Refine search Expand filter

Audit progress

- Any -

Sector

- Any -

Year

- Any -

Report type

- Any -

Topic

- Any -

Reports

Published

Transport and Infrastructure 2022

Transport
Asset valuation
Financial reporting
Information technology
Infrastructure
Management and administration
Procurement

What the report is about

Result of the Transport and Infrastructure cluster agencies' financial statement audits for the year ended 30 June 2022.

What we found

Unmodified audit opinions were issued for all Transport and Infrastructure cluster agencies' financial statements.

An 'other matter' paragraph was included in TAHE's Independent Auditor's Report for its 30 June 2022 financial statements which draws attention to Transport and Asset Holding Entity's (TAHE) reliance on government-funded customers.

We included an ‘emphasis of matter’ paragraph in the Independent Auditor’s Report for State Transit Authority of New South Wales’ (the authority) 30 June 2022 financial statements, which draws attention to the financial statements being prepared on a liquidation basis as the authority’s principal activities ceased operations on 3 April 2022.

What the key issues were

The 2021–22 audits identified five high-risk findings:

  • detailed business modelling to support returns from TAHE
  • valuation of assets at TAHE
  • control of assets at TAHE
  • accounting and valuation of tree assets at Centennial Park and Moore Park Trust and Parramatta Park Trust.

Access and licence fees - TAHE

Revised commercial agreements were signed between TAHE, the operators and Transport for NSW on 23 June 2022 to reflect increased access and licence fees detailed in the 18 December 2021 Heads of Agreement.

TAHE’s ability to generate the expected return of 2.5% based on the current modelling is heavily reliant on the government funding the public rail operators (TAHE's customers).

There are risks that:

  • TAHE will not be able to recontract for access and licence fees at a level that is consistent with current projections
  • future governments' funding to TAHE's key customers will not be sufficient to fund payment of access and licence fees at a level that is consistent with current projections
  • TAHE will be unable to grow its non-government revenues.

Valuation of assets - TAHE

Although TAHE's selected valuation of assets falls within an acceptable range, there remains a significant gap between what has been assessed as an acceptable range and TAHE's range.

What we recommended

Control of assets - TAHE

While we accepted TAHE’s position on control for the current year, NSW Treasury and TAHE should continue to monitor the risk that control of TAHE assets could change in future reporting periods. TAHE must continue to demonstrate control of its assets or the current accounting presentation would need to be reconsidered.

This report provides Parliament and other users of the Transport and Infrastructure cluster’s financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

  • financial reporting
  • audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Transport and Infrastructure cluster (the cluster) for 2022.

Section highlights

  • Unqualified audit opinions were issued on all Transport and Infrastructure cluster agencies' financial statements.
  • An 'Other Matter' paragraph was included in the Transport Asset Holding Entity of New South Wales' (TAHE) Independent Auditor's Report to draw attention to TAHE's reliance on government-funded customers.
  •  An 'Emphasis of Matter' paragraph was included in the State Transit Authority of New South Wales' (the authority) Independent Auditor's Report to draw attention to management’s disclosures that State Transit Authority of New South Wales' financial statements for the year ended 30 June 2022 were prepared on a liquidation basis as the authority’s principal activities ceased operations on 3 April 2022.
  • While TAHE's valuation of assets at 30 June 2022 was within an acceptable range of valuation outcomes, there remained significant differences in assumptions used when compared with relevant market benchmarks.
  • Sydney Metro corrected two prior period errors of $1.5 billion and $51 million in accounting and valuation of assets, and double counting of assets capitalised in infrastructure as well as assets under construction respectively.

 

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the cluster.

Section highlights

  • The number of findings reported to management decreased from 87 in 2020–21 to 59 in 2021–22.
  • Repeat findings accounted for 54.2% of management letter points. Many repeat findings related to controls over payroll, including management of annual leave and processing of timesheets, management of conflicts of interests, weaknesses in controls over information technology user access administration and password management.
  • One new high-risk issue was identified in 2020–21, and four high-risk repeat issues remained.
  • The five high-risk issues arose from the audit in the cluster, with respect to:
    • control over TAHE assets and operations (repeat)
    • TAHE detailed business modelling to support returns (repeat)
    • valuation of trees (repeat for Parramatta Park Trust and Centennial Park and Moore Park Trust)
    • TAHE asset valuations.

 

Appendix one – Misstatements in financial statements submitted for audit

Appendix two – Early close procedures

Appendix three – Timeliness of financial reporting

Appendix four – Financial data

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

Internal controls and governance 2022

Whole of Government
Compliance
Cyber security
Financial reporting
Fraud
Information technology
Internal controls and governance
Procurement
Risk

What the report is about

This report analyses the internal controls and governance of the 25 largest agencies in the NSW public sector, excluding state-owned corporations and public financial corporations, for the year ended 30 June 2022.

What we found

Internal control trends

The proportion of control deficiencies identified as high-risk this year increased to 8.2% (5.9% in 2020–21). Sixteen of the 23 high-risk findings related to financial controls while seven related to IT controls.

Repeat findings of control deficiencies now represent 48% of all findings (47% in 2020–21).

Information technology

There continues to be a high number of deficiencies relating to IT general controls, particularly around user access reviews, which affected 56% of agencies.

Cyber security

Agencies' self-assessed maturity levels against the NSW Cyber Security Policy mandatory requirements are lower than target levels. Overall, maturity levels against the Australian Cyber Security Centre's Essential Eight controls have not improved since last year.

Management of cyber risks relating to third party IT service providers should be improved. IT service providers may pose risks to the agency if the provider's cyber security controls have weaknesses.

Consultants and contractors

Agencies risk over-reliance on the same consultants and contractors. A quarter of agencies have re-engaged the same contractor over the past five years.

Employment screening Twenty-four per cent of agencies have not complied with the employment screening requirements of the Government Sector Employment Act 2013 with regard to citizenship or residency. Screening and induction practices for non-permanent workers are often less stringent than for permanent employees. This can pose increased risks to an entity of not detecting applicants with false credentials or a history of corrupt conduct.

Contract management

Half of all agencies' procurement contract registers are incomplete, which is non-compliant with the Government Information (Public Access) Act 2009.

What we recommended

Agencies should:

  • prioritise actions to address repeat control deficiencies
  • prioritise improvements to their cyber security and resilience
  • reinforce mandatory cyber training to all staff and improve completion rates
  • ensure that contractor engagements that have been renewed over multiple years are periodically reassessed against the market.

Internal controls are processes, policies and procedures that help agencies to:

  • operate effectively and efficiently
  • produce reliable financial reports
  • comply with laws and regulations
  • support ethical government.

This chapter outlines the overall trends for agency controls and governance issues, including the number of audit findings, the degree of risk those deficiencies pose to the agency, and a summary of the most common deficiencies we found across agencies. The rest of this report presents this year's controls and governance findings in more detail.

For consistency and comparability, we have adjusted the 2021 results to incorporate additional audit findings that were reported after the date of the 'Internal controls and governance 2021' report. Therefore, the 2021 figures will not necessarily align with those reported in our 2021 report.

This section also covers how agencies have complied with TD 21-04 during 2021–22.

Section highlights

We identified 23 high-risk findings, compared to 20 last year, with ten repeated from last year. Sixteen of the 23 findings related to financial controls and seven related to IT controls.

  • The proportion of repeat deficiencies has increased from 47% in 2020–21 to 48% in 2021–22.
  • We identified a low level of compliance with TD 21-04 during 2021–22. Most agencies do not have a policy on gifts of government property, and did not annually certify their register of gifts of government property or attest that the agency has not made any gifts.

This chapter outlines our audit observations, conclusions and recommendations arising from our review of agency controls to manage key financial systems.

Section highlights

  • We continue to see a high number of deficiencies related to IT General Controls, particularly those related to user access administration and privileged user access.
  • We identified deficiencies within IT governance related to IT policies and procedures not effective in managing IT risks. We also identified weaknesses in arrangements with third-party IT service providers which can increase cyber security risk.

This chapter outlines our audit observations, conclusions and recommendations arising from our review of agencies' cyber security planning and governance arrangements.

Section highlights

  • Only 80% of agencies specify how they monitor or ensure that third-party IT service providers comply with the agencies' cyber security policies. IT service providers may pose certain risks to the agency if the provider's cyber security controls have weaknesses.
  • There are inconsistent practices and definitions of cyber security incidents across agencies with respect to maintaining incident registers. Five agencies reported nil incidents in their registers for 2021–22, while other agencies recorded up to 1,913 incidents.
  • Agencies' self-assessed maturity levels against the NSW Cyber Security Policy mandatory requirements are lower than their target levels in at least one requirement. Maturity levels against the Australian Cyber Security Centre's Essential Eight controls have not improved since last year. 

This chapter outlines our audit observations, conclusions and recommendations arising from our review of agencies' practices in engaging external experts, such as consultants and contractors.

Section highlights

  • Agencies risk over-reliance on the same consultants, as some firms continue to be the highest paid consultants at 60% of agencies for at least three of the past five years.
  • Agencies could improve their policies on engaging consultants to include consideration of:
    • probity requirements/conflict of interests
    • rotation of independent consultants from time-to-time
    • additional review where multiple consultants are engaged on the same topic to address the risk of opinion shopping.
  • A quarter of agencies have re-engaged the same contractor over the past five years, with one contractor engaged for 19 years. Long-term engagements without reassessment against market increase the risk of dependency on the contractor.

This chapter outlines our audit observations, conclusions and recommendations arising from our review of agencies' employment screening practices.

Section highlights

  • We identified that most agencies do not include the risk of employment application fraud in their risk registers.
    Post-employment screening has an important role in preventing fraud and managing risk as roles often change and the initial employment screening procedures may not be sufficient to control risk over time. Only 57% of agencies that have an employment screening policy include post-employment screening guidance.
  • Screening and induction practices for non-permanent workers are often less stringent than for permanent employees. There is an increased risk that agencies will:
    • fail to identify an applicant with a past history of corrupt or criminal conduct
    • not identify applications with false credentials
    • hire a worker with unsuitable qualifications, skills or experience.

This chapter outlines our audit observations, conclusions and recommendations arising from our review of agencies' contract management processes.

Section highlights

  • All agencies maintain a central contract register but 40% are incomplete, risking non-compliance with the Government Information (Public Access) Act 2009 (GIPA Act).
  • The contract renewal process could be improved. We identified only 76% of agencies assessed value for money before deciding to renew/extend the contract.
  • Most agencies provide some training and support to staff on procurement procedures. Ongoing training and awareness programs allow agencies to communicate to all staff their responsibilities and obligations in relation to procurement activities. 

Published

Enterprise, Investment and Trade 2022

Finance
Asset valuation
Compliance
Cyber security
Financial reporting
Information technology
Internal controls and governance
Management and administration
Procurement
Regulation
Risk

What the report is about

Result of the Enterprise, Investment and Trade cluster agencies' financial statement audits for the year ended 30 June 2022.

What we found

The Machinery of Government changes within the Enterprise, Investment and Trade cluster resulted in the creation of the Department of Enterprise, Investment and Trade and the transfer of $1.0 billion of net assets into the new department.

Unmodified audit opinions were issued for all completed cluster agencies' 2021–22 financial statements audits. Two audits are ongoing.

An 'Other Matter' paragraph was included in the audit opinion for the Jobs for NSW Fund's 30 June 2021 financial report to reflect the non-compliance with the Jobs for NSW Act 2015 (the Act) and Government Sector Finance Act 2018. The Act requires the board to consist of seven members that include the Secretary of the Treasury, the Secretary of the Department of Premier and Cabinet, and five ministerial appointments. The board has consisted of two secretaries since 24 May 2019 when the independent members resigned. The remaining five members have not been appointed by the ministers as required by section 5(2) of the Act.

Three cluster agencies accepted changes to their office leasing arrangements managed by Property NSW. This has resulted in the collective derecognition of $24.8 million of right-of-use assets and $26.7 million in lease liabilities, and recognition of $1.9 million of other gains.

What the key issues were

The number of issues we reported to management decreased from 108 in 2020–21 to 103 in 2021–22. Thirty per cent of issues were repeated from the prior year.

Six high-risk issues were identified across the cluster related to the quality and timeliness of financial reporting, governance processes and internal controls.

Recommendations were made to address these deficiencies.

This report provides Parliament and other users of the Enterprise, Investment and Trade cluster's financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

  • financial reporting
  • audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Enterprise, Investment and Trade cluster (the cluster) for 2022.

Section highlights

  • Unqualified audit opinions were issued for all completed cluster agencies 2021–22 financial statements audits. The Jobs for NSW Fund and Responsible Gambling Fund audits are ongoing.
  • An 'Emphasis of Matter' paragraph was included in the Australian Institute of Asian Culture and Visual Arts Limited's 30 June 2022 financial statements to draw attention to management’s disclosures that the entity's financial statements for the year ended 30 June 2022 were prepared on a non-going concern basis following cessation of its operations and resolution by the directors in October 2021 to deregister the entity.
  • An 'Other Matter' paragraph was included in the Jobs for NSW Fund's 30 June 2021 financial report to reflect the non-compliance with the Jobs for NSW Act 2015 and Government Sector Finance Act 2018.
    The Act requires the board to consist of seven members that include the Secretary of the Treasury, the Secretary of the Department of Premier and Cabinet (or their nominees) and five ministerial appointments, one of whom is to be appointed as Chair of the board. The board has consisted of the two secretaries since 24 May 2019 when the independent members resigned. The remaining five members have not been appointed by the ministers as required by section 5(2) of the Act.
  • An 'Emphasis of Matter' paragraph was included in the Jobs for NSW Fund's 30 June 2021 financial report to draw attention to the financial report being prepared for the purpose of fulfilling the Jobs for NSW Fund's financial reporting responsibilities as requested by the Treasurer's delegate.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Enterprise, Investment and Trade cluster.

Section highlights

  • In 2021–22, there were 103 findings raised across the cluster, a decrease from 2020–21.
  • In total, six high-risk findings were identified during 2021–22. Two related to 2021–22 whilst four were related to the audit of Jobs for NSW Fund's 30 June 2021 financial report.
  • Thirty per cent of all findings during 2021–22 were repeat issues. The most common repeat issues related to information technology controls and accounting for property plant and equipment notably fair value assessment and valuation.

Appendix one – Misstatements in financial statements submitted for audit 

Appendix two – Early close procedures 

Appendix three – Timeliness of financial reporting 

Appendix four – Financial data 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

Members' additional entitlements 2022

Premier and Cabinet
Compliance

What the report is about

The Auditor-General's review analyses claims made by members of the NSW Parliament during the 2021–22 financial year by testing a sample of transactions. Our sample consisted of 63 claims submitted by 59 of the 142 members.

What we found

While we did not identify any instances of material non-compliance with the Parliamentary Remuneration Tribunal's Determination, we did identify 38 departures from the determination, which were of an administrative nature.

What we recommended

The Department of Parliamentary Services (the department) should continue to work with the presiding officers, members, the clerk of the Parliaments and the clerk of the Legislative Assembly to enhance reporting of members' expenditure.

The Auditor-General has reviewed the compliance of the members of the NSW Parliament (members) with certain requirements outlined in the Parliamentary Remuneration Tribunal's Determination (the determination) for the year ended 30 June 2022.

The Auditor-General's review analyses claims made by members during the 2021–22 financial year. We use data analytics to select a sample of members' claims, and focus on claims that data analysis identifies as being at higher risk. We do not test every claim made by members. Our sample consisted of 63 claims submitted by 59 of the 142 members.

Results

Although our review did not identify any instances of material non-compliance with the determination for the year ended 30 June 2022, we did identify 38 departures from the determination, which were of administrative nature. Such departures may help identify areas in the current processes where greater clarity is needed or where training or education for members is warranted. These departures were as follows:

  • 12 claims were not submitted for payment within 60 days of receipt or occurrence of the expense
  • 16 annual loyalty scheme declarations were submitted by members after the due date specified in the guidelines
  • 6 reconciliations for the Sydney Allowance were submitted after the due date
  • 4 publications claimed under the Communications Allowance had not made the required authorisations and attributions on the publication.

Background

The Parliamentary Remuneration Tribunal (the tribunal) determines the salary and additional entitlements of the members, details of which are set out in the tribunal's annual determination. The NSW Parliament, through the Department of Parliamentary Services (the department), administers payments of additional entitlements to members. An overview is presented below:

Twelve claims were not submitted for payment within 60 days of receipt or occurrence of the expense

The determination requires members' expense claims to be submitted to the department within 60 days of when the expense is incurred or receipted. Our audit procedures identified 12 instances where members submitted their claims between 15 and 280 days late.

Sixteen annual loyalty/incentive scheme declarations were submitted by members after the due date specified in the guidelines

At the end of each financial year, members must declare they have not used loyalty/incentive scheme benefits accrued from their parliamentary duties for private purposes. The determination requires current members to complete the declarations at the end of each year (by 31 July 2022 per the department's administrative process). Former members must complete the declarations within 30 days of leaving Parliament.

We found 16 current members submitted their declarations between one and nine days late. The declaration is important as it affirms that loyalty benefits accrued using the members' parliamentary allowances and entitlements were not used for private purposes. Additionally, we found two members who did not submit their declaration form.

Six reconciliations for the Sydney Allowance reconciliations were submitted after the due date

Open prior period recommendations

Enhanced public reporting

In 2016, the Auditor-General's Report to Parliament recommended the tribunal consider requiring the department to regularly publish full details of members' expenditure claims on its website in an accessible and searchable format. The tribunal had developed a plan requiring greater public reporting of members' additional expenditure from 1 July 2019 but does not have the power to require the department to facilitate this. This matter has been raised every year since 2016 and it continues to remain an open recommendation in 2022.

The Annual Reports of the Legislative Assembly and the Legislative Council, published on the Parliament's website, currently list the total amount claimed during the year by each member for each allowance. However, transparency around members’ claims would be enhanced if information was more extensively and regularly published on the Parliament’s website. The department should continue to work with the presiding officers, members, the clerk of the Parliaments and the clerk of the Legislative Assembly to enhance reporting of members' expenditure.

Resolved prior period recommendations

Clarifying key parameters of the annual determination

In 2020, the Auditor-General's Report to Parliament recommended the department work with the tribunal to provide additional guidance to members to clarify the:

  • definition of 'parliamentary duties'
  • activities that meet the definition
  • requirements for retaining documents.

To address this recommendation, the department performed a review of the definitions and activities used by other jurisdictions in their administration of members' entitlements. The department has clarified these items as part of their submission with respect to the 2022 determination. The department will continue to monitor for changes in the administration of members' entitlements occurring at the federal level.

Appendix one – response from Department of Parliamentary Services

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

Planning and Environment 2022

Environment
Industry
Local Government
Planning
Asset valuation
Compliance
Financial reporting
Information technology
Infrastructure
Internal controls and governance
Management and administration
Risk

What the report is about

Result of the Planning and Environment cluster agencies' financial statements audits for the year ended 30 June 2022.

What we found

Unmodified audit opinions were issued for all completed 30 June 2022 financial statements audits of cluster agencies. Seven audits are ongoing.

Disclaimed audit opinions were issued for the 2010–11 to 2015–16 financial statements of the Water Administration Ministerial Corporation (WAMC), as management was unable to certify that the financial statements exhibit a true and fair view of WAMC's financial position and financial performance.

Qualified audit opinions were issued for WAMC's 2016–17 and 2017–18 financial statements due to insufficient evidence to support the completeness and valuation of water meters infrastructure assets, the impairment of water meters, and the completeness of buildings at Nimmie Caira.

Unqualified audit opinions were issued for WAMC's 2018–19 and 2019–20 financial statements.

The Department of Planning and Environment (the department) assessed 45 Category 2 Statutory Land Managers (SLM) did not meet the reporting exemption criteria and therefore were required to prepare 2021–22 financial statements. None of these 45 Category 2 SLMs prepared and submitted their 30 June 2022 financial statements by the statutory reporting deadline.

All 119 Commons Trusts have never submitted their financial statements for audit as required by the Government Sector Finance Act 2018 (GSF Act).

NSW Treasury has confirmed that the Catholic Metropolitan Cemeteries Trust (CMCT) is a controlled entity of the State. To date, CMCT has not met its obligations to prepare financial statements under the GSF Act and it has not submitted financial statements to the Auditor-General for audit.

What the key issues were

Since 2017, the Audit Office has recommended the department address the different practices across the local government sector in accounting for rural firefighting equipment. Despite repeated recommendations, the department did little to resolve this issue. At the time of writing, 32 of 118 completed council audits received qualified audit opinions on their 30 June 2022 financial statements.

There continues to be significant deficiencies in Crown land records. The department uses the Crown Land Information Database (CLID) to record key information relating to Crown land in New South Wales that is managed and controlled by the department and land managers. The CLID system was not designed to facilitate financial reporting, and the department is required to conduct extensive adjustments and reconciliations to produce accurate information for the financial statements.

The department implemented the CrownTracker system as a replacement for CLID. The project was finalised in June 2022, but it has not achieved the intended outcomes.

Nine high-risk issues were identified across the cluster related to the findings outlined above and weaknesses in IT general controls, financial reporting, governance processes and internal controls.

Recommendations were made to address these deficiencies.

This report provides Parliament and other users of the Planning and Environment cluster’s financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

  • financial reporting
  • audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Planning and Environment cluster (the cluster) for 2022.

Section highlights

  • Unqualified audit opinions were issued for all completed 30 June 2022 financial statements audits of cluster agencies. Seven audits are ongoing. The audit of the Catholic Metropolitan Cemeteries Trust(CMCT) has not been able to commence, despite repeated requests to do so.
     
  • The audits of the Water Administration Ministerial Corporation's (WAMC) financial statements for the years ended 30 June 2011 to 30 June 2020 were completed in November 2022. These audits had been long outstanding due to insufficient records and evidence to support the transactions and balances of WAMC, particularly for the earlier years. In recent years, management commenced actions to improve WAMC's governance and financial management, and finalise the outstanding audits.

    Disclaimed audit opinions were issued on the 2010–11 to 2015–16 financial statements as management was unable to certify that the financial statements exhibit a true and fair view of WAMC's financial position and financial performance.

    Qualified audit opinions were issued for the 2016–17 and 2017–18 financial statements due to insufficient evidence to support the completeness and valuation of water meters infrastructure assets, the impairment of water meters, and the completeness of buildings at Nimmie Caira.

    Unqualified audit opinions were issued for the 2018–19 and 2019–20 financial statements.

    The 2020–21 and 2021–22 WAMC audits are in progress.
     
  • The Department of Planning and Environment (the department) assessed 45 Category 2 Statutory Land Managers (SLM) did not meet the reporting exemption criteria and therefore were required to prepare 2021–22 financial statements. None of these 45 Category 2 SLMs prepared and submitted their 30 June 2022 financial statements by the statutory reporting deadline.

    All 119 Commons Trusts have never submitted their financial statements for audit as required by the Government Sector Finance Act 2018 (GSF Act).

    The department needs to do more to ensure Category 2 SLMs and Commons Trusts meet their statutory reporting obligations.

    The department and Category 2 SLMs should finalise their reporting exemption assessments earlier to allow sufficient time for the non-exempted SLMs to prepare and submit annual financial statements by the statutory reporting deadline.
     
  • NSW Treasury has met with the Catholic Metropolitan Cemeteries Trust (CMCT) to consider their perspective as part of confirming CMCT is a controlled entity of the State for the purposes of financial reporting. NSW Treasury has confirmed that the CMCT is a controlled entity of the State. This means that the CMCT is statutorily obliged under section 7.6 of the GSF Act to prepare financial statements in accordance with the GSF Act and Treasurer's Directions, and give them to the Auditor-General for audit pursuant to the Government Sector Audit Act 1983 (GSA Act). Section 34 of the GSA Act requires the Auditor-General to furnish an audit report on these financial statements.

    The department wrote to CMCT to request it work with, and offer full assistance to, the Auditor-General in the exercise of her duties. To date, the CMCT has not met its obligations to prepare financial statements under the GSF Act as it has not submitted its financial statements to the Auditor-General for audit despite repeated requests, and has not provided access to its books and records for the purposes of a financial audit. The CMCT contends that they are not a GSF agency as defined by the GSF Act and therefore not a controlled entity of the State.
     
  • Six agencies required to perform early close procedures did not complete a total of 11 mandatory procedures. Incomplete procedures included the delayed resolution of matters raised in prior years and two agencies did not record movements in the fair value of physical assets in the financial statements.

 

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Planning and Environment cluster.

Section highlights

  • Since 2017, the Audit Office of New South Wales has recommended that the Department of Planning and Environment (the department) address the different practices across the local government sector in accounting for rural firefighting equipment. Despite repeated recommendations, the department did little to resolve this issue, and in 2022, 32 of 118 completed audits of councils received qualified audit opinions on their 2022 financial statements.
    Consistent with the department’s role to assess councils' compliance with legislative responsibilities, standards or guidelines, the department should intervene where councils do not recognise rural firefighting equipment.
  • There continues to be significant deficiencies in Crown land records. The department should implement an action plan to ensure the Crown land database is complete and accurate.
  • The number of findings reported to management decreased from 161 in 2020–21 to 132 in 2021–22. Eight high-risk findings were identified during 2021–22, of which six were repeat issues. One new high-risk finding related to deficiencies in governance processes and internal controls identified as a part of the Water Administration Ministerial Corporation's 2011–2020 financial statements audits.
  • The department and NSW Treasury did not comply with section 35 of the Energy and Utilities Administration Act 1987 (EUA Act). However, complying with the EUA Act could create non-compliance with other pieces of legislation. Amendments to the EUA Act have been made to resolve this inconsistency. The amendment took effect from April 1999.

 

Appendix one – Misstatements in financial statements submitted for audit

Appendix two – Early close procedures

Appendix three – Timeliness of financial reporting

Appendix four – Financial data

Appendix five – Councils received qualified audit opinions 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

Stronger Communities 2022

Justice
Community Services
Asset valuation
Compliance
Cyber security
Financial reporting
Information technology
Internal controls and governance
Management and administration
Procurement
Project management
Risk

What the report is about

Results of the Stronger Communities cluster agencies' financial statement audits for the year ended 30 June 2022.

What we found

Unqualified audit opinions were issued on all completed 30 June 2022 financial statement audits. One audit is ongoing.

All 13 cluster agencies that have accommodation arrangements with Property NSW derecognised right-of-use assets and lease liabilities of $917 million and $1 billion respectively. The agencies also collectively recorded a gain on derecognition of $136 million.

The Department of Communities and Justice (the department) assumed the responsibility for delivery of the Process and Technology Harmonisation program from the Department of Customer Service. In 2021–22, the department incurred costs of $42.8 million in relation to the project, which remains ongoing.

The number of monetary misstatements identified during the audits decreased from 50 in 2020–21 to 48 in 2021–22.

What the key issues were

Six of the 15 cluster agencies required to submit 2021–22 mandatory early close procedures did not meet the statutory deadlines. One agency did not complete all mandatory procedures.

Five high-risk findings were identified in 2021–22. They related to deficiencies in:

  • user access administration at the department, NSW Rural Fire Service and New South Wales Aboriginal Land Council (NSWALC)
  • segregation of duties at the NSW Trustee and Guardian and NSWALC.

Recommendations were made to those agencies to address these control deficiencies.

This report provides Parliament and other users of the Stronger Communities cluster’s financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

  • financial reporting
  • audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Stronger Communities cluster (the cluster) for 2022.

Section highlights

  • Unqualified audit opinions were issued on all completed 30 June 2022 financial statement audits of cluster agencies, including the acquittal and compliance audits for the Legal Aid Commission of New South Wales and Crown Solicitor's Office. One audit is ongoing.

  • Reported corrected misstatements decreased from 30 in 2020–21 to 23 with a gross value of $187 million in 2021–22 ($101 million in 2020–21). Reported uncorrected misstatements increased from 20 in 2020–21 to 25 with a gross value of $92.3 million in 2021–22 ($107 million in 2020–21).

  • Six of the 15 cluster agencies required to submit 2021–22 early close financial statements and all other mandatory procedures did not meet the statutory deadlines. One agency did not complete all mandatory procedures.

  • All 13 cluster agencies that have accommodation arrangements with Property NSW accepted the changes in the Client Acceptance Letters, resulting in the derecognition of right-of-use assets and lease liabilities of $917 million and $1 billion respectively. The agencies also collectively recorded a gain on derecognition of $136 million.

  • The Department of Communities and Justice (the department) assumed the responsibility to deliver the Process and Technology Harmonisation program from the Department of Customer Service. In 2021–22, the department incurred costs of $42.8 million in relation to the project.

  • In 2021–22, the department continued to implement the International Financial Reporting Standards Interpretations Committee's agenda decision on 'Configuration or customisation costs in a cloud computing arrangement'. The department's review of the remaining arrangements, with a net book value of $233 million at 30 June 2021, resulted in the recognition as an expense (through accumulated funds at 1 July 2020) of previously capitalised intangible assets totalling $106 million.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Stronger Communities cluster.

Section highlights

  • The number of issues reported to management has decreased from 130 in 2020–21, to 110 in 2021–22, and 43% were repeat issues (51% in 2020–21). Many repeat issues related to information technology, governance and oversight controls, and non-compliance with key legislation and/or agency policies.

  • Five high-risk issues were identified in 2021–22, all of which are repeat issues and related to user access administration and segregation of duties.

  • Of the 24 newly identified moderate risk issues, 11 related to information technology. The rest related to governance and oversight controls and internal control deficiencies or improvements in payroll, asset management and other processes.

Appendix one – Misstatements in financial statements submitted for audit

Appendix two – Early close procedures

Appendix three – Timeliness of financial reporting

Appendix four – Financial data

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

Regional NSW 2022

Environment
Industry
Planning
Asset valuation
Compliance
Financial reporting
Fraud
Information technology
Infrastructure
Internal controls and governance
Management and administration
Regulation
Risk
Shared services and collaboration

What the report is about

Result of the Regional NSW cluster agencies' financial statement audits for the year ended 30 June 2022.

What we found

Unmodified audit opinions were issued for Regional NSW cluster agencies. Two audits are ongoing.

What the key issues were

The Department of Regional NSW (the department) and Local Land Services (LLS) accepted changes to their office leasing arrangements managed by Property NSW.

These changes resulted in the collective derecognition of $100.6 million of rights-of-use-assets and $110.4 million of lease liabilities.

In 2021–22, the cluster agencies continued to assist communities in their recovery from recent weather emergencies, including significant flooding in New South Wales.

The Northern Rivers Reconstruction Corporation was established in May 2022 to rebuild communities in the Lismore and Northern Rivers region impacted by floods.

The number of matters reported to management decreased from 36 in 2020–21 to 14 in 2021–22.

Five moderate risk issues were identified and 14% of reported issues were repeat issues.

One moderate risk issue was a repeat issue related to Local Land Services' annual fair value assessment of the asset improvements on land reserves used for moving stock.

This report provides Parliament and other users of the Regional NSW cluster financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

  • financial reporting
  • audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Regional NSW cluster (the cluster) for 2022.

Section highlights

  • Unqualified audit opinions were issued on the financial statements of cluster agencies. Two audits are ongoing.
  • Cluster agencies completed all required early close procedures.
  • Changes to accommodation arrangements managed by Property NSW on behalf of the department and cluster agencies resulted in the collective derecognition of approximately $100.6 million in right-of-use assets and corresponding lease liabilities totalling $110.4 million from the balance sheets of these agencies.
  • Cluster agencies continue to provide financial assistance to communities affected by natural disasters.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Regional NSW cluster.

Section highlights

  • The 2021–22 audits identified five moderate issues across the cluster. One moderate risk issue was a repeat issue related to Local Land Services' annual fair value assessment of the asset improvements on land reserves used for moving stock.
  • Of the four newly identified moderate rated issues, one related to internal control deficiencies and improvements and three related to financial reporting.
  • The number of findings reported to management has decreased from 36 in 2020–21 to 14 in 2021–22.

Appendix one – Misstatements in financial statements submitted for audit

Appendix two – Early close procedures

Appendix three – Timeliness of financial reporting

Appendix four – Financial data

Published

Health 2022

Health
Whole of Government
Asset valuation
Compliance
Cyber security
Financial reporting
Information technology
Infrastructure
Internal controls and governance
Management and administration
Procurement
Risk
Service delivery
Shared services and collaboration
Workforce and capability

What the report is about

Result of Health cluster (the cluster) agencies' financial statement audits for the year ended 30 June 2022.

What we found

Unmodified audit opinions were issued for the financial statements for all Health cluster agencies.

The COVID-19 pandemic continued to increase the complexity and number of accounting matters faced by the cluster. The total gross value of corrected misstatements in 2021–22 was $353.3 million, of which $186.7 million related to an increase in the impairment provision for Rapid Antigen Tests (RATs).

A qualified audit opinion was issued on the Annual Prudential Compliance Statement related to five residential aged care facilities. There were 20 instances (19 in 2020–21) of non-compliance with the prudential responsibilities within the Aged Care Act 1997.

What the key issues were

The total number of matters we reported to management across the cluster decreased from 116 in 2020–21 to 67 in 2021–22. Of the 67 issues raised, four were high risk (three in 2020-21) and 37 were moderate risk (57 in 2020–21). Nearly half of all control deficiencies reported in 2021–22 were repeat issues.

Three unresolved high-risk issues were:

  • COVID-19 inventories impairment – we continued to identify issues relating to management’s impairment model which relies on anticipated future consumption patterns. RATs had not been assessed for impairment.

  • Asset capitalisation threshold – management has not reviewed the appropriateness of the asset capitalisation threshold since 2006.

  • Forced-finalisation of HealthRoster time records – we continued to observe unapproved rosters being finalised by system administrators so payroll can be processed on time. 2.6 million time records were processed in this way in 2021–22.

What we recommended

  • COVID-19 inventories impairment – ensure consumption patterns are supported by relevant data and plans.

  • Assets capitalisation threshold – undertake further review of the appropriateness of applying a $10,000 threshold before capitalising expenditure on property, plant and equipment.

  • Forced-finalisation of HealthRoster time records – develop a methodology to quantify the potential monetary value of unapproved rosters being finalised.

This report provides Parliament and other users of Health cluster (the cluster) agencies' financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

  • financial reporting

  • audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Health cluster (the cluster) for 2022.

Section highlights

  • Unqualified audit opinions were issued for all cluster agencies required to prepare general purpose financial statements.

  • The total gross value of corrected monetary misstatements for 2021–22 was $353.3 million, of which, $186.7 million related to an increase in the impairment provision for Rapid Antigen Tests.

  • A qualified audit opinion was issued on the ministry's Annual Prudential Compliance Statements.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the cluster.

Section highlights

  • The total number of internal control deficiencies has decreased from 116 in 2020–21 to 67 in 2021–22. Of the 67 issues raised in 2021–22, four were high (2020–21: 3) and 37 were moderate (2020–21: 57); with nearly half of all control deficiencies reported in 2021–22 being repeat issues.

  • The following four issues were reported in 2021–22 as high risk:

    • impairment of COVID-19 inventories

    • inadequate review over the appropriateness of asset capitalisation threshold

    • forced-finalisation of HealthRoster time records

    • COVID-19 vaccination inventories – data quality issue at 31 March 2022.

  • Management of excessive leave balances and poor quality or lack of documentation supporting key agreements continued to be the key repeat issues observed in the 2021–22 financial reporting period.

Appendix one – Misstatements in financial statements submitted for audit

Appendix two – Early close procedures

Appendix three – Timeliness of financial reporting

Appendix four – Financial data

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

Published

Education 2022

Education
Asset valuation
Compliance
Cyber security
Financial reporting
Information technology
Internal controls and governance
Procurement
Risk

What the report is about

Result of the Education cluster financial statement audits for the year ended 30 June 2022.

What we found

Unmodified audit opinions were issued for Education cluster agencies.

An 'other matter' paragraph was included in the TAFE Commission's independent auditor's report as it did not have a delegation or sub-delegation from the Minister for Education and Early Learning to incur expenditure from cluster grants.

What the key issues were

Annual fair value assessments of land and buildings showed material differences in their carrying values. As a result, the Department of Education and the TAFE Commission completed desktop revaluations of land and buildings, collectively increasing the value of these assets by $1.2 billion and $4.7 billion respectively.

The Department of Education and the NSW Education Standards Authority accepted changes to their office leasing arrangements managed by Property NSW. These changes resulted in the collective derecognition of $270.6 million of right-of-use assets and $382.9 million in lease liabilities.

What we recommended

A high-risk matter was reported in the management letter for the TAFE Commission highlighting non-compliance with policies and procedures guiding appropriate use of purchasing cards.

We recommended cluster agencies prioritise and address internal control deficiencies.

This report provides Parliament and other users of the Education cluster’s financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

  • financial reporting
  • audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Education cluster (the cluster) for 2022.

Section highlights

  • Unqualified audit opinions were issued on the financial statements of cluster agencies.
  • An 'other matter' paragraph was included in the independent auditor's report for the Technical and Further Education Commission (TAFE Commission) as they did not have a delegation or sub-delegation from the Minister for Education and Early Learning to incur expenditure from cluster grants.
  • The Department of Education and the TAFE Commission's land and buildings were revalued upwards by a collective $5.9 billion. These uplifts were the result of managerial fair value assessments showing that the carrying values of land and buildings had materially departed from fair value.
  • Changes to accommodation arrangements managed by Property NSW on behalf of the department and the NSW Education Standards Authority resulted in the collective derecognition of approximately $270.6 million in right-of-use assets and corresponding lease liabilities totalling $382.9 million from the balance sheets of these agencies. 

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Education cluster.

Section highlights

  • The 2021–22 audits identified 18 moderate issues across the cluster. Seven moderate risk issues were repeat issues related to general and application information technology controls and control deficiencies in key transactional systems used in preparing financial statements.
  • Of the 11 newly identified moderate risk issues, five related to information technology controls deficiencies; and five related to internal control deficiencies in key transactional systems used in preparing financial statements.
  • A high-risk matter was raised at the TAFE Commission relating to identified instances of non-compliance with policies and procedures guiding purchasing card use. 

The number of findings reported to management has increased, and 31% were repeat issues

Breakdowns and weaknesses in internal controls increase the risk of fraud and error. Deficiencies in internal controls, matters of governance interest and unresolved issues were reported to management and those charged with governance of agencies. The Audit Office does this through management letters, which include observations, related implications, recommendations and risk ratings.

In 2021–22, there were 29 findings raised across the cluster (28 in 2020–21). Thirty-one per cent of all issues were repeat issues (50% in 2020–21).

The most common new and repeat issues related to internal control deficiencies in agencies’ information technology general controls, application controls, and procurement and payroll practices.

A delay in implementing audit recommendations increases the risk of intentional and accidental errors in processing information, producing management reports and generating financial statements. This can impair decision-making, affect service delivery and expose agencies to fraud, financial loss and reputational damage. Poor controls may also mean agency staff are less likely to follow internal policies, inadvertently causing the agency not to comply with legislation, regulation and central agency policies. 

A high-risk matter was reported at the TAFE Commission highlighting instances of non-compliance with policies and procedures guiding appropriate purchasing card use

As part of our audit of the TAFE Commission, we integrated the use of data analytics into the audit approach. We performed data analytics over aspects of payroll, procurement and accounts payable activities. This helped us to highlight anomalies or risks in those data sets that are relevant to the audit of the TAFE Commission and plan testing procedures to address those risks. Data analytics also assisted us in providing an insight into the internal control environment of the TAFE Commission, highlighting areas where key controls are not in place or are not operating as management intended.

Our analysis over purchasing card data supplied by the TAFE Commission for the period July 2021 to March 2022 found deficiencies in the provisioning, use and cancellation of purchasing cards. This included identified instances of:

  • controls effectively bypassed when a purchasing card surrendered by a former employee had been used by another employee
  • split payments, circumventing delegation / cardholder limits
  • delays in the submission and approval of purchasing card transactions.

The table below describes the common issues identified across the cluster by category and risk rating:

Risk rating Issue
Information technology

High: 0 new, 0 repeat 1

Moderate: 5 new, 3 repeat 2

Low: 2 new, 1 repeat 3

The financial audits identified areas for agencies to improve information technology processes and controls that support the integrity of financial data used to prepare agencies' financial statements. Of note were deficiencies identified in:

  • agencies' user access administration and change management procedures, notably in the timing and frequency of managerial reviews over the granting and revocation of access to key systems relevant to financial reporting
  • the level of cyber security maturity
  • the monitoring of privileged user activities.
Internal control deficiencies or improvements

High: 1 new, 0 repeat 1

Moderate: 5 new, 3 repeat 2

Low: 4 new, 1 repeat 3

The financial audits identified internal control weaknesses across key business processes relevant to financial reporting. Of note were deficiencies identified in:

  • the adequacy of monitoring and oversight activities over the use of multiple financial delegation configurations in finance systems for specific users
  • the timely recording and approval of overtime claims and higher duties allowances
  • the timely finalisation of policies and procedures
  • the management of excessive annual leave balances
  • formalisation of service-provider arrangements between government agencies
  • non-compliance with policies and procedures to guide secondary employment and pecuniary interest declarations
  • non-compliance with policies and procedures to guide the appropriate use of purchasing cards.
Financial reporting

High: 0 new, 0 repeat 1

Moderate: 1 new, 1 repeat 2

Low: 2 new, 0 repeat 3

The financial audits identified:

  • opportunities for agencies to strengthen their financial preparation processes to facilitate a timelier and more efficient year-end audit
  • matters in respect of the timely capitalisation of work-in-progress
  • the need for agencies with non-financial assets subject to fair value to reconsider policy settings governing the frequency of revaluations
  • refinements in considering the outcomes of interim fair value assessments to ensure asset carrying values reflect fair value at each balance date.
1 High risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
2 Moderate risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
3 Low risk from the consequence and/or likelihood of an event that has had, or may have a negative impact on the entity.
Note: Management letter findings are based either on final management letters issued to agencies, or draft letters where findings have been agreed with management.

 

Recommendation

We recommend cluster agencies prioritise and action recommendations to address the internal control deficiencies outlined above. 

Appendix one – Early close procedures

Published

Customer Service 2022

Finance
Asset valuation
Compliance
Cyber security
Financial reporting
Information technology
Internal controls and governance
Management and administration
Procurement
Regulation
Risk
Service delivery
Shared services and collaboration

What the report is about

Result of the Customer Service cluster agencies' financial statement audits for the year ended 30 June 2022.

What we found

Unmodified audit opinions were issued for Customer Service cluster agencies.

What the key issues were

The number and size of Service NSW's administered grant programs have increased significantly in response to emergency events. Improvements are required to address gaps in Service NSW's policies, systems and processes in administering and financial reporting of grant programs.

The Department of Customer Service (the department) reported a retrospective correction of a prior period error of $33.3 million understatement of the land titling database, which is a service concession asset managed by a private operator.

The 2021–22 audits identified five high-risk issues across the cluster:

  • the department:
    • control weaknesses in user access to GovConnect systems
    • significant control deficiencies in information technology change management controls
  • Rental Bond Board:
    • legislation amendment required to better support the accounting treatment of rental bonds
    • no delegation instrument to government officers authorising them to approve expenditures
  • Service NSW:
    • improvements required in the timeliness and quality of grant administration revenue assessment and controls over the recovery of grant administration costs.

Recommendations were made to address these deficiencies.

This report provides Parliament and other users of the Customer Service cluster's financial statements with the results of our audits, analysis, conclusions and recommendations in the following areas:

  • financial reporting
  • audit observations.

Financial reporting is an important element of good governance. Confidence and transparency in public sector decision-making are enhanced when financial reporting is accurate and timely.

This chapter outlines our audit observations related to the financial reporting of agencies in the Customer Service cluster (the cluster) for 2022.

Section highlights

  • Unqualified audit opinions were issued on the financial statements of cluster agencies.
  • Reported corrected misstatements decreased from 33 in 2020–21 to 30 with a gross value of $406 million in 2021–22 ($418.9 million in 2020–21). Reported uncorrected misstatements decreased from 13 in 2020–21 to nine with a gross value of $31.8 million in 2021–22 ($78 million).
  • Seven of nine cluster agencies did not submit or complete certain mandatory early close procedures on time.
  • Service NSW's late resolution of the accounting of $256 million revenue from administering COVID-19 and flood grant programs resulted in misstatements and delays in financial reporting and audit.
  • The Department of Customer Service corrected prior period errors retrospectively related to the valuation of a service concession asset (land titling database) which reduced the prior year comparative for service concession asset by $33.3 million in the financial statements.

Appropriate financial controls help ensure the efficient and effective use of resources and administration of agency policies. They are essential for quality and timely decision-making.

This chapter outlines our observations and insights from our financial statement audits of agencies in the Customer Service cluster.

Section highlights

  • The 2021–22 audits identified five high risks (three in 2020–21) and 36 moderate risk issues (59 in 2020–21) across the cluster. Fifty-three per cent of the issues (42% in 2020–21) were repeat issues. Many repeat issues related to information technology controls around user access management.
  • While improvement was noted in the number of control deficiencies in GovConnect ASAE 3402 controls assurance reports, internal control qualification and control deviation issues continued to occur in 2021–22. Ineffective controls at service providers increase the risk of fraud, error and security to data.
  • Cyber security governance and management requires improvement. The department is yet to fully implement Essential 8 Mitigation Strategies and the maturity level for several Essential 8 strategies is at Level Zero in the current maturity model. The department is in the process of completing the roll out of some long outstanding system patches.
  • Significant gaps were identified in Service NSW's policies, systems and processes in administering and financial reporting of grant programs.

Appendix one – Misstatements in financial statements submitted for audit 

Appendix two – Early close procedures 

Appendix three – Timeliness of financial reporting 

Appendix four – Financial data

 

Copyright notice

© Copyright reserved by the Audit Office of New South Wales. All rights reserved. No part of this publication may be reproduced without prior consent of the Audit Office of New South Wales. The Audit Office does not accept responsibility for loss or damage suffered by any person acting on or refraining from action as a result of any of this material.

View our audit program
View audit program
EXPLORE
upcoming audits
Have your say
CONTRIBUTE