. These letters include our observations, related implications, recommendations and risk ratings.

Section highlights

  • Total number of audit findings reported in audit management letters decreased from 1,277 in 2020–21 to 1,045 in 2021–22.
  • Total number of high-risk audit findings increased from 92 in 2021–21 to 93 in 2021–22. Forty-three (2020–21: 60) of the high-risk findings in 2021–22 related to the non-recognition of vested rural firefighting equipment in councils’ financial statements.
  • Ninety per cent of total high-risk findings in 2021–22 were repeat findings. Thirty-two per cent of these high-risk findings were escalated from unactioned moderate risk findings in 2020–21.
  • Fifty-two per cent (2020–21: 53%) of findings reported in audit management letters were repeat or partial repeat findings. We continue to recommend councils and those charged with governance track progress of implementing recommendations from our audits.
  • Governance, asset management and information technology comprise over 65% (2020–21: 62%) of findings and continue to be key areas requiring improvement. Eleven per cent of these findings were high risk in 2021–22.
  • A number of repeat recommendations were made relating to asset valuations and integrity of asset data records, in response to the findings that:
    • 52 (2021: 67) councils had weak processes over maintenance, completeness and security of fixed asset registers
    • 53 (2021: 58) councils had deficiencies in their processes to revalue infrastructure assets.
  • Sixty-three (2021: 65) councils have yet to implement basic governance and internal controls to manage cyber security. We recommended that all councils should create a cyber security plan in order to ensure cyber security risks over key data and IT assets are appropriately managed and key data is safeguarded. Councils should refer to the ‘Cyber Security Guidelines for NSW Local Government’ released by the OLG.

Total number of findings reported in audit management letters decreased

The following shows the overall findings of the 2021–22 audits reported in management letters compared with the previous year.

Appendix one – Response from the Office of Local Government within the Department of Planning and Environment

Appendix two – Status of audits

Appendix three – Councils received qualified audit opinions

Appendix four – Common reasons for council extensions

 

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Published

Natural disasters

Community Services
Environment
Finance
Local Government
Planning
Transport
Treasury
Whole of Government
Asset valuation
Compliance
Financial reporting
Infrastructure
Regulation
Risk
Service delivery

What this report is about

This report draws together the financial impact of natural disasters on agencies integral to the response and impact of natural disasters during 2021–22.

What we found

Over the 2021–22 financial year $1.4 billion from a budget of $1.9 billion was spent by the NSW Government in response to natural disasters.

Total expenses were less than the budget due to underspend in the following areas:

  • clean-up assistance, including council grants
  • anticipated temporary accommodation support
  • payments relating to the Northern Rivers Business Support scheme for small businesses.

Natural disaster events damaged council assets such as roads, bridges, waste collection centres and other facilities used to provide essential services. Additional staff, contractors and experts were engaged to restore and repair damaged assets and minimise disruption to service delivery.

At 30 June 2022, the estimated damage to council infrastructure assets totalled $349 million.

Over the first half of the 2022–23 financial year, councils experienced further damage to infrastructure assets due to natural disasters. NSW Government spending on natural disasters continued with a further $1.1 billion spent over this period.

Thirty-six councils did not identify climate change or natural disaster as a strategic risk despite 22 of these having at least one natural disaster during 2021–22.

Section highlights

  • $1.4 billion from a budget of $1.9 billion was spent by the NSW Government in response to natural disasters during 2021–22.
  • Budget underspent for temporary housing and small business support as lower than expected need.

Section highlights

  • 83 local council areas were impacted by natural disasters during 2021–22, with 58 being impacted by more than one type of natural disaster.
  • $349 million damage to council infrastructure assets at 30 June 2022.

 

Published

Universities 2022

Universities
Compliance
Cyber security
Financial reporting
Information technology
Internal controls and governance
Service delivery

What this report is about

Results of the financial statement audits of the public universities in NSW for the year ended 31 December 2022.

What we found

Unmodified audit opinions were issued for all ten universities.

Nine universities reported net deficits in 2022, and all showed a decline from their 2021 results.

Results were impacted by a decline in investment income and government grants.

Wage remediation provisions across the universities increased by 116% to $110 million at 31 December 2022.

Expenditure increased as universities transitioned back to face-to-face teaching with the lifting of most COVID-19 restrictions.

Revenue from overseas students decreased by 0.5% overall in 2022, although not all universities were impacted equally.

Nearly 42% of fees and charges revenue came from overseas student revenue from three countries of origin (43% in 2021).

What the key issues were

We reported 88 findings to universities on internal control deficiencies (105 in 2021).

Six high risk findings were identified (four in 2021), relating to:

  • IT control deficiencies in monitoring privileged user access
  • password configuration
  • cyber security process improvements
  • lack of security over access to EFT payment files
  • the status of a university's work in assessing its liability for underpayment of staff
  • inadequate review of contracts leading to incorrect accounting treatments.

Two out of 13 entities reported financial losses from cyber incidents in 2022.

Retention policies on personally identifiable information (PII) vary and universities can further reduce their PII exposure risk from cyber attack.

What we recommended

Universities should:

  • conduct a comprehensive assessment of their employment agreements and historical pay practices to identify potential underpayments
  • prioritise actions to address repeat findings on internal control deficiencies in a timely manner
  • review their PII retention policies to ensure PII stored is limited to the entity's needs, held only for the minimum duration it is legally and operationally required, and access is strictly limited.

This report provides Parliament with the results of our financial audits of universities in New South Wales and their controlled entities in 2022, including our analysis, observations and recommendations in the following areas:

  • financial reporting
  • internal controls and governance
  • teaching and research.

Financial reporting is an important element of good governance. Confidence and transparency in university sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of universities in NSW for 2022.

Section highlights

  • The 2022 financial statements of all ten universities received unmodified audit opinions.
  • Wage remediation provisions across the NSW universities increased by 116% to $110 million at 31 December 2022.
  • Nine universities reported net deficits in 2022, and all showed a decline from 2021 results.
  • Revenue from overseas students decreased by 0.5% in 2022, as overseas student enrolments decreased by 1.2%. Almost 42% of universities' fees and charges revenue in 2022 came from overseas students from three countries (down from 43% in 2021).
  • Revenue from domestic students decreased by 0.7% in 2022, as domestic student enrolments decreased by 5.3%.
  • Combined expenditure for universities increased by 6.6% to $11.2 billion in 2022. Most of this was attributed to employee related expenses, which increased by 4.9%. 

Appropriate financial controls help to ensure the efficient and effective use of resources and administration of policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of NSW universities.

Our audits do not review all aspects of internal controls and governance every year. The more significant issues and risks are included in this chapter. These, along with the less significant matters, are reported to universities for management to address.

Section highlights

  • The 2022 audits identified six high risk and 36 moderate risk issues across NSW universities. Sixteen of the moderate risk issues were repeat issues. Many repeat issues related to information technology controls around user access management.
  • The number of repeat deficiencies has decreased with 41 reported in 2022 compared to 45 in 2021.
  • Two out of 13 entities reported financial losses from cyber incidents during 2022.
  • Retention policies on personally identifiable information (PII) vary across entities and opportunities exist for entities to further limit their PII exposure risk from cyber attack.

Universities' primary objectives are teaching and research. They invest most of their resources aiming to achieve quality outcomes in academia and student experience. Universities have committed to achieving certain government targets and compete to advance their reputation and their standing in international and Australian rankings.

This chapter outlines teaching and research outcomes for universities in NSW for 2022.

Section highlights

  • Seven universities were reported as having full-time employment rates of their domestic undergraduates in 2022 that were greater than the national average.
  • Enrolments at NSW universities decreased the most in Science related courses in 2022. The largest increase in enrolments was in Health courses.
  • On average, universities delivered 21% of their courses primarily through online means in 2022, a decrease from 59% in 2021.
  • Five universities in 2021 were reported as meeting the target enrolment rate for students from low socio-economic status (SES) backgrounds.
  • Seven universities reported increased enrolments of Aboriginal and Torres Strait Islander students in 2021.

Appendix one – List of 2022 recommendations

Appendix two – Status of 2021 recommendations

Appendix three – Universities' controlled entities 

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

View our audit program
View audit program
EXPLORE
upcoming audits
Have your say
CONTRIBUTE