Report snapshot

Objective

This audit examined whether Corrective Services NSW and Youth Justice NSW (the agencies) provide effective and efficient support and programs for First Nations peoples in custody and after release to reduce reoffending.

Key findings

The agencies have invested in support for First Nations peoples

The agencies have developed strategies aimed at reducing over-representation of First Nations peoples in custody, aligned with the National Agreement on Closing the Gap 2020 (Closing the Gap), and have invested in programs and initiatives to support First Nations peoples.

The agencies have not operationalised systemic and structural transformation

The agencies have not embedded formal partnerships and shared decision-making, or established a healing framework and therapeutic model of care for First Nations peoples, as required by Closing the Gap and the NSW Government’s Aboriginal Affairs Plan, OCHRE.

The agencies do not monitor, evaluate or report on expenditure and outcomes for First Nations peoples

Since 2019, the agencies have had 5 strategies in place at different times to reduce First Nations over-representation in custody. However, they did not track spending or outcomes, and public data shows they failed to meet their targets.

The agencies have not established governance and accountability arrangements to support their targets

Both agencies identify failure to reduce over-representation of First Nations peoples in custody as a strategic risk, but effective governance and accountability mechanisms have not been established to mitigate this risk.

The agencies’ assessment tools disproportionately impact First Nations peoples

First Nations peoples are disproportionately classified as high-risk in NSW custodial settings, reducing their access to reintegration programs and increasing the risk of institutional barriers that contribute to reoffending.

The agencies have not identified culturally appropriate post-release services

The agencies do not have a referral framework to systematically support First Nations peoples exiting custody, including an endorsed list of culturally appropriate services in community.

The agencies have not taken sufficient steps to adapt their systems to growth in remand 

The agencies have not sufficiently addressed the needs of First Nations peoples on remand, or highlighted the practices contributing to significant growth in remand population.

Recommendations

That the agencies establish governance and accountability in line with Closing the Gap and OCHRE; co-design a First Nations Healing Framework; establish formal partnerships; and review their assessment tools.

Further information

Please contact Renee O'Kane, Chief of Staff, on 9275 7347 or by email.

This report presents key findings and recommendations from financial audits of local councils, joint organisations and county councils for the year ended 30 June 2025.

It also comments on the sector’s financial sustainability, internal controls and governance, major capital projects, artificial intelligence (AI) and cyber security.

Key findings

Unmodified audit opinions were issued for the financial statements of 125 councils, 8 county councils and 11 joint organisations. Three council audits were in progress at the time of this report.

Financial reporting quality has improved

The number and value of errors in the financial statements declined from the previous year, and fewer versions of financial statements were submitted for audit, indicating improving financial reporting processes.

Financial sustainability continues to be a concern for some councils

Seventeen councils reported operating losses this year and 19 had insufficient cash (not subject to external restrictions) to cover 3 months of general expenses. Six of the 19 councils identified as being the least liquid also incurred operating losses.

Appendix 2 lists 11 councils with heightened financial sustainability risk due to various combinations of operating losses, insufficient cash, declining populations and low capacity to generate own source revenue.

Water supply infrastructure needs $1 billion to ensure access to safe and secure water

Two regional and 13 rural councils that supply water made operating losses. Even when operating costs can be covered, it is unlikely they will recover enough, based on council estimates, to enable infrastructure upgrades to agreed service levels.

Councils held $5.4 billion in local infrastructure contributions (LIC), but spending was low for some

There were 14 councils that held more than half of LIC funds. Of these, 10 spent less than 20% of their balance in the 2024–25 financial year. Delays between collecting and spending LIC funds may indicate that infrastructure planning and delivery processes are not operating effectively. The current LIC system is particularly complex for councils experiencing significant population growth.

Capital project guidance is outdated and inadequate

Of the 29 major capital projects reviewed, 14 were delayed by more than 6 months, and 6 were more than 10% over budget. Current guidelines are more than 15 years old and do not reflect the complexity and risks of modern infrastructure delivery.

Internal controls and governance processes had deficiencies

Deficiencies in internal controls and governance were identified at most councils, mainly associated with asset management, information technology (IT) and fraud control.

Most councils lack AI strategy and governance

Councils are in the early stages of adopting AI. Fewer than half have a strategy or governance framework, limiting oversight and opportunities to leverage benefits and mitigate AI risks.

Significant cyber security control deficiencies exist

Councils have critical weaknesses in managing supply chain risks. Policies and processes for assessing the cyber security exposure of technology assets are inadequate, and monitoring of cyber security investments and their associated benefits is limited.

Recommendations

The report makes 5 recommendations (see Executive summary for full details).

Further information

Please contact Renee O'Kane, Chief of Staff, on 9275 7347 or by email.

This audit assessed whether NSW Health is effectively safeguarding clinical systems, required to support healthcare delivery in Local Health Districts, from cyber threats.

Conclusion 

NSW Health is not effectively managing cyber security risks to clinical systems that support healthcare delivery in Local Health Districts. In addition, Local Health Districts have not met the minimum NSW Government cyber security requirements that have been outlined in NSW Cyber Security Policy since 2019. 

Local Health Districts are not adequately prepared to respond effectively to cyber security incidents. Systemic non-compliance with NSW Government cyber security requirements, including maintaining adequate cyber security response plans, business continuity planning and disaster recovery for cyber security incidents, means that Local Health Districts could not demonstrate that they are prepared for, or resilient to, cyber threats. This exposes the risk that a preventable cyber security incident could disrupt access to healthcare services and compromise the security of sensitive patient information.

eHealth NSW has not clearly defined or communicated its roles and the expected roles of Local Health Districts regarding cyber security. This has led to confusion amongst Local Health Districts on the cyber security risks they manage, including for crown jewel assets (the ICT assets regarded as valuable or operationally vital for service delivery), and identifying and mitigating critical vulnerabilities, threats and risks. Local Health District management of cyber security is hampered by a lack of support, coordination and oversight from eHealth NSW in cyber security matters. 

Recommendations 

The audit recommended that: 

• The Ministry of Health collate and validate information on compliance with the NSW Cyber Security Policy
• The Ministry of Health finalise and communicate cyber security roles and responsibilities within the NSW Health system
• eHealth NSW develops clear guidance to Local Health Districts on balancing need to deliver clinical services while meeting cyber security requirements and supports Local Health Districts to improve cyber security capability
• Local Health Districts design and implement a fit for purpose cyber security risk management framework.

Further information

Please contact Renee O'Kane, Chief of Staff, on 9275 7347 or by email.

This report summarises the 2024–25 consolidated financial statements of the New South Wales General Government Sector (GGS) and Total State Sector (TSS). Together these comprise the Total State Sector Accounts (TSSA).

The report comments on key findings from the TSSA audit and highlights significant factors that have contributed to the State’s financial outcomes for the year ended 30 June 2025. The report also identifies areas of focus for future audits.

Key findings

The audit opinion on the TSSA was unqualified.

The GGS deficit was $1.4 billion higher than originally budgeted

The GGS reported a deficit of $5.1 billion for the 2024–25 financial year. This was higher than the original budgeted deficit of $3.6 billion, and $86 million higher than the revised budget deficit of $5 billion estimated during the 2024–25 half yearly review.

Since 2022–23, the GGS’s revenue growth has exceeded expense growth

This reversed a trend from previous years when expenses rose faster than revenue due to the Government’s response to COVID–19 and natural disasters.

The GGS’s interest expense increased by $3.1 million per day

In 2024–25, the GGS’s interest expense increased by $1.1 billion to $7.1 billion, mainly due to a $11.7 billion increase in the GGS’s borrowings. Interest is costing the GGS $19.6 million per day ($16.5 million last year).

The GGS reported borrowings of $165.2 billion at 30 June 2025.

The State maintained its credit ratings, however, S&P Global has indicated a risk of downgrade still exists

Both Moody’s and Fitch maintained the State’s credit rating at triple-A with a stable outlook in September 2025.

In November 2025, S&P Global reaffirmed its AA+ rating and maintained its negative long-term outlook. The negative outlook signifies a risk that the State's financial management or budgetary performance could weaken over the next two years.

Recommendations

All recommendations from our State finances 2024 report were addressed by NSW Treasury in 2024–25. No additional recommendations are made for 2024–25, apart from those made to agencies in the State agencies 2025 report.

Further information

Please contact Renee O'Kane, Chief of Staff, on 9275 7347 or by email.

This report provides an overview of the key findings and recommendations from our audits of the 40 largest NSW state sector agencies for the financial year ended 30 June 2025. It also focuses on the government’s management of contingent workers, software assets, and climate reporting as these areas are critical for government efficiency, accountability, and transparency.

Key findings

Unqualified audit opinions were issued for all 30 June 2025 general purpose financial statement audits – with one exception.

A qualified audit opinion was again issued on the Wentworth Park Sporting Complex Land Manager’s financial statements because of insufficient evidence to support the recognition of a $6.5 million non-interest bearing loan.

There were 57 uncorrected misstatements totalling $397 million this year, compared with 88 uncorrected misstatements totalling $232 million in 2023–24.

Deficiencies were found in the completeness and accuracy of asset data

Asset registers were not consistently reconciled with asset management systems, leading to unexplained differences in source data records and unexplained reconciling items.

There are continuing deficiencies in the completeness and accuracy of Crown Land asset records.

Weaknesses in payroll controls led to staff overpayments

One agency continued paying 481 terminated employees, despite some terminations dating back to 2018. In one case, an employee was overpaid more than $295,000, over three years, after resigning in 2021. The agency is taking reasonable steps to recover these overpayments.

Ineffective oversight in the acquittal of grant programs

One agency had deficiencies in the financial acquittal of a grant program, increasing the risk of mismanagement as funds were allocated to third parties without effective oversight.

Contingent workers are being engaged for extended periods of time

Of the 15 agencies assessed, 227 contingent workers have held roles for more than five years, with one contract lasting over a decade.

There were 17 contingent workers paid more than $550,000 each, placing them in a salary range equivalent to, or above, Band 4 senior executive level. While justification for these salaries may be reasonable due to specialist skills, detailed assessment and market evaluation should be performed.

The Single Digital Patient Record (SDPR) project business case was inaccurate

The initial business case did not include all relevant project costs, and estimated operational costs lacked sufficient or reliable evidence.

The State has implemented first-year climate-related financial disclosure reporting

In 2024–25, 27 state agencies prepared climate-related financial disclosures. Unmodified assurance reports were issued for the three engagements completed as part of the climate disclosure assurance pilot.

Recommendations

Six recommendations were made to state agencies and NSW Treasury to implement (see page 7 of the report for full details).

Further information

Please contact Renee O'Kane, Chief of Staff, on 9275 7347 or by email.

Members’ entitlements refer to the payments that Members of Parliament (members) are eligible to claim under the Parliamentary Remuneration Tribunal’s Annual Determination (the Determination) and the administrative guidelines of the Department of Parliamentary Services (the guidelines). These entitlements are designed to support members in performing their parliamentary duties and can include travel, communication and skills development.

This report reviews compliance in the 2024–25 financial year.

Key findings

There were 35,151 payments made to members for entitlements – totalling $26.4 million.

Of these, 33,450 claims for payment – totalling $13.8 million – were in the scope of this compliance review. The remaining payments of $12.6 million (annual basic salaries, and electoral and committee allowances) were not within scope of this review.

From a sample of 59 claims for the 2024–25 period, there were 29 departures from the requirements of the Determination and the administrative guidelines.

Loyalty and incentive scheme declarations (such as frequent flyer points) must be submitted at the end of financial year (ie 30 June) or within 30 days of ceasing to be a member. This review looked at 141 loyalty and incentive scheme declarations and found that 3 were submitted late.

Recommendations

The Department of Parliamentary Services should:

• evaluate the effectiveness of its training for members and consider other measures to improve the timelines of claim submissions
• consider conducting its annual internal audit process earlier in the year to identify audit findings sooner to better support members in meeting the requirements of the Determination and the guidelines.

Further information

Please contact Renee O'Kane, Chief of Staff, on 9275 7347 or by email.

Internal controls and governance help agencies achieve their outcomes by supporting effective operations, reliable financial reporting, and legal compliance. This report provides Parliament with insights from financial audits of 26 major NSW public sector agencies, focusing on the effectiveness of their internal controls and governance. It presents observations across key elements of these frameworks.

Key findings

Internal control findings have decreased

Audit findings on internal controls and governance were reported across all 26 agencies. While the total number of findings decreased in 2024–25 compared to the 2023–24 interim audits, repeat findings rose and now account for 33% of all reported issues.

IT controls need to improve

Five high-risk findings were reported, all related to ineffective IT controls, including those designed to prevent cyber security incidents. Approximately half of all findings involved IT controls over key financial systems.

Deficiencies in procurement practices

Agency procurement practices show deficiencies in policy alignment, capability, and oversight. Many do not fully incorporate mandatory requirements of the NSW Procurement Policy Framework, and procurement training is either lacking or not mandatory. Around half lack formal policies for best and final offer processes, and supplier relationship management is inconsistently applied, limiting value-for-money assurance.

While all agencies have conflict of interest policies, some are outdated and lack mechanisms for managing complaints, with over half failing to review centralised registers before awarding contracts.

Agencies can better integrate AI into their existing governance and strategy arrangements

Agencies are beginning to adopt AI but have yet to fully integrate it into governance and strategic planning. Fewer than half have formal AI policies or have embedded AI into existing frameworks to guide responsible use. Only a quarter have developed strategies to maximise AI’s benefits, and AI is not yet widely used as a strategic or operational tool across the sector.

Cyber security control deficiencies expose supply chains to vulnerabilities and undermine investment effectiveness

Control deficiencies make agencies vulnerable to supply chain cyber security threats and reduce investment effectiveness.

Three agencies lack formal policies addressing supply chain cyber risks, and eight do not have strategies to maintain complete IT asset registers, limiting visibility of systems. Weak third-party oversight was observed, including unclear contractual roles and limited post-termination planning. Additionally, not all agencies conduct cost–benefit analyses or align cyber security spending with threat landscapes, and only seven actively manage underutilised or outdated cyber security tools.

Recommendations

The report recommends that agencies strengthen controls and processes across three key areas: procurement frameworks, adoption of artificial intelligence, and cyber security controls.

Chapter 3 provides key areas of improvement and practical lessons for NSW government agencies in considering the effectiveness of their internal controls and governance.

Further information

Please contact Renee O'Kane, Chief of Staff, on 9275 7347 or by email.

About this report

This audit assessed how effectively Transport for NSW (TfNSW) procured the New Intercity Fleet (NIF) and the Regional Rail Fleet (RRF).

The combined estimated capital cost to completion of these procurements is currently $6.8 billion.

Findings

TfNSW did not effectively procure the New Intercity Fleet or the Regional Rail Fleet.

TfNSW did follow the processes required by the NSW Government and its own procurement policies, and managed probity and conflict of interest issues in alignment with those policies.

TfNSW did not effectively scope or estimate the full costs of the NIF or the RRF to inform assurance activities or investment decisions, and significantly underestimated the costs of enabling works for both projects.

TfNSW did not properly account for the number of NIF trains needed to avoid overcrowding, despite being aware overcrowding was likely on some peak services. This led to additional works and costs, including purchasing additional trains at higher prices.

TfNSW did not engage effectively with drivers and guards in planning and procurement. This limited its ability to manage the risks of industrial action, specifically those related to the decision for the NIF to be driver-only operated.

Documented ‘lessons learnt’ warned of the risks of using a Public Private Partnership (PPP) for the procurement of rolling stock, including the risks of variations. However, TfNSW did not effectively manage these elevated risks for the RRF, which were exacerbated by the decision to not include operation of the fleet in the PPP.

Recommendations

The audit makes six recommendations to TfNSW which relate to:

• improving its use of demand forecasting to inform investment decisions and rail rolling stock procurement activities
• introducing mandatory requirements for stakeholder consultation to inform rail rolling stock procurement projects
• developing effective assurance processes at all project stages
• improving public transparency by reporting clearly, consistently and comprehensively on the scope, timeline and costs of projects
• ensuring written advice to ministers and Cabinet is comprehensive, evidence-based and objective
• maintaining and properly classifying records, including advice to ministers and government, at all project stages.

Further information

Please contact Renee O'Kane, Chief of Staff, on 9275 7347 or by email.

About this report 

Revenue NSW is a division within the Department of Customer Service responsible for collecting fines and taxes, administering grants and recovering debt on behalf of state government agencies. As part of its role, Revenue NSW has a responsibility to ensure fines and debt processes do not have a disproportionate impact on vulnerable people.

Revenue NSW has a Hardship Policy to assist people experiencing hardship in accordance with its Customer Commitments which include acting with empathy, ease of access, situation resolution and clear explanations.

There are a range of payment options to provide hardship assistance under the policy including fine write-offs, payment plans and Work and Development Orders. Most decisions on hardship assistance are made by Revenue NSW. An individual can appeal a decision to the Hardship Review Board.

This audit assessed the effectiveness of Revenue NSW in delivering hardship assistance in compliance with relevant legislation, policies and guidelines.

Findings

Revenue NSW delivers assistance to people experiencing hardship using the range of payment options available under its Hardship Policy. It has established a governance framework to support effective implementation, including processes, procedures and delegations for assessing hardship applications.

Revenue NSW is not effectively monitoring, evaluating and reporting on the outcomes of the hardship assistance it provides under the Hardship Policy.

Revenue NSW can improve some of its processes that support it to make fair, consistent and transparent decisions on hardship assistance. It can also improve how it communicates decisions to people applying for hardship assistance.

Recommendations

The report makes five recommendations to:

• evaluate and publicly report on the implementation of the Hardship Policy
• improve quality assurance across fines and debt operations
• improve correspondence to people seeking hardship assistance
• improve the documentation of governance, risk management and ethics in artificial intelligence and automation used in fines and debt operations
• communicate more clearly the role of the Hardship Review Board.

Further information

Please contact Renee O'Kane, Chief of Staff, on 9275 7347 or by email.

About this report 

This audit assessed the performance of the NSW Education Standards Authority (NESA) and the NSW Department of Education in regulating home schooling and in providing alternative school settings, specifically:

• distance education schools
• hospital schools
• intensive learning support schools
• youth justice centre schools.

NESA regulated home schooling until 5 May 2025, when the function moved to the Department.

Findings

The Department and NESA have not effectively supported eligible students to receive a quality education in alternative school settings and home schooling. They have not:

• defined the learning and wellbeing outcomes for students in these particular settings, or evaluated whether these settings are effective in achieving those outcomes
• monitored or responded to demand for these settings, to make sure they are available and accessible in a timely way
• supported student transitions into and out of these settings, so that continuity of education is maintained
• proactively sought feedback from students and families to understand whether their needs are being met.

Recommendations

The audit makes three recommendations to the Department of Education, now responsible for regulating home schooling as well as for providing alternative school settings:

1. Develop and implement a strategy for alternative school settings that recognises their specialised nature and:

• addresses demand
• enables timely access
• enhances departmental support for student transitions
• establishes data and accountability mechanisms.

2. Work with the home schooling community on reforms to regulation, including consideration of:

• expedited registration processing
• support for students’ transitioning into and out of home schooling
• quality assurance mechanisms that recognise the unique features of home schooling.

3. Identify the child safety monitoring risks in the alternative school settings and in home schooling regulation, and ensure fit-for-purpose mechanisms are in place to address these.

Further information

Please contact Renee O'Kane, Chief of Staff, on 9275 7347 or by email.