This audit is a part of the ANAO's protective security audit coverage. The objective of this audit was to determine whether agencies audited had developed and implemented sound IT security management principles and practices supported by an IT security control framework, in accordance with Australian Government policies and guidelines. The audit at each agency examined the framework for the effective management and control of IT security, including the management of IT operational security controls and, where applicable, was based on the Australian Government protective security and information and communications technology (ICT) security guidelines that were current at that time.

The audit focussed on the systems and processes OGTR has established for both receiving and assessing applications under the Act, and also for ensuring compliance with the statutory requirements through monitoring and inspection. The audit objective was to form an opinion on the discharge by OGTR of selected functions entrusted to it under the Act. The audit assessed the practices of OGTR against the following principal criteria: Assessment of applications under the Act: Whether OGTR has established systems and procedures for the management and assessment of applications under the Act. Ensuring compliance—monitoring, inspection and enforcement activities: Whether OGTR has established systems and procedures for ensuring compliance with the requirements of the Act. Performance management: Whether OGTR manages selected aspects of its work efficiently and effectively. The audit did not seek to form an opinion on the appropriateness of the chosen structure of the regime for regulating gene technology or the merit of the scientific judgments involved. The audit methodology included discussions with representatives from agencies that co-ordinate aspects of the co-operative regulatory regime for gene technology across Australian jurisdictions, with various other stakeholders and users of the regime, as well as with officers of OGTR, along with examination of OGTR documents and files.

The audit examined agency approaches to the management of intellectual property under its control, and identified themes common to the management of all types of intellectual property. The audit objective was to:

(i) form an opinion on whether Commonwealth agencies have systems in place to efficiently, effectively and ethically manage their intellectual property assets; and

(ii) identify areas for better practice in intellectual property management by those agencies.

The objective of the audit was to assess the application of the outcomes and outputs framework in Australian Government agencies. The audit included a review of:

• the outcomes and outputs of agencies and the integration of the outcomes and outputs framework into agencies' operations;
• the extent to which agencies' performance indicators incorporated better practice characteristics to enable agencies to meet their performance reporting obligations;
• agencies' processes for capturing, monitoring and reporting financial and performance information and the extent to which outcomes and outputs information was used in agency decision-making; and
• the extent that agencies met their external reporting and accountability obligations.

The audit consisted of a survey of 44 agencies subject to the Financial Management and Accountability Act 1997 (FMA Act) undertaken in October 2005 and detailed audit testing in three of those agencies. The purpose of the survey was to provide cross-agency data in relation to agencies' implementation of the framework during the period 2002–03 to 2005–06. The ANAO received responses from all 44 agencies, although not all agencies responded to all questions. The ANAO did not audit the information provided by survey participants and the reported results are based on agencies' responses to the survey.

The agencies at which detailed audit testing was undertaken were:

• Department of Education Science and Training;
• the then Department of the Environment and Heritage; and
• IP Australia.

The objective of the audit was to:

• assess, in a selection of FMA Act and CAC Act agencies, how well the revised Commonwealth Procurement Guidelines had been implemented; and
• identify any better practice or common problem areas to assist other agencies in their future procurement activities.

The audit focused on procurement requirements that had changed as a result of the revised CPGs, rather than being a more general audit of compliance with all procurement requirements.
The audit was conducted in the following entities:

• Australian Federal Police;
• Bureau of Meteorology;
• Commonwealth Scientific and Industrial Research Organisation (CSIRO);
• Department of Defence;
• Department of Education, Science & Training;
• Family Court of Australia; and
• National Museum of Australia.

The objective of this audit was to assess the Private Health Insurance Administration Council's (PHIAC's) administrative effectiveness as a regulator of private health insurance. In making this assessment, the Australian National Audit Office (ANAO) addressed the following criteria: whether PHIAC monitored compliance with its legislative requirements and analysed related data; whether PHIAC addressed and managed non-compliance with its legislative requirements; and whether PHIAC's governance and organisation supported the performance of its legislative functions. Although the Department of Health and Ageing (Health) also has a role in the regulation of the private health insurance industry under the National Health Act 1953 (Health Act), Health's regulatory activities were outside the scope of this audit.

The audit was conducted at the: Australian Federal Police (AFP) and the Australian Protective Service (PS); Australian Sports Commission (ASC); Department of Communications, Information Technology and the Arts (DoCITA); Department of Family and Community Services (FaCS); and Civil Aviation Safety Authority (CASA). The objectives of the audit were to: determine whether entities had established appropriate arrangements in relation to the management of annual leave For the purposes of this audit the ANAO has used the term ‘annual leave'. However entities refer to this entitlement using other terminology such as recreation leave, planned leave or personal leave. and had effective internal controls over leave processing; assess whether leave had been managed in accordance with the requirements of the respective entity's certified agreement; and identify sound and better practices in the management and processing of leave.

The objective of the audit was to assess the effectiveness of the procurement and contracting associated with:

• the design, development and delivery of government advertising campaigns by Commonwealth departments; and
• the operation of the Central Advertising System (CAS).

The objective of the audit was to assess the effectiveness of CSIRO’s development and administration of selected National Research Flagships. In assessing CSIRO’s performance, the ANAO examined whether:

• mechanisms were in place to develop and implement the Flagships, within the context of the broader CSIRO change program;
• governance arrangements for Flagships incorporated sound oversight, planning and reporting arrangements; and
• periodic review activities were used to assess and improve the operation of the Flagships.

The objective of this audit was to assess DAFF's management of the contractual arrangements in place to deliver the National Food Industry Strategy. The audit assessed: implementation of the Strategy; financial management;assessment and selection of grants and projects; management of grants and projects; monitoring and verification of contract services; and performance management. The Australian National Audit Office (ANAO) examined a number of FIG applications and projects, one food centre of excellence and a major project under the Food Market Development programme. The audit did not examine the Food Chain programme or DAFF's administration of the Strategy's government-to-government activities.