About this report

This report examined whether the NSW Police Force has been efficient and effective in managing and supporting the psychological wellbeing of the police workforce.

Findings

In 2023, the NSW Police Force funded a range of additional wellbeing initiatives to support police. In 2024, a standalone command was established to deliver these initiatives and manage the health and wellbeing of the workforce.

Over the five years from July 2019 to June 2024, the NSW Police Force had increasing numbers of psychological injury claims, escalating compensation costs, and increasing psychological injury medical exits. Since October 2024, there has been a reduction in the number of psychological injury notifications.

The NSW Police Force monitors and reports on psychological injuries to the workforce, but does not monitor, analyse or report on the root causes of these injuries. As a result, the NSW Police Force is not efficiently or effectively preventing future psychological injuries to the police workforce. Work is currently in progress to improve psychological risk reporting.

NSW Police Force wellbeing initiatives provide counselling and support for police after traumatic incidents. The initiatives do not address other psychological risk factors such as fatigue, role overload, or burnout.

Some police commands have higher workload volumes than others, and the NSW Police Force does not have a staffing allocation model to distribute police to locations under the greatest workload pressure.

In the five years from 2020 to 2025, the NSW Police Force invested $34 million on proactive wellbeing services for police, and an additional $60 million on the administrative costs of running the Health Safety and Wellbeing Command.

The cost of compensation for police psychological injuries amounted to approximately $1.75 billion from July 2019 to June 2024.

Recommendations

The NSW Police Force should, by July 2026:

1. develop and implement a workforce allocation model that matches police numbers to command-level workload demands and changing workload levels
2. fully implement the health and safety incident notification system and regularly report on the causal factors that lead to psychological incidents and injury claims
3. investigate and report on the factors that contribute to police role overload and burnout, and adjust policy settings, practices and controls accordingly
4. implement a strategy, process, and evaluation framework, that links police wellbeing initiatives and resources to evidence-based psychological risk factors.

A significant proportion of police report poor wellbeing in the People Matter Employee Survey, but managers do not have detailed information about workforce-wide stressors and risks

In 2024, 44% of police respondents to the People Matter Employee Survey reported unfavourable levels of wellbeing. The self-reported poor wellbeing of police included a reduced ability to function well in the role, and a lack of resources to manage wellbeing in the course of work duties. Other results from the People Matter Employee Survey show that the majority of police respondents do not believe they have support from managers to assist with wellbeing. While 44% of police reported low wellbeing in 2024, this is an improvement on 2023 levels, when 58% of police reported unfavourable wellbeing via the People Matter Employee Survey.

The People Matter Employee Survey is the only workforce-wide, self-reported source of information about police wellbeing risks. While the People Matter Employee Survey provides some insight into police wellbeing, it does not describe the nature, prevalence, or causes of psychological risk to employees. The NSW Police Force does not have an alternative means by which employees can report their psychological stressors, such as a workforce-wide survey.

The People Matter Employee Survey asks generalised questions about whether stress is manageable for the individual, whether employees are experiencing burnout, and whether employees are satisfied with the workplace practices that aim to manage wellbeing. In 2023 and 2024, more than 50% of police respondents recorded unfavourable responses to these three questions.

In the five years from 2019–2020 to 2023–2024, the NSW Police Force recorded an average of 1,100 psychological injury claims each year. Over this timeframe, the cost of psychological workers compensation claims accounted for 74% of total workers compensation claims costs, with physical injuries accounting for 26% of all costs. The psychological injury numbers recorded each year grew from 790 in 2019-2020 to just over 1,200 in 2023-2024.

In 2020, the NSW Police Force conducted a one-off, point-in-time survey, the ‘Mental Wellbeing Climate Survey’. It asked police about their experience and knowledge of existing wellbeing services. However, this survey did not ask police employees about their workplace stressors, or about their views on the nature or cause of psychological risks and injuries.

The NSW Police Force is in the early stages of meeting its obligation to understand workforce psychosocial risks, but needs to do more to understand risks associated with job demands

The NSW Police Force management reporting on psychological health and safety risks has not been sufficiently detailed to assist decision-makers to identify, address, and potentially mitigate risks to the workforce. Police management reports do not contain meaningful data on the causes of psychological injuries in the workforce.

While psychological injury rates were rising across the NSW police workforce, police management reports have lacked information about psychological injury types, or the causes of these injuries. For example, the most common psychological injury type was listed as ‘other mental stress factors’. The second most common psychological risk factor was described as ‘exposure to workplace or occupational violence’, and the third was ‘work pressure’. While these categories are set by Safe Work Australia, they are not sufficiently detailed for the NSW Police Force to understand its workforce risks.

The ten psychological injury categories are listed in order of their prevalence amongst the NSW police workforce are as follows:

• other mental stress factors
• exposure to workplace or occupational violence
• work pressure
• work related harassment and/or workplace bullying
• exposure to a traumatic event
• suicide or attempted suicide
• other and multiple mechanisms of incident
• mental stress related to Novel Coronavirus (COVID-19)
• being assaulted by a person or persons
• other harassment.

From 2019 to 2024, the NSW Police Force had limited identifiers about the nature or causes of these ten risk categories, and no indication of the causes of psychological injury claims. This meant that the NSW Police Force lacked evidence on which to base its control measures, or to manage hazards.

Some of the data in health and safety reports is combined, so it is not possible to distinguish between physical or psychological injury types. For example, reports on the 1,307 injured workers who were unfit for work in June 2024, do not show differentiated data between psychological or physical injuries. Managers cannot see the proportion of 403 police who were deployed to other ‘suitable’ duties in June 2024, by those recovering from psychological injuries, compared to those with physical injuries. This means that managers lack evidence to plan rehabilitation services based on the level of requirement for different service types.

Reports show the impacts of injury on police over time, and the workforce attrition rates that are due to injury. While this data indicates overall impacts of police injury on workforce functioning, data does not show psychological and physical medical exits. In addition, reports do not show psychological medical exits by location or command. Specific data on injury type by location, may point to problem areas in different segments or locations of the workforce.

As an employer, the NSW Police Force has obligations to its employees under the Work, Health and Safety Act 2011 (NSW)

The Work, Health and Safety Act 2011 (NSW) (the Act) requires that employers identify health and safety risks and take reasonable steps to minimise both physical and psychosocial risks. Under Section 27(5) of the Act, ‘reasonable steps’ means that employers must ‘ensure … appropriate processes for receiving and considering information regarding incidents, hazards and risks and responding in a timely way to that information’.

NSW Police Force management reports on health and safety incidents show the number of incidents with psychological risk factors present. While these reports allow managers to track psychological injuries over time, information is not sufficiently detailed to indicate the causes of these injuries. Risks are not fully understood at the workforce-wide level, and so resources cannot be targeted to identified problems.

The NSW Police Force is also able to source information about workforce psychological hazards from individual risk reports made by police employees. The majority of these reports describe potential hazards to the physical safety of police, and in rare instances, psychological risks are reported to peer representatives. Reports are escalated to senior managers and provide some corporate insight into psychological health and safety risks.

Safe Work Australia has identified some of the contributing factors to workforce psychological risks. These include high job demands, excessive workloads, exposure to traumatic incidents or content, and long working hours without enough breaks. Excessive job demands become a psychosocial hazard when workload levels are unmanageable for prolonged periods. Other psychological risk factors include jobs with ‘high emotional demands’. The features of ‘high emotional demands’ have strong correlations with police work. They are:

• exposure to aggression, violence, harassment or bullying
• supporting people in distress (for example, giving bad news), or
• displaying false emotions (for example, being friendly to difficult customers).

The NSW Police Force is implementing a new incident notification system that aims to improve incident investigation reporting on psychosocial risks and hazards

At the time of this audit’s publication in June 2025, the NSW Police Force is implementing a new incident notification reporting system. This system will provide a greater level of detail about the types and causes of psychological incidents, hazards and near misses. In addition, the new system has built-in welfare response notifications that are matched to the workplace incident.

In October 2022, amendments were made to NSW Work Health and Safety Regulations. These obligations imposed a higher standard for monitoring workforce psychosocial risks. They now require that employers introduce a range of control measures to mitigate psychosocial risks and hazards and to ‘eliminate psychosocial risks so far as is reasonably practicable’. The control measures are described in Section 55D (2) of the Regulations and include consideration of:

The NSW Police Force’s new incident notification reporting system has potential to improve the level of information about psychosocial risks and hazards, including information that shows the investigation stages and outcomes, and indicates the root causes of incidents and near misses.

At the time of this audit, NSW police employees are able to report their wellbeing concerns to line managers, but a number of frontline police advised that this course of action can be ‘career limiting’. Police employees are also able to speak with peer-appointed, work, health and safety officers. Work health and safety representatives have meetings with local police in their command on a monthly or quarterly basis, depending on the size of the command. During these meetings, work, health and safety officers record staff issues relating to trauma, psychological risks, and other wellbeing matters. The minutes from these meetings are escalated to senior human resource managers.

Frontline police are able to report individual health, safety and wellbeing concerns through an online ‘safe reporting’ portal. This online option is used to report local risks along with colleague misconduct concerns. However, this feedback portal was not well known by police interviewed for this audit. Those police that knew about the portal option, were concerned that feedback would not be anonymous, and could be traced back to individuals.

The NSW Police Force does not utilise information collected from critical incident reports to identify common psychological hazards that may contribute to these events

Police management reports do not include aggregated data about the factors that were evident in the lead up to critical incidents. Individual incident reports may include information about whether fatigue, stress, or excessive haste were evident when the incident occurred. Reporting on these factors in the aggregate, may reveal to managers, some potential risks, and the root causes of critical incidents.

The NSW Police Force correlates some command-level data about police accidents, work, health and safety incidents, but does not report on the factors that contributed to the psychological injury incident. This information should be visible to central managers and decision-makers who have the authority to direct resources to the areas where risks are identified. For example, managers need information to understand whether segments of the workforce are operating under workload pressures. These pressures can be indicated through workplace accidents and incidents.

In the five years from 2019–2020 to 2023–2024, NSW police officers were involved in 171 critical incidents. Critical incidents are incidents that result in deaths or serious injuries to the public and, or police. Critical incidents are those which occur as a result of police vehicle pursuits and collisions, or the discharge of police firearms. Police managers do not receive reports that might indicate common factors in these incidents – factors that may provide insight into workforce wellbeing and optimal functioning.

Police critical incident notification forms include fields for police to record the time in the shift when an incident occurred. However, police managers have not used this information to observe trends and patterns of incident times and risks. It means, for example, that police managers did not know if factors such as fatigue played a part in police critical incidents.

There is potential for the NSW Police Force to do more to understand the stressors on the workforce. Other employers have developed mechanisms to monitor risks. For example, health providers and hospital managers review and analyse clinical incident trend data. They use this information to identify system-level harms that indicate emerging risks to the workforce and the public, and take action at an organisational level.

Safe Work Australia identifies strategies to understand psychosocial pressures on the workforce. These include monitoring and observing workforce mistakes, as potential indicators of areas where job demands are too high. In addition, Safe Work Australia recommends workforce-wide consultation processes, including the use of surveys and tools to seek the views of workers on a wide range of psychosocial risks.

Ultimately, the NSW Police Force lacks systems to understand and report on structural risks to the workforce. This level of information would allow managers to review policies if necessary, and target resources to mitigate these risks.

The NSW Police Force does not use a workforce allocation model to distribute its workforce according to workload burden

Workload stress is a significant factor in police wellbeing. The frontline police who were interviewed for this audit, were consistent in the view that unmanageable workload pressures have the greatest impact on their wellbeing. 'Work pressure' is the third most common source of psychological injury cited in police injury notification data. While police managers have information about the police workload pressures across commands, they do not use a workforce allocation model to allocate workforce resources in a way that effectively mitigates this risk. In general, police managers measure workload pressures by assessing the number of calls that local police are unable to attend within the hour across the 57 NSW local area commands.

The NSW Police Force lacks a formula to allocate and distribute its police workforce across commands. The location of police across the State has been largely determined by historical factors, such as the location of an existing workforce. Staffing levels are also determined by political decisions. Some staffing allocations are made via election commitments to place additional police in certain regions, without an analysis of workforce requirements.

The NSW Police Force has been operating with significant workforce shortages since 2023. Workforce vacancy rates differ across commands. Some police area commands and districts are operating with workforce vacancies of more than 30%. Others have lower workforce vacancy rates at 11%. While workforce vacancies are not always a true indicator of workload burden, the data can show commands under changing workforce pressures. The ability of a command to meet its call-out volumes provides a clearer assessment of workload demand. That said, the NSW Police Force has not done any analysis of its authorised workforce strength by command over the past eight years.

Each year, police managers can make minimal changes to the distribution of police across the State. This is almost exclusively through the placement of newly graduated police. The process for placing new probationary constables is determined via annual meetings with Deputy Police Commissioners and region-level commanders. During this process, police workload levels and vacancy rates are assessed, and region-level bids are made for new graduates based on regional needs.

The NSW Police Force does not use a staffing allocation model to distribute its personnel based on an assessment of the workloads of each command. While police managers have access to data that shows the areas experiencing the highest workload across the 57 NSW local area commands, they are limited in their ability to change the workforce levels across the State.

In instances where there are significant increases in crime or call-out rates, the NSW Police Force is able to temporarily deploy additional police as part of a surge capability. These deployments seek to surge police in crime hotspots. However, they are a temporary measure and do not solve entrenched under-resourcing of some commands.

Senior police managers advise that they are limited in their ability to transfer police positions, or to increase the overall workforce headcount to respond to workload demands. While Deputy Commissioners and region-level commanders can monitor police workloads, they lack a staffing allocation model that would allow them to transfer police to commands under the highest levels of workload pressure.

The NSW Police Force does not assess or compare the effects of police taking up a second job to determine whether secondary employment impacts on police fatigue, stress or performance

Over the past five years, around 1,650 NSW Police Force employees were engaged in secondary employment annually. Central managers and policy makers do not receive data or reports that would allow them to monitor and compare levels of secondary employment across commands, and its impacts on police performance.

Police managers do not receive data that correlates secondary employment levels with sick leave data or adverse incident data, for example. While police managers advise that secondary employment is monitored at the local command level, there is no capability to assess impacts centrally, and make policy adjustments if data shows impacts on workforce wellbeing or functioning.

Given that the NSW Police Force has not collected or analysed system-level, psychological risk factor information, managers are unable to inform the design of police wellbeing programs based on evidence of workforce needs.

NSW frontline police work some of the longest shifts in the country and the NSW Police Force has not sufficiently assessed the risks or impacts of this shift cycle on performance and fatigue

Frontline police complete four 12-hour shifts that are condensed into a four-day timeframe, followed by six days off. In general, frontline police complete two day-shifts followed by two night-shifts, that are completed consecutively. Police are required to have a ten-hour break in between shifts, but unplanned overtime and travel to and from the workplace and home, can reduce the time available for rest and recovery.

The NSW Police Force has a 'flexible work arrangements manual' with principles that allow for flexible rostering of shift lengths between six and 12 hours throughout the day and overnight. In practice, however, rostering patterns show that 96% of general duties police undertake shift lengths of 12 hours. Most other police jurisdictions in Australia, with the exception of the Northern Territory, implement shift lengths that vary between eight and ten hours.

The NSW Police Force does not analyse its incident notification reports to assess whether there are any trends in the times when adverse incidents occur. The NSW Police Force is not able to identify correlations between the length of shifts and incidents, or the patterns of shifts and adverse incidents. As a result, police managers do not know whether the current shift arrangements for frontline police are a contributing factor to fatigue and stress. They do not have trend data to show if fatigue is leading to increases in accidents, incidents and performance matters.

The NSW Police Force’s work readiness framework advises that a 'review of workplace incident data' is a method that can be used to identify factors contributing to fatigue. Aggregated data about the ‘time in shift’ when incidents occur, would assist managers to understand whether shift patterns have inherent safety risks.

The NSW Police Force does not have sufficient controls and tools to regulate the number of hours worked by police, and potentially mitigate police fatigue levels

The NSW Police Force currently manages fatigue through a work readiness framework that includes policies, guidelines and tools, that are designed to assist managers and employees to develop and implement work readiness management plans and strategies. Police commanders are not mandated to implement these guidelines and tools, and there is no register of police working hours or work readiness.

The framework does not address the ways in which the fatigue assessment tools will be used and monitored across local commands. The NSW Police Force does not have a process to ensure the implementation of tools and control measures. In addition, the fatigue assessment tools lack clarity or guidance on rest and stop-work directives. Some employers of emergency service workers and first responders are able to proactively monitor fatigue. For example, NSW Ambulance has an automated fatigue management calculator that allows managers to view the hours worked by employees in real time, in order to manage risks.

The NSW Police Force work readiness framework contains guidelines that can be used to mitigate some of the contributing factors to fatigue. Guidelines advise police managers to conduct 'consultation with workers'. However, there is limited evidence that the NSW Police Force has consulted with, or sought feedback from the workforce on fatigue risks. There is no evidence that police employees have been surveyed about the effects of shift hours on the available time for sleep, or on work readiness.

In October 2023, the NSW Police Force developed a risk control ‘ready reckoner’ which includes ‘fatigue’ as a risk factor in police work. This risk control system is still in draft form and has yet to be implemented. The register identifies potential controls that can be used to manage fatigue, but it does not assign owners or business areas as responsible for the controls and risks. The impact of the ready reckoner is not yet known, nor has there been any monitoring of its uptake to date.

SafeWork NSW has identified fatigue as a potential workforce health and safety hazard for employees across all industries. Fatigue has both physical and psychological impacts. According to the regulator, each employer has responsibility to identify and manage fatigue risks to employees. In recent decades, numerous supreme court decisions have found employers liable for breaching their duty of care in failing to take reasonable steps to minimise the risks of fatigue to their workers.

SafeWork NSW recommends that employers develop a fatigue policy in consultation with their employees. The policy should define clear roles and responsibilities for employers that include the management of excessive working hours, workplace assessments of fatigued workers to gauge fitness for work, and procedures for reporting hazards and managing risks.

Complaints and legal claims relating to alleged police misconduct are costly to the State

Frontline police are more likely to be recipients of public complaints than other police as they have more interaction with the public during events such as domestic violence incidents, assaults, neighbourhood disputes, mental health incidents, and other crime responses. Specialist police such as detectives and forensic experts have less interaction with the public and therefore receive fewer public complaints.

Frontline police told audit staff that complaints against them have significant impacts on their wellbeing. These negative impacts are compounded by the fact that police are not told about the nature of the complaint against them or the name of the complainant. For many police, this process seems unjust as in some instances, they have no information about what they have done to receive the complaint, and no recourse to defend their case.

Public complaints about police are handled differently across the six police regions. In one region, the region commander has determined that police will not be informed about complaints that are shown to be vexatious and declined. This is to ensure that morale is not affected. In another region, all complaints are reported to police, even if they are declined. Some police argue that declined complaints should not be recorded on their files, as is the current practice. They advise that complaints can have an adverse impact on their promotion eligibility, even when the complaints are vexatious.

Police told us that there was an inadequate level of wellbeing support available for officers who were subject to complaints or investigations. Complaint and investigation policies and procedures make mention of the availability of Employee Assistance Program services, but this is the only external support. According to the policy, local commanders are responsible for monitoring the welfare of complaint recipients and all other people involved. Procedure documents do not include any requirement for commanders to refer police to wellbeing support services.

During the five years from 2019–2020 to 2024–2025, a total of 2,124 legal claims were made against NSW police employees for misconduct matters. The NSW Police Force paid $155.44 million to settle these claims over the five-year period. Despite the significant cost of these claims, the NSW Police Force does not report basic information about these legal matters. The NSW Police Force does not report on the number of claims that were settled via payments to claimants, the number of claims that proceeded to Court, or the claims that were successfully defended in Court.

Since 2019–2020, there have been increases in psychological injury claim numbers and costs across the NSW public sector, for police these costs have risen by almost 50% year on year

Despite increases in mental health services and psychological support for police, the costs of psychological injuries have been increasing year on year. While compensation claims for physical injuries occur at more than twice the rate of psychological injury claims, the costs associated with psychological injury claims are higher than for physical injuries. Compensation costs to psychologically injured police totalled approximately $1.75 billion from 2019–2020 to 2023–2024. The NSW Police Force is not alone in experiencing increases in psychological injuries and costs, higher claim numbers and costs are also evident in other NSW government agencies.

Police compensation costs were covered by two different insurance schemes during the five years from 2019–2020 to 2023–2024. The icare workers compensation insurance scheme covered costs of $927.84 million, and the Police Blue Ribbon Insurance Scheme covered $817.29 million in costs. The Police Blue Ribbon Insurance Scheme was managed by a private insurer.

From 2019–2020 to 2023–2024, NSW police employees made approximately 3,080 compensation claims for physical injuries each year, compared to a yearly average of 1,100 claims for psychological injuries. Over this timeframe, psychological claims accounted for 74% of the total compensation claims costs, with physical injuries accounting for 26% of costs.

Exhibit 6 shows the number of physical and psychological compensation claims numbers each year, and the claim costs for the different injury types by year.

Appendix 1 – Response from entity

Appendix 2 – About the audit

Appendix 3 – Performance auditing

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Parliamentary reference - Report number #408 - released 11 June 2025

About this report

Financial audit results of the NSW public universities’ financial statements for the year ended 31 December 2024.

Findings

Unmodified audit opinions were issued for all ten universities.

Six universities reported net deficits in 2024, compared to eight in 2023. Nine universities’ net results improved from 2023.

The main driver of revenue growth in 2024 was a 25.5% increase in fees and charges revenue from overseas students, due to increased enrolments of 18.9%. Revenue from domestic students increased by 12%, however, enrolment numbers remain below 2020 levels.

In 2024, revenue growth of 14.9% exceeded the 9.4% growth rate of expenses. However, universities are still recovering from the shortfalls experienced in 2022 and 2023 following financial disruptions caused by the COVID-19 pandemic.

Half of the universities show indicators of financial risk in the form of liquidity ratios of less than one and having less than three months of cash reserves to fund operating and financing activities.

The number of reported audit findings has decreased from 111 in 2023 to 98 this year. Most control deficiencies related to information technology /cyber security, governance, and payroll.

Universities are not consistently following their own procedures for recording cyber incidents, data breaches and privacy breaches.

Data breaches that required mandatory notification resulted in unauthorised access and disclosure of personal information, and mainly caused by phishing attacks and human error.

Recommendations

Universities should:

• finalise mitigating actions to address the risk of future wage underpayments and prioritise repayments to affected staff
• adequately prepare themselves to comply with the climate disclosure requirements under NSW Treasury’s reporting framework
• clearly document the requirements for business cases and post-completion reviews for capital projects
• comply with established processes when recording cyber security incidents and data breaches
• require staff to complete cyber security training regularly, include simulated phishing attacks and provide students with basic cyber security training
• create a central artificial intelligence (AI) inventory, establish and implement an AI policy and consider the benefits of establishing an AI strategy.

Financial reporting is an important element of good governance. Confidence in, and transparency of, university sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines the 2024 financial reporting audit results of NSW universities.

Financial performance is a measure of an organisation’s ability to use its resources to generate revenue and manage expenses while maintaining appropriate levels of net assets and cash flows.

Financial performance also encompasses financial sustainability, which is the ability to meet current and future financial obligations without reducing essential services or borrowing money to fund successive operational deficits. This is achieved by ensuring that over the medium and longer term, revenue is sufficient to cover expenses, cash flow and risks are well managed, long-term financial planning is effective and sources of revenue are diverse.

This chapter presents our observations on the financial performance of universities in 2024.

Governance is the framework of rules, processes and systems that enable organisations to achieve goals and comply with legal requirements. Good governance promotes public confidence in the integrity and effectiveness of universities’ systems and operations. A strong system of internal controls enables universities to operate effectively and efficiently, produce reliable financial reports, comply with laws and regulations, and support ethical and transparent decision-making.

This chapter outlines our findings on internal controls and governance across the ten NSW universities.

Financial audits focus on the key internal controls and governance that support the preparation of financial statements. Breakdowns and weaknesses in internal controls can increase the risk of fraud and error. Our management letters report deficiencies in internal controls, matters of governance interest and unresolved issues to those charged with governance. These letters also include risk ratings, implications, recommendations and management responses.

Universities’ primary objectives are teaching and research. They invest most of their resources to achieve quality outcomes in academia and student experience. Universities have committed to achieving certain government targets and compete to advance their reputation and standing in international and Australian rankings.

This chapter outlines enrolments and teaching outcomes for NSW universities in 2024.

This chapter focuses on the cyber security incident environment at universities, the reporting of incidents to regulators and how universities have responded to data breaches as a result of cyber security incidents. We also address how universities train their staff to identify and prevent cyber security incidents.

The Australian Government identifies that artificial intelligence (AI) presents great opportunities for all levels of government to transform service delivery and enhance productivity and wellbeing. However, AI comes with risks that require active management.

This chapter offers an overview of AI adoption in universities and the current policies in place to oversee the use of AI.

While there is no one common definition of AI, the NSW Government’s ‘Artificial Intelligence Ethics Policy’ adopts the following definition:

The Australian and NSW Governments have established policies and principles for responsible and ethical use of AI. While NSW universities are not bound by these documents, they are considered best practice. This includes:

• the Australian Government’s ‘Policy for the responsible use of AI in government’, ‘Australia’s AI Ethics Principles’ and ‘National framework for the assurance of artificial intelligence in government’
• the NSW Government’s ‘Artificial Intelligence Ethics Policy’ and ‘NSW artificial intelligence assessment framework’.

Appendix 1 - Status of 2023 recommendations 

Appendix 2 - Universities' controlled entities

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

About this report

The report presents the results of the local government sector financial audits for the year ended 30 June 2024.

Audit results

Unqualified audit opinions were issued for 124 (of 128) councils, 8 (of 9) county councils, and 11 (of 13) joint organisations.

Disclaimers of opinion were issued for Glen Innes Severn Council and the New England Weeds Authority.

Qualified audit opinions were issued for Snowy Valleys Council and Moree Plains Shire Council.

Timeliness improved as 88% of councils lodged their audited financial statements by the statutory deadline of 31 October (67% in the previous year).

Findings

Financial sustainability is a concern for some councils

There were 35 councils that met none or just one of the three key financial sustainability benchmarks. Sixteen councils have insufficient cash and investments, not subject to external restrictions, to meet three months of their expenses (excluding depreciation and interest).

Revenue growth lags expenditure growth after adjusting for inflation, resulting in negative growth in real terms.

About 40% of councils did not break even in 2023–24.

Cyber security remains a risk

Cyber security controls have improved, especially regarding cyber governance. However, control gaps were identified in cyber security training and risk management of third-party systems.

Recommendations

• The Department of Planning, Housing and Infrastructure should reduce councils’ financial reporting burden, and remove non-value-adding disclosures from financial statements.
• Councils should perform more robust month-end processes, quality reviews of financial statements and supporting working papers before they are submitted for audit.

Financial reporting is an important element of good governance. Confidence in, and transparency of, local government decision-making is enhanced when financial reporting is accurate and timely.

This chapter outlines the financial reporting audit results of councils, county councils and joint organisations.

Financial sustainability is the ability to meet current and future financial obligations without reducing essential services or borrowing money to fund successive operational deficits. This is achieved by ensuring that over the medium and longer term, revenue is sufficient to cover expenses, cash flow and risks are well managed, long-term financial planning is effective and sources of revenue are diverse.

Councils are required to prepare long-term financial plans to help ensure they remain financially viable. Benchmarks established by the OLG are used to assess past performance and indicate areas where councils are under pressure.

The graphs and tables presented in this chapter are prepared from councils’ financial statement data and in many cases represent averages of the metropolitan, regional and rural councils.

Governance is the framework of rules, processes and systems that enable organisations to achieve goals and comply with legal requirements. Good governance promotes public confidence in the integrity and effectiveness of councils’ systems and operations. A strong system of internal controls enables councils to operate effectively and efficiently, produce reliable financial reports, comply with laws and regulations, and support ethical government.

This chapter outlines our findings on internal controls and governance across councils, county councils and joint organisations.

Financial audits focus on the key internal controls and governance that support the preparation of financial statements. Breakdowns and weaknesses in internal controls can increase the risk of fraud and error. Our management letters report deficiencies in internal controls, matters of governance interest and unresolved issues to those charged with governance. These letters also include risk ratings, implications, recommendations and management responses.

This chapter focuses on the cyber security environment for councils, how they have assessed and responded to the relevant risks, and the extent to which they have implemented or plan to implement controls. We also focus on how councils educate and raise awareness of cyber security risks for those with access to their IT systems and information.

The Audit Office’s Annual Work Program

Each year, the Audit Office’s Annual Work Program includes an ongoing strategic assessment of the risks and challenges facing government. It outlines future focus areas for financial audits, as well as planned performance audit topics published as a three-year rolling program. We aim to inform the NSW Parliament, the public sector and the community about key risks we identify, as well as priorities and expected timeframes for delivering our work. This helps give our stakeholders the best opportunity to prepare for, and engage with, our audits.

Our financial audit program for local government includes:

• assessments of controls and governance on cyber security
• analyses of financial sustainability
• reporting of findings and recommendations.

Audits will target the efficient and responsible use of public resources

The Government Sector Audit Act 1983 provides that the Auditor-General may have regard to the wastage of public resources in the exercise of their functions and may deal with reports made by public officials about serious and substantial waste of public money. The Audit Office defines serious and substantial waste as the uneconomical, inefficient or ineffective use of resources, whether authorised or unauthorised, and which could result in a loss of public funds or resources.

Waste can result in an opportunity cost for councils where money could have been used for better purposes, or better spent on achieving the same purpose. Waste can also lead to higher costs being incurred to address failings in either procurement, budgeting or contract management.

Our audits may focus on whether procurement practices, budgeting and contract management have effectively reduced waste.

Our performance audit program for local government includes the following performance audits in progress.

Coastal management reforms

The coast is one of NSW’s greatest assets and is home to nearly 85% of the state’s population. The NSW Government has established a framework to manage the coastal environment in a sustainable way for the wellbeing of the people of NSW. The key policy instruments are the Coastal Management Act 2016, under which local councils in the coastal zone prepare coastal management programs, and the State Environmental Planning Policy (Resilience and Hazards) 2021.

The Department of Climate Change, Energy and Water (DCCEEW) and the DPHI oversee and facilitate implementation of the coastal management framework by local councils.

This audit will answer the following questions:

• Are the DCCEEW and the DPHI effectively overseeing and facilitating councils’ implementation of the coastal management framework?
• Have councils effectively developed plans and priorities for coastal management?

Long-term financial planning

Sustainable financial management is a significant risk and priority for the local government sector. Under the legislative and policy requirements, all NSW local councils must prepare and adopt a long-term financial plan. This plan should reflect and inform decision-making for important processes like longer-term strategic planning, and immediate and short-term budget processes.

This audit will assess whether selected local councils have established effective and compliant long-term financial plans that promote financial sustainability and reflect their communities’ priorities for services and assets.

Appendix 1 – Response from the Office of Local Government within the Department of Planning, Housing and Infrastructure

Appendix 2 – Status of previous recommendations

Appendix 3 – Status of audits

Appendix 4 – Council liquidity

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.