Refine search Expand filter

Reports

Published

Actions for Management of the Critical Communications Enhancement Program

Management of the Critical Communications Enhancement Program

Finance
Health
Justice
Whole of Government
Cyber security
Information technology
Infrastructure
Internal controls and governance
Project management
Risk
Service delivery
Shared services and collaboration

Effective radio communications are crucial to NSW's emergency services organisations. The Critical Communications Enhancement Program (CCEP) aims to deliver an enhanced public safety radio network to serve the five emergency services organisations (ESOs), as well as a range of other users. This report assesses whether the NSW Telco Authority is effectively managing the CCEP. What we found Where it has already been delivered

Published

Actions for Cyber Security NSW: governance, roles, and responsibilities

Cyber Security NSW: governance, roles, and responsibilities

Local Government
Whole of Government
Finance
Cyber security
Information technology
Internal controls and governance
Management and administration

Cyber Security NSW is part of the Department of Customer Service, and aims to provide the NSW Government with an integrated approach to preventing and responding to cyber security threats. This audit assessed the effectiveness of Cyber Security NSW's arrangements in contributing to the NSW Government's commitments under the NSW Cyber Security Strategy, in particular, increasing the NSW Government's cyber resiliency. The audit a

Published

Actions for Compliance with the NSW Cyber Security Policy

Compliance with the NSW Cyber Security Policy

Whole of Government
Compliance
Cyber security
Information technology

This audit assessed nine agencies’ compliance with the NSW Cyber Security Policy (CSP) including whether, during the year to 30 June 2020, the participating agencies: met their reporting obligations under the CSP reported accurate self-assessments of their level of maturity implementing the CSP’s requirements including the Australian Cyber Security Centre’s (ACSC) Essential 8. What we found Key elements to strengthen cybe

Published

Actions for Managing cyber risks

Managing cyber risks

Whole of Government
Transport
Cyber security
Information technology
Internal controls and governance
Procurement
Risk

This audit assessed how effectively Transport for NSW (TfNSW) and Sydney Trains identify and manage their cyber security risks. The NSW Cyber Security Policy (CSP) sets out 25 mandatory requirements for agencies, including implementing the Australian Cyber Security Centre’s Essential 8 strategies to mitigate cyber security incidents, and identifying the agency’s most vital systems, their ‘crown jewels’.  The audited agenc

Published

Actions for Integrity of data in the Births, Deaths and Marriages Register

Integrity of data in the Births, Deaths and Marriages Register

Justice
Premier and Cabinet
Whole of Government
Cyber security
Fraud
Information technology
Internal controls and governance
Management and administration

This report outlines whether the Department of Customer Service (the department) has effective controls in place to ensure the integrity of data in the Births, Deaths and Marriages Register (the register), and to prevent unauthorised access and misuse. The audit found that the department has processes in place to ensure that the information entered in the register is accurate and that any changes to it are validated. Although there are controls in place

Published

Actions for Electronic Information Security

Electronic Information Security

Whole of Government
Cyber security
Internal controls and governance
Risk

The Government is not able to provide assurance that it is safeguarding its holdings of sensitive personal information because its policy has not been properly implemented. This is likely to remain the case until there are clear, mandatory, minimum standards that agencies sign up to, and scrutiny of performance against these standards is strengthened.   Parliamentary reference - Report number #207 - released 20 October 2010

Published

Actions for Use of the internet and related technologies to improve public sector performance

Use of the internet and related technologies to improve public sector performance

Whole of Government
Cyber security
Information technology
Procurement
Service delivery
Shared services and collaboration
Workforce and capability

Notwithstanding the considerable effort, it is not apparent that the Government's vision can be fully achieved without increased efforts. Based on the current position, to ensure that the Government's vision can be achieved the Audit Office is of the view that the following key issues need to be urgently addressed:  more robust mechanisms are needed to monitor, review and report publicly on progress and benefits a greater emphasis sho