The objective of this audit was to assess the effectiveness of the selected entities’ implementation of arrangements for managing cyber security incidents in accordance with the Protective Security Policy Framework (PSPF) and relevant ASD Cyber Security Guidelines.

The objective of the audit was to determine whether DEST has effective governance practices for its IT and e- Business; has adequate systems in place to measure the efficiency and effectiveness of its IT and e-Business; implements and maintains appropriate quality standards within its IT and e-Business systems; and implements proper controls, including risk management, to achieve maximum benefits from its IT and e- Business. The audit examined education and training services provided, or managed, by DEST via IT or the Internet.

Welcome to the last edition of Audit Matters for 2025. I’ve provided some insights in this edition which may help you to focus on a few areas of audit interest in the new year.

Audit work, as you know, is ongoing. We’ll start tabling reports again in mid-late January 2026. Next year you’ll also see some shorter performance audit reports, as part of a trial we’re undertaking to bring reports to the Parliament more quickly. Thanks to those agencies who have worked with us as we trial this new approach. We’re also doing some important work on how we approach performance statements audits in the 21 entities subject to this process. Watch out for our summary report on performance statements early in 2026 — you can subscribe to be notified of release on our website.

I wish you and your teams a restful break over the holiday season after a big year in the public sector. I look forward to seeing you in 2026.

Rona Mellor PSM, Deputy Auditor-General

The objective of the audit was to assess whether the Australian Taxation Office (ATO) has effectively managed risks related to the rapid implementation of COVID-19 economic response measures.

The audit objective was to assess the effectiveness of the Australian Taxation Office's External Compliance Assurance Process pilot conducted with large business taxpayers.

The objective of the audit was to assess whether the Department of Infrastructure, Transport, Regional Development, Communications and the Arts’ management of service delivery arrangements for the external territories was effective.

The objective of the audit was to examine the Department of Agriculture, Water and the Environment’s effectiveness in implementing the Regional Land Partnerships program.

The objective of the audit was to assess the effectiveness of Industry Innovation and Science Australia's, the Department of Industry, Science, Energy and Resources', and the Australian Taxation Office's administration of the Research and Development Tax Incentive program.

The audit objective was to assess the effectiveness of selected departments’ implementation of deregulation initiatives.

The objective of the audit was to assess the ATO's administration of the LMR. Specifically, the audit sought to: examine and report on aspects of LMR governance; assess the systems, processes and controls used by the ATO to capture and process LMR data reported by providers; examine the mechanisms and strategies the ATO uses to gain assurance that providers are complying with LMR legislation; and assess the mechanisms and strategies the ATO uses to promote awareness of, and enable access to, the LMR.