Refine search Expand filter

Audit progress

- Any -

Sector

- Any -

Year

- Any -

Report type

- Any -

Topic

- Any -

Reports

Published

Cyber security in local government

Local Government
Cyber security
Information technology
Internal controls and governance
Management and administration
Risk

What this report is about

NSW local councils provide a wide range of essential services and infrastructure to their communities and are increasingly reliant on digital technologies.

Councils need to manage cyber security risks to ensure their information, data and systems are appropriately safeguarded. Councils also need to be prepared to detect, respond and recover when a cyber security incident occurs.

The audit assessed how effectively three selected councils identified and managed cyber security risks.

The audit also included the Department of Planning, Housing and Infrastructure (Office of Local Government) and Department of Customer Service (Cyber Security NSW), due to their roles in providing guidance and support to local councils.

Audit findings

The audit found that the selected councils are not effectively identifying and managing cyber security risks. Each of the councils undertook activities to improve their cyber security during the audit period, but this audit found significant gaps in their cyber security risk management and cyber security processes.

Such gaps result in unmitigated risks to the security of information and assets which, if compromised, could impact their local communities, service delivery and public infrastructure.

Cyber Security NSW and the Office of Local Government recommend that councils adopt requirements in the Cyber Security Guidelines for Local Government, but could do more to monitor whether the Guidelines are enabling better cyber security risk management in the sector.

Audit recommendations

In summary, the councils should:

  • integrate assessment and monitoring of cyber security risks into corporate governance processes
  • self-assess their performance against Cyber Security NSW's guidelines for local government
  • develop and implement a risk-based cyber security improvement plan and program of activities
  • develop, implement and test a cyber incident response plan.

Cyber Security NSW and the Office of Local Government should regularly consult on cyber security risks facing local government, and review the effectiveness of guidelines and related resources for the sector.

While this report focuses on the performance of the selected councils, the findings and recommendations should be considered by all councils to better understand their risks and challenges relevant to managing cyber security risks.

 

Read the PDF report

Parliamentary reference - Report number #392- released 26 March 2024

Published

Local Government 2023

Local Government
Asset valuation
Cyber security
Financial reporting
Fraud
Information technology
Internal controls and governance

What this report is about

Results of the local government sector financial statement audits for the year ended 30 June 2023.

Findings

Unqualified audit opinions were issued for 85 councils, eight county councils and 12 joint organisations.

Qualified audit opinions were issued for 36 councils due to non-recognition of rural firefighting equipment vested under section 119(2) of the Rural Fires Act 1997.

The audits of seven councils, one county council and one joint organisation remain in progress at the date of this report due to significant accounting issues.

Fifty councils, county councils and joint organisations missed the statutory deadline of submitting their financial statements to the Office of Local Government, within the Department of Planning, Housing and Infrastructure, by 31 October.

Audit management letters included 1,131 findings with 40% being repeat findings and 91 findings being high-risk. Governance, asset management and information technology continue to represent 65% of the key areas for improvement.

Fifty councils do not have basic governance and internal controls to manage cyber security.

Recommendations

To improve quality and timeliness of financial reporting, councils should:

  • adopt early financial reporting procedures, including asset valuations
  • ensure integrity and completeness of asset source records
  • perform procedures to confirm completeness, accuracy and condition of vested rural firefighting equipment.

To improve internal controls, councils should:

  • track progress of implementing audit recommendations, and prioritise high-risk repeat issues
  • continue to focus on cyber security governance and controls.

 

Read the PDF report

Published

Regulation insights

Environment
Finance
Health
Local Government
Planning
Whole of Government
Compliance
Cyber security
Internal controls and governance
Management and administration
Procurement
Regulation
Risk

What this report is about

In this report, we present findings and recommendations relevant to regulation from selected reports between 2018 and 2024.

This analysis includes performance audits, compliance audits and the outcomes of financial audits.

Effective regulation is necessary to ensure compliance with the law as well as to promote positive social and economic outcomes and minimise risks with certain activities.

The report is a resource for public sector leaders. It provides insights into the challenges and opportunities for more effective regulation.

Audit findings

The analysis of findings and recommendations is structured around four key themes related to effective regulation:

  • governance and accountability
  • processes and procedures
  • data and information management
  • support and guidance.

The report draws from this analysis to present insights for agencies to promote effective regulation. It also includes relevant examples from recent audit reports.

In this report, we also draw out insights for agencies that provide a public sector stewardship role.

The report highlights the need for agencies to communicate a clear regulatory approach. It also emphasises the need to have a consistent regulatory approach, supported by robust information about risks and accompanied with timely and proportionate responses.

The report highlights the need to provide relevant support to regulated parties to facilitate compliance and the importance of transparency through reporting of meaningful regulatory information.

 

Read the PDF report

Published

Flood housing response

Planning
Whole of Government
Community Services
Premier and Cabinet
Internal controls and governance
Management and administration
Procurement
Project management
Risk
Service delivery
Shared services and collaboration

What this report is about

Extreme rainfall across eastern Australia in 2021 and 2022 led to a series of major flood events in New South Wales.

This audit assessed how effectively the NSW Government provided emergency accommodation and temporary housing in response to the early 2022 Northern Rivers and late 2022 Central West flood events.

Responsible agencies included in this audit were the Department of Communities and Justice, NSW Reconstruction Authority, the former Department of Planning and Environment, the Department of Regional NSW and the Premier’s Department.

Findings

The Department of Communities and Justice rapidly provided emergency accommodation to displaced persons immediately following these flood events.

There was no plan in place to guide a temporary housing response and agencies did not have agency-level plans for implementing their responsibilities.

The NSW Government rapidly procured and constructed temporary housing villages. However, the amount of temporary housing provided did not meet the demand.

There is an extensive waitlist for temporary housing and the remaining demand in the Northern Rivers is unlikely to be met. The NSW Reconstruction Authority has not reviewed this list to confirm its accuracy.

Demobilisation plans for the temporary housing villages have been developed, but there are no long-term plans in place for the transition of tenants out of the temporary housing.

Agencies are in the process of evaluating the provision of emergency accommodation and temporary housing.

The findings from the 2022 State-wide lessons process largely relate to response activities.

Audit recommendations

The NSW Reconstruction Authority should:

  • Develop a plan for the provision of temporary housing.
  • Review the temporary housing waitlist.
  • Determine a timeline for demobilising the temporary housing villages.
  • Develop a strategy to manage the transition of people into long-term accommodation.
  • Develop a process for state-wide recovery lessons learned.

All audited agencies should:

  • Finalise evaluations of their role in the provision of emergency accommodation and temporary housing.
  • Develop internal plans for implementing their roles under state-wide plans.

Read the PDF report

Parliamentary reference - Report number #389 - released 22 February 2024

Published

Procurement of services for the Park'nPay app

Finance
Local Government
Information technology
Internal controls and governance
Procurement
Project management

What this report is about

The report assesses whether the Department of Customer Service (the department) complied with legislation and NSW government policy when it directly negotiated with Duncan Solutions to procure backend services relating to the Park'nPay app.

The Park'nPay app, developed by the department, enables users to locate and pay for parking remotely using their smart mobile device.

The audit found

The department failed to establish the grounds for entering a direct negotiation procurement strategy, without any competitive tendering, for services for the Park'nPay app. It rushed a decision to trial the app in The Rocks, without considering how this might affect its procurement obligations.

There is no evidence that the procurement achieved value for money. Despite being required by legislation, as well as mandatory NSW government policy, the department did not consider how it would ensure value for money, nor did it demonstrate an adequate understanding of what is meant by value for money on this occasion.

The department failed to implement key probity requirements. There was no effective management of conflicts of interest. Key decisions were not documented. There was a lack of clarity, transparency, and oversight of the relationship between the Minister's office and staff in the department.

The audit made recommendations about

  1. making and retaining complete and accurate records, particularly on decisions to commit or expend public money
  2. ensuring department staff understand how to exercise their financial delegations and procurement processes
  3. ensuring that only staff with appropriate delegations are committing or approving the spending of public money
  4. consistency with the contract extension provisions of the NSW Government Procurement Policy Framework, particularly regarding ensuring value for money
  5. protocols to guide the interactions between department staff and Minister and Minister's staff
  6. the need for proper management and oversight of contingent workers, such as contractors.

 

On 27 February 2019 the then Minister for Finance, Services and Property announced the commencement of a Park’nPay app trial in The Rocks precinct of Sydney.

The app was intended to enable users to locate and pay for parking remotely, using their smart mobile device such as a phone or tablet, rather than needing to physically be at a parking meter.

In July 2019, following a direct negotiation procurement conducted by the then Department of Finance, Services and Innovation, a contract was executed with Duncan Solutions for an estimated value of $1,260,600 over three-years, with three single-year options to extend. The contract required Duncan Solutions to provide development services to link the Park'nPay app to its Parking Enterprise Management System platform and to provide ongoing software support services.

This audit assessed whether the department complied with the procurement obligations that applied at the time it procured these services from Duncan Solutions.

This audit focussed on the department's processes and decision-making relating to:

  • the direct negotiation with Duncan Solutions at the exclusion of any other potential supplier
  • the negotiation, execution and management of the contract with Duncan Solutions.

As this audit focusses on the department's procurement and contract management processes, it does not comment on the activities of Duncan Solutions. The detailed audit objective, criteria and audit approach are in Appendix three.

The auditee is the Department of Customer Service. As a result of machinery of government changes, the Department of Finance, Services, and Innovation became the Department of Customer Service from 1 July 2019. To avoid confusion, this report simply uses ‘the department’ to refer to either. Where the report refers to the Minister, it relates to the former Minister in office at the time.

Conclusion

The department failed to establish the grounds for entering a direct negotiation procurement strategy for services for the Park'nPay app. It rushed a decision to trial the app in The Rocks, without considering how this might affect its procurement requirements.

As part of a direct negotiation process, the department was required to, but did not:

  • undertake a comprehensive analysis of the market and all relevant factors to demonstrate that a competitive process does not need to be conducted
  • conduct a risk assessment for the procurement approach
  • follow the internal delegation process, including obtaining approval of the department's delegate and endorsement of the Chief Procurement Officer.

There is no evidence that the procurement to support Park'nPay represented value for money. Despite it being required by legislation, as well as mandatory NSW Government policy, the department did not consider how to ensure value for money, nor demonstrate an adequate understanding of what is meant by value for money in this case.

The department issued no tender or expression of interest documents against which any proposal could be assessed, and it had no tender evaluation plan, committee, or criteria. Without any objective standards against which the supplier's proposal could be assessed, it was not possible for the department to determine if value for money was achieved, and no value for money has been demonstrated.

The department failed to implement key probity requirements. There was no effective management of conflicts of interest. Key decisions were not documented. There was a lack of clarity, transparency, and oversight of the relationship between the Minister's office and staff in the department.

No conflict of interest declarations were made by staff until almost one year after the direct negotiations commenced and even then they were not made by all members of the negotiation team and key decision-makers.

The department did not document the reasons for its decisions or minute key meetings, such as when, why and by whom the decision was made to transform the procurement from a 'trial' to a contract of up to six years duration. The department had no policies guiding the interactions between the Minister, the Minister's office and staff in the department (including contractors) in relation to this initiative, resulting in blurred and uncertain roles, responsibilities, and accountabilities.

The department initially sought to withhold information from the Audit Office pertaining to Park'nPay. When questions were raised through external scrutiny, there was little evidence of genuine inquiry or review into its practices to ensure improvement and compliance.

The department deliberately sought to withhold information from the Audit Office of NSW when initial inquiries were lawfully made about the Park'nPay project in the context of the audit of the department's financial statements in May 2021.

There is also limited evidence to demonstrate the department has reviewed the decisions and practices around the Park'nPay project, despite receiving internal legal advice at the time that questioned the characterisation of the procurement as a 'pilot', and external scrutiny via the NSW Parliament's Budget Estimates Committee hearings. This indicates a risk that opportunities to review and improve the department's procurement practices based on learnings from this process have been missed.

 

Appendix one – Response from auditee

Appendix two – Key requirements of the department's procurement manual 

Appendix three – About the audit 

Appendix four– Performance auditing

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #387 - released 14 December 2023

 

Published

Premier and Cabinet 2023

Premier and Cabinet
Whole of Government
Asset valuation
Compliance
Cyber security
Financial reporting
Fraud
Information technology
Procurement
Regulation
Risk
Workforce and capability

What this report is about

Results of the Premier and Cabinet portfolio of agencies' financial statement audits for the year ended 30 June 2023.

What we found

Unqualified audit opinions were issued for all Premier and Cabinet portfolio agencies.

What the key issues were

The Administrative Arrangements Orders, effective 1 July 2023, changed the name of the Department of Premier and Cabinet to the Premier's Department and transferred parts of Department of Premier and Cabinet to The Cabinet Office.

The number of monetary misstatements identified in our audits decreased from 15 in 2021–22 to 12 in 2022–23.

The total number of management letter findings across the portfolio of agencies increased from ten in 2021–22 to 20 in 2022–23.

Thirty per cent of all issues were repeat issues. The most common repeat issues related to deficiencies in controls over financial reporting.

What we recommended

Portfolio agencies should:

  • ensure any changes to employee entitlements are assessed for their potential financial statements impact under the relevant Australian Accounting Standards
  • prioritise and address internal control deficiencies identified in Audit Office management letters.

This report provides Parliament and other users of the Premier and Cabinet portfolio of agencies’ financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

  • financial reporting
  • audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Premier and Cabinet portfolio of agencies (the portfolio) for 2023.

Section highlights

  • Unqualified audit opinions were issued on all the portfolio agencies 2022–23 financial statements.
  • The total number of errors (including corrected and uncorrected) in the financial statements decreased compared to the prior year. 

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Premier and Cabinet portfolio.

Section highlights

  • The 2022–23 audits identified eight moderate risk issues across the portfolio of agencies. Of these, two were repeat issues, and related to password and security configuration and management of excessive annual leave.
  • The total number of findings increased from ten to 20, which mainly related to deficiencies in controls over financial reporting and governance and oversight.
  • The most common repeat issues related to weaknesses in controls over financial reporting.

Appendix one – Early close procedures

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

State heritage assets

Environment
Local Government
Planning
Compliance
Management and administration
Regulation
Risk

What the report is about

This audit assessed how effectively the Department of Planning and Environment (Heritage NSW) is overseeing and administering heritage assets of state significance.

Heritage that is rare, exceptional or outstanding to New South Wales may be listed on the State Heritage Register under the Heritage Act 1977. This provides assets with legal recognition and protection. Places, buildings, works, relics, objects and precincts can be listed, whether in public or private ownership.

Heritage NSW has administrative functions and regulatory powers, including under delegation from the Heritage Council of NSW, relevant to the listing, conservation and adaptive re-use of heritage assets of state significance.

In summary, the audit assessed whether Heritage NSW:

  • is effectively administering relevant advice and decisions
  • is effectively supporting and overseeing assets
  • has established clear strategic priorities and can demonstrate preparedness to implement these.

What we found

Heritage NSW does not have adequate oversight of state significant heritage assets, presenting risks to its ability to promote the objects of the Heritage Act.

Information gaps and weaknesses in quality assurance processes limit its capacity to effectively regulate activities affecting assets listed on the State Heritage Register.

Heritage NSW has adopted a focus on customer service and recently improved its timeliness in providing advice and making decisions about activities affecting listed assets. But Heritage NSW has not demonstrated how its customer-focused priorities will address known risks to its core regulatory responsibilities.

Listed assets owned by government entities are often of high heritage value. Heritage NSW could do more to promote effective heritage management among these entities.

What we recommended

The report made eight recommendations to Heritage NSW, focusing on:

  • improving quality assurance over advice and decisions
  • improving staff guidance and training
  • defining and maintaining data in the State Heritage Register
  • clarifying its regulatory intent and approach
  • sector engagement and interagency capability to support heritage outcomes.

The Heritage Act 1977 (the Heritage Act) and accompanying regulation provide the legal framework for the identification, conservation and adaptive re-use of heritage assets in New South Wales.

The Department of Planning and Environment (Heritage NSW) has responsibility for policy, legislative and program functions for state heritage matters, including supporting the Minister for Heritage to administer the Heritage Act.

Heritage assets that are rare, exceptional or outstanding beyond a local area or region may be listed on the State Heritage Register under the Heritage Act. These assets include places, buildings, works, relics, moveable objects and precincts, and assets that have significance to Aboriginal communities in New South Wales. Assets nominated for and listed on the State Heritage Register ('listed assets') may be owned privately or publicly, including by local councils and state government entities.

The Heritage Act establishes the Heritage Council of NSW (the Heritage Council) to undertake a range of functions in line with its objectives. Heritage NSW provides administrative support to the Heritage Council, for example providing advice on assets that have been nominated for listing on the State Heritage Register. Many of Heritage NSW’s core activities also relate to exercising functions and powers under delegation from the Heritage Council. These include making administrative decisions about works affecting listed assets, and exercising powers to regulate asset owners’ compliance with requirements under the Heritage Act.

Heritage NSW states that heritage:

…gives us a sense of our history and provides meaningful insights into how earlier generations lived and developed. It also enriches our lives and helps us to understand who we are.  

According to Heritage NSW, an effective heritage system will facilitate the community in harnessing the cultural and economic value of heritage.

The objective of this audit was to assess how effectively the Department of Planning and Environment (Heritage NSW) is overseeing and administering heritage assets of state significance.

For this audit, ‘heritage assets of state significance’ refers to items (including a place, building, work, relic, moveable object or precinct) listed on the State Heritage Register ('listed assets'), and those which have been nominated for listing.

Conclusion

The Department of Planning and Environment (Heritage NSW) does not have adequate oversight of state significant heritage assets. Information gaps and weaknesses in certain assurance processes limit its capacity to effectively regulate activities affecting assets listed on the State Heritage Register. These factors also constrain its ability to effectively support voluntary compliance and promote the objects of the Heritage Act, which include encouraging conservation and adaptive re-use.
Heritage NSW has adopted a focus on customer service and recently improved the timeliness of its advice and decisions on activities affecting listed assets. But Heritage NSW has not demonstrated how its customer service priorities will address known risks to its regulatory responsibilities. It could also do more to enable and promote effective heritage management among state government entities that own listed assets.

The information that Heritage NSW maintains about assets listed on the State Heritage Register ('listed assets') is insufficient for its regulatory and owner engagement purposes. Data quality and completeness issues have arisen since the register was established in 1999. But Heritage NSW's progress to address important gaps in the register, and its other information systems, has been limited in recent years. These gaps limit Heritage NSW’s capacity to detect compliance breaches early and implement risk-based regulatory responses, and to strategically target its owner engagement activities to promote conservation and re-use.

Heritage NSW makes decisions on applications for works on listed assets, requiring technical skills and professional judgement. But Heritage NSW does not provide its staff with adequate guidance to ensure that consistent approaches are used, and it lacks sufficient quality assurance processes. There are similar weaknesses in Heritage NSW's oversight of decisions on applications that are delegated to other government entities.

Heritage NSW has prioritised the implementation of customer service-focused activities, policies, and programs to reduce regulatory burdens on asset owners since 2017. For example, Heritage NSW has refreshed its website, introduced new information management systems, and implemented new regulation for the self-assessment of exemptions for minor works. However, Heritage NSW has not taken steps to mitigate oversight and quality risks introduced with the reduced regulatory burdens. Heritage NSW has made some, but to date insufficient, progress on a key project to update its publications. These documents (over 150 publications) are intended to play an important role in promoting voluntary compliance and supporting heritage outcomes. Heritage NSW started a new project to update relevant publications in April 2023.

Heritage NSW has recently implemented processes to improve its efficiency, such as screening new nominations for listing on the State Heritage Register. Heritage NSW has also reported improvements in the time it takes to decide on applications for works affecting listed assets. In the third quarter of 2022–23, 87% of decisions were made within the statutory timeframes. This compares to 48% in 2021–22. Heritage NSW has similarly improved how quickly it provides heritage advice on major projects, with 90% of advice reported as delivered on time in the third quarter of 2022–23, compared to 44% in 2020–21.

Assets owned by state government entities comprise a large proportion of State Heritage Register listings. These assets are often of high heritage value or situated within large and complex precincts or portfolios. But Heritage NSW does not implement targeted capability building activities to support good practice heritage management among state government entities and to promote compliance with their obligations under the Heritage Act.

The expected interaction between Heritage NSW's strategic plans and activities, and the priorities of the Heritage Council of NSW, is unclear. Actions to clarify the relevant governance arrangements have also been slow following a review in 2020 but this work re-commenced in late 2022.

Heritage NSW has been progressing work to draft reforms to the Heritage Act. This follows recommendations made in a 2021 Upper House Inquiry into the Heritage Act. To build preparedness for future reforms, Heritage NSW will need to do more to address the risks and opportunities identified in this audit report. In particular, it will need to ensure it has sufficient information and capacity to implement a risk-based regulatory approach; clear and effective governance arrangements with the Heritage Council of NSW; and enhanced engagement with government entities to promote the conservation and adaptive re-use of listed assets in public ownership.

This chapter assesses the effectiveness of Heritage NSW's oversight of state heritage assets, including its visibility of listed assets, and its oversight of regulatory decision-making. It also assesses Heritage NSW's activities to engage with owners to meet their obligations under the Heritage Act and to support heritage outcomes.

This chapter assesses the timeliness of Heritage NSW’s provision of advice, recommendations, and decisions on heritage issues to support heritage management outcomes with respect to listed assets.

This chapter assesses whether the Department of Planning and Environment (Heritage NSW) has established clear strategic priorities to effectively oversee and administer activities related to listed assets, and its preparedness to implement reforms. It also assesses the adequacy of planning activities and governance arrangements to support the achievement of strategic directions.

Appendix one – Response from agency

Appendix two – About the audit

Appendix three – Performance auditing

 

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #384 - released 27 June 2023

Published

Local Government 2022

Local Government
Asset valuation
Cyber security
Financial reporting
Information technology

This report is about

Results of the local government sector financial statement audits for the year ended 30 June 2022.

What we found

Unqualified audit opinions were issued for 83 councils, 11 joint organisations and nine county councils' financial statements.

The financial audits for two councils and two joint organisations are in progress due to accounting issues.

Fifty-seven councils and joint organisations (2021: 41) required extensions to submit their financial statements to the Office of Local Government (OLG), within the Department of Planning and Environment (the department).

The audit opinion on Kiama Municipal Council's 30 June 2021 financial statements was disclaimed due to deficient books and records.

Qualified audit opinions were issued on 43 councils' financial statements due to non-recognition of rural firefighting equipment vested under section 119 (2) of the Rural Fires Act 1997. Forty-seven councils appropriately recognised this equipment.

What we recommended

Consistent with the NSW Government's accounting position and the department's role of assessing councils' compliance with legislative responsibilities, standards or guidelines, the department should intervene where councils do not recognise vested rural firefighting equipment.

The key issues

There were 1,045 audit findings reported to councils in audit management letters, with 52% being unresolved from prior years.

What we recommended

Councils need to track progress of implementing audit recommendations, giving priority to high-risk and repeat issues.

Ninety-three high-risk matters were identified across the sector mainly relating to asset management, information technology, financial accounting and council governance procedures.

Asset valuations

Audit management letters reported 267 findings relating to asset management. Fifty-three councils had deficiencies in processes that ensure assets are fairly stated.

What we recommended

Councils need to complete timely asset valuations (repeat recommendation).

Integrity and completeness of asset source records

Fifty-two councils had weak processes over the integrity of fixed asset registers.

What we recommended

Councils need to improve controls that ensure integrity of asset records (repeat recommendation).

Cybersecurity

Our audits found that 47% of councils did not have a cyber security plan.

What we recommended

All councils need to prioritise creation of a cyber security plan to ensure data and assets are safeguarded.

Pursuant to the Local Government Act 1993 I am pleased to present my Auditor-General's report on Local Government 2022. My report provides the results of the 2021–22 financial audits of 126 councils, 11 joint organisations and nine county councils. The audits for two councils and two joint organisations are in progress due to significant accounting issues.

Unqualified audit opinions were issued for 83 councils, 11 joint organisations and nine county councils' 2021–22 financial statements. The statements for 43 councils were qualified due to non-recognition of rural firefighting equipment vested under section 119 (2) of the Rural Fires Act 1997. And the audit opinion on Kiama Municipal Council's 30 June 2021 financial statements was disclaimed due to deficiencies in books and records.

This year has again been challenging for many New South Wales local councils still recovering from the impact of emergency events and facing cost and resourcing pressures. We appreciate the efforts of council staff and management in meeting their financial reporting obligations. We share a mutual interest in raising the standard of financial management in this sector, and the importance of accurate and transparent reporting.

Disappointingly, accounting for the value of rural firefighting equipment vested in councils continued to be an unnecessary distraction and resulted in 43 councils having their financial statements qualified. We continue to recommend that the Office of Local Government should intervene where councils fail to comply with Australian Accounting Standards by not recognising assets vested to them under section 119(2) of the Rural Fires Act 1997.

Sound financial management is critical to councils' ability to instil trust and properly serve their communities. The recommendations in this report are intended to further improve their financial management and reporting capability, and encourage sound governance arrangements and cyber resilience. I am committed to continuing this work with councils in the 2022–23 year and beyond.

 

Margaret Crawford PSM

Auditor-General for New South Wales

Financial reporting is an important element of good governance. Confidence in and transparency of public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines audit observations related to the financial reporting audit results of councils and joint organisations.

Section highlights

  • Ninety-three councils and joint organisations (2020–21: 109) lodged audited financial statements with OLG by the statutory deadline of 31 October.
  • More councils received extensions. Fifty-seven councils and joint organisations (2020–21: 41) received extensions to submit audited financial statements to OLG.
  • Unqualified audit opinions were issued for 83 councils, 11 joint organisations and nine county councils 2021–22 financial statements.
  • A disclaimer of audit opinion was issued to Kiama Municipal Council relating to the 30 June 2021 financial statements.
  • The audits of two councils and two joint organisations are still in progress as at the date of this report due to significant accounting issues.
  • Qualified audit opinions were issued for 43 councils (2020–21: one) due to non-recognition of rural firefighting equipment vested to councils under the Rural Fires Act 1997 in their financial statements. Forty-seven councils appropriately recognised this equipment.
  • Since 2017, the Audit Office of New South Wales has recommended that OLG address the different practices across the local government sector in accounting for the rural firefighting equipment. Despite repeated recommendations, the OLG has not been effective in resolving this issue.
  • The OLG within the department should now intervene where councils do not recognise rural firefighting equipment.
  • The total number of errors and total dollar values (including corrected and uncorrected) in the financial statements decreased compared to prior year.
  • Eighty-two per cent of councils performed some early financial reporting procedures (2020–21: 59%). We continue to recommend that OLG should require early close procedures across the local government sector.

A strong system of internal controls enables councils to operate effectively and efficiently, produce reliable financial reports, comply with laws and regulations, and support ethical government.

This chapter outlines the overall trends in governance and internal controls across councils and joint organisations in 2021–22.

Financial audits focus on key governance matters and internal controls supporting the preparation of councils’ financial statements. Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues are reported to management and those charged with governance through audit management letters. These letters include our observations, related implications, recommendations and risk ratings.

Section highlights

  • Total number of audit findings reported in audit management letters decreased from 1,277 in 2020–21 to 1,045 in 2021–22.
  • Total number of high-risk audit findings increased from 92 in 2021–21 to 93 in 2021–22. Forty-three (2020–21: 60) of the high-risk findings in 2021–22 related to the non-recognition of vested rural firefighting equipment in councils’ financial statements.
  • Ninety per cent of total high-risk findings in 2021–22 were repeat findings. Thirty-two per cent of these high-risk findings were escalated from unactioned moderate risk findings in 2020–21.
  • Fifty-two per cent (2020–21: 53%) of findings reported in audit management letters were repeat or partial repeat findings. We continue to recommend councils and those charged with governance track progress of implementing recommendations from our audits.
  • Governance, asset management and information technology comprise over 65% (2020–21: 62%) of findings and continue to be key areas requiring improvement. Eleven per cent of these findings were high risk in 2021–22.
  • A number of repeat recommendations were made relating to asset valuations and integrity of asset data records, in response to the findings that:
    • 52 (2021: 67) councils had weak processes over maintenance, completeness and security of fixed asset registers
    • 53 (2021: 58) councils had deficiencies in their processes to revalue infrastructure assets.
  • Sixty-three (2021: 65) councils have yet to implement basic governance and internal controls to manage cyber security. We recommended that all councils should create a cyber security plan in order to ensure cyber security risks over key data and IT assets are appropriately managed and key data is safeguarded. Councils should refer to the ‘Cyber Security Guidelines for NSW Local Government’ released by the OLG.

Total number of findings reported in audit management letters decreased

The following shows the overall findings of the 2021–22 audits reported in management letters compared with the previous year.

Appendix one – Response from the Office of Local Government within the Department of Planning and Environment

Appendix two – Status of audits

Appendix three – Councils received qualified audit opinions

Appendix four – Common reasons for council extensions

 

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Published

Natural disasters

Community Services
Environment
Finance
Local Government
Planning
Transport
Treasury
Whole of Government
Asset valuation
Compliance
Financial reporting
Infrastructure
Regulation
Risk
Service delivery

What this report is about

This report draws together the financial impact of natural disasters on agencies integral to the response and impact of natural disasters during 2021–22.

What we found

Over the 2021–22 financial year $1.4 billion from a budget of $1.9 billion was spent by the NSW Government in response to natural disasters.

Total expenses were less than the budget due to underspend in the following areas:

  • clean-up assistance, including council grants
  • anticipated temporary accommodation support
  • payments relating to the Northern Rivers Business Support scheme for small businesses.

Natural disaster events damaged council assets such as roads, bridges, waste collection centres and other facilities used to provide essential services. Additional staff, contractors and experts were engaged to restore and repair damaged assets and minimise disruption to service delivery.

At 30 June 2022, the estimated damage to council infrastructure assets totalled $349 million.

Over the first half of the 2022–23 financial year, councils experienced further damage to infrastructure assets due to natural disasters. NSW Government spending on natural disasters continued with a further $1.1 billion spent over this period.

Thirty-six councils did not identify climate change or natural disaster as a strategic risk despite 22 of these having at least one natural disaster during 2021–22.

Section highlights

  • $1.4 billion from a budget of $1.9 billion was spent by the NSW Government in response to natural disasters during 2021–22.
  • Budget underspent for temporary housing and small business support as lower than expected need.

Section highlights

  • 83 local council areas were impacted by natural disasters during 2021–22, with 58 being impacted by more than one type of natural disaster.
  • $349 million damage to council infrastructure assets at 30 June 2022.

 

Published

Regulation and monitoring of local government

Planning
Whole of Government
Environment
Local Government
Compliance
Regulation
Risk

What the report is about

The Office of Local Government (OLG) in the Department of Planning and Environment is responsible for strengthening the local government sector, including through its regulatory functions.

This audit assessed whether the OLG is effectively monitoring and regulating the sector under the Local Government Act 1993. The audit covered:

  • the effectiveness of departmental arrangements for the OLG to undertake its regulatory functions
  • whether the OLG has effective mechanisms to monitor and respond to risks and issues relating to council compliance and performance.

What we found

The OLG does not conduct effective, proactive monitoring to enable timely risk-based responses to council performance and compliance issues.

The OLG has not clearly defined and communicated its regulatory role to ensure that its priorities are well understood.

The OLG does not routinely review the results of its regulatory activities to improve its approaches.

The department lacks an adequate framework to define, measure and report on the OLG's performance, limiting transparency and its accountability.

The OLG's new strategic plan presents an opportunity for the OLG to better define, communicate, and deliver on its regulatory objectives.

What we recommended

The OLG should:

  • publish a tool to support councils to self-assess risks and report on their performance and compliance
  • ensure its council engagement strategy is consistent with its regulatory approach
  • report each year on its regulatory activities and performance
  • publish a calendar of its key sector support and monitoring activities
  • enhance processes for internally tracking operational activities
  • develop and maintain a data management framework
  • review and update frameworks and procedures for regulatory responses.

 

The Local Government Act 1993 (the LG Act) provides the legal framework for the system of local government in New South Wales. The LG Act describes the functions of councils, county councils and joint organisations which should be exercised consistent with the guiding principles and requirements of the LG Act. Councils also have functions and responsibilities under other Acts.

There are 128 local councils, nine county councils and 13 joint organisations of councils in the New South Wales local government sector. Each council is unique in size and location, owns and manages assets, and delivers services for their communities. According to 2021–22 data provided by the Department of Planning and Environment (the department), local councils managed $175.2 billion in infrastructure, property plant and equipment, held $16.8 billion of cash and investments, collected $7.8 billion in rates and charges and entered into $3.7 billion of borrowings. Councils' decision-making responsibilities directly impact the communities they serve, including responsibilities relevant to financial management, economic development, environmental sustainability and community wellbeing.

Under the LG Act, each elected council is accountable to the community they serve. In addition to Auditor-General reports, issues relating to council performance and compliance have been identified in public inquiries commissioned by the Minister for Local Government and investigations by the Independent Commission Against Corruption, NSW Ombudsman and Office of Local Government (OLG). Challenges and opportunities related to the operations and sustainability of the local government sector have also been reported by the sector and identified in reports by NSW government agencies such as the Independent Pricing and Regulatory Tribunal.

The department is the primary state government agency with responsibility for policy, legislative, regulatory and program functions for local government matters. The Office of Local Government (OLG) is a business unit within the department that advises the Minister for Local Government and exercises delegated functions of the Secretary of the Department of Planning and Environment under the LG Act.

Key departmental planning documents state that the OLG is responsible for strengthening the sustainability, performance, integrity, transparency and accountability of the local government sector. As the state regulator of the local government sector, the OLG aims to promote voluntary compliance, build councils' capacity for high performance, and intervene only when 'warranted and appropriate'. Relevant regulatory activities include issuing guidelines, investigating councils and councillors, and supporting the Minister for Local Government's discretionary intervention powers. The OLG's other functions include developing policy, administering grants and programs, supporting local government election processes, and issuing certain approvals.

The objective of this audit was to assess whether the OLG is effectively monitoring and regulating the local government sector under the LG Act. The assessment included:

  • the effectiveness of departmental arrangements for the OLG to undertake its regulatory functions
  • whether the OLG has effective mechanisms to monitor and respond to risks and issues relating to council compliance and performance.

This report focuses on the OLG’s activities relevant to powers under Chapter 13 of the LG Act, and related regulatory activities, such as monitoring risks, issuing guidance and engaging with councils. It also examines strategic and operational planning for these activities in the context of the OLG's other activities, and departmental arrangements to oversee and enable the OLG's regulatory effectiveness.

Other OLG activities were not in scope of the audit but are commented on in this report where contextually relevant. This includes the OLG's responsibilities under the LG Act with respect to councillor misconduct, and the 2022 review of the councillor misconduct framework commissioned by the former Minister for Local Government.

Conclusion

The Office of Local Government (OLG) in the Department of Planning and Environment (the department) does not conduct effective, proactive monitoring to enable timely risk-based responses to council performance and compliance issues. Council performance and compliance varies and a range of issues continue across the local government sector – some significant – that can impact on councils' operations and sustainability.

The department recognises that an effective and efficient sector is 'crucial to the economic and social wellbeing of communities across the State,' but the OLG does not routinely review the results of its regulatory activities to improve its approaches. The OLG has also not clearly defined and communicated its regulatory role to ensure that its priorities are well understood.

Inadequate performance measurement and reporting on its regulatory activities is a significant transparency and accountability issue, and the OLG cannot demonstrate that it is effectively regulating the local government sector.

The department lacks an adequate framework to define, measure and report on the OLG's performance as the state regulator of the sector under the Local Government Act 1993 (the LG Act). The OLG's various council engagement activities are not well structured and coordinated towards delivering on a clearly defined regulatory role and its regulatory priorities are not well understood. In 2022, the OLG identified, in its new strategic plan, that there is a need for it to define its role in the sector. It would be expected that a clearly defined role already underpins its aim to 'strike the right mix of monitoring, intervention, capability improvement and engagement activities'.

The OLG collects various sources of information about council compliance and performance but its systems and processes do not enable structured, proactive sector monitoring to enable timely, risk-based responses. Ineffective sector monitoring is a particular issue in the context of compliance, financial management and governance risks that have been identified in inquiries and reviews by other government agencies including integrity bodies and reported by the sector. Audit Office data for 2021–22 shows that 62 councils did not have or regularly update key corporate governance policies, and 63 do not have basic controls to manage cyber security risks. Further, 31 councils or joint organisations did not meet the statutory requirement to have an audit, risk and improvement committee by 30 June 2022.1

Overall, the OLG has made limited progress on projects that have been identified since 2019 to improve its sector monitoring, such as updating its performance measurement framework for councils. These factors limit its capacity to identify and act on issues early. In early 2023, the OLG started to implement a new council risk assessment tool.

The OLG's two main frameworks to guide its sector improvement and intervention activities were last updated in 2014 and 2017. The OLG considered relevant statutory criteria when advising the Minister on the use of powers to issue performance improvement and suspension orders under the LG Act. But the OLG lacks complete and approved procedures to guide staff when preparing advice and recommendations related to interventions, and other response options. This creates risks to the consistency and transparency of relevant processes.

The department and the OLG have identified that resourcing issues present a risk to the OLG's regulatory functions. Projects since 2021 to review the OLG's budget did not progress. The OLG does not routinely review the costs or evaluate the effectiveness of its regulatory activities.

The OLG's 2022–2026 strategic plan sets out a vision to be, 'A trusted regulator and capability builder enabling councils to better serve their communities'. Implementing the strategic plan presents an opportunity for the OLG to better define, communicate, and deliver on its regulatory objectives towards strengthening the sector. The OLG advises that a delivery plan and performance indicators for its new strategy are being developed, alongside work resulting from the 2022 review of the councillor misconduct framework.

 

1 This data has been sourced through the Audit Office's financial audits of councils. The Local Government 2022 report, which compiles results from the local government sector financial statement audits for the year ended 30 June 2022, will include this and additional data, and related information. This report is expected to be tabled in June 2023.

This chapter considers the effectiveness of departmental arrangements for the OLG to undertake its regulatory functions.

This chapter assesses whether the OLG has effective mechanisms to monitor and respond to risks and issues relating to council compliance and performance.

The OLG’s 2017 Improvement and Intervention Framework is intended to guide appropriate responses to council compliance or performance risks and issues. The publicly available framework states that generally, the OLG will encourage councils to meet their obligations before a more formal intervention will be considered. It also states that any intervention or improvement response will be proportionate to the circumstances.

Appendix one – Response from agency

Appendix two – Statutory powers relevant to council accountability under the Local Government Act

Appendix three – About the audit

Appendix four – Performance auditing

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

 

Parliamentary reference - Report number #380 - released 23 May 2023

View our audit program
View audit program
EXPLORE
upcoming audits
Have your say
CONTRIBUTE