Our staff add value to public sector effectiveness and the independent assurance of public sector administration and accountability, applying our professional and technical leadership to have a real impact on real issues.
The objective of this audit was to assess the effectiveness of personnel security arrangements at selected Australian Government organisations, including whether they satisfied the requirements of the PSM. To address this objective, the audit examined the extent to which the selected organisations implemented the 14 recommendations from the three previous reports.
The objective of this audit is to examine DIAC's implementation of the nine recommendations made in the earlier audit. The audit has also taken into account changed circumstances since the original audit. These include a heightened security environment after 11 September 2001 and the results of other relevant ANAO performance audit and financial statement work. The audit also examined ETA decision-making processes to gain assurance about its robustness in a changing risk environment. This issue came to attention in recent audits of visa management processes.
The audit objective was to form an opinion on the adequacy of a select group of Australian Government agencies' management of Internet security, including following-up on agencies' implementation of recommendations from the ANAO's 2001 audit. The agencies audited were Australian Customs Service (ACS), Australian Federal Police (AFP), Australian Radiation Protection and Nuclear Safety Agency (ARPANSA), Department of Employment and Workplace Relations (DEWR), Department of Industry, Tourism and Resources (DITR) and Medicare Australia. Factors considered in selecting agencies were agency size based on funding levels, whether the agency was included in ANAO's 2001 audit (ACS, ARPANSA, and DEWR), whether the agency's ICT was managed in-house or outsourced, and the nature of the agency's website (that is, general or restricted access).
The objective of the audit was to assess whether selected Australian Government entities were effectively supporting their business requirements through planning for, and management of, the acquisition, disposal and use of their IPE assets. The audit reviewed each entity's policies and practices against a series of audit criteria across the following components of asset management: control environment; planning; acquisitions; operations; and disposals.
The objective of this performance audit was to assess whether DIMIA's information systems and business processes are effective in supporting APP to meet its border security and streamlined clearance objectives. In particular, the audit focused on the following: Mandatory APP - Stage 1 (MAPP1) project management; MAPP1 IT development and system performance; APP performance reporting; contract management; and financial management.
The objective of this audit was to assess DIMIA's management of the tender, evaluation and contract negotiation processes for the Detention Services Contract. Specifically, the audit considered DIMIA's processes for determining value for money based on the department's: evaluation of the request for tender, including the announcement of the preferred tenderer; negotiations with the successful and unsuccessful tenderers; and management of liability, indemnity and insurance.
Parliamentary Committees, particularly Senate Estimates Committees, have for many years taken an interest in the use of consultants by Australian government agencies. In this context, and having regard to the extent of expenditure by FMA Act agencies on consultants, the objective of this audit was to assess the accuracy and completeness of Australian government agencies' reporting of expenditure on consultants.
This audit is a part of the ANAO's protective security audit coverage. The objective of this audit was to determine whether agencies audited had developed and implemented sound IT security management principles and practices supported by an IT security control framework, in accordance with Australian Government policies and guidelines. The audit at each agency examined the framework for the effective management and control of IT security, including the management of IT operational security controls and, where applicable, was based on the Australian Government protective security and information and communications technology (ICT) security guidelines that were current at that time.