The Auditor-General is an independent officer of the Parliament with a mandate established by legislation. The Australian National Audit Office (ANAO) assists the Auditor-General to deliver reports under the Auditor-General’s mandate and in accordance with the Auditor-General Act 1997 (the Act), the Public Governance, Performance and Accountability Act 2013 (the PGPA Act) and the Public Service Act 1999. The purpose of the ANAO is to support accountability and transparency in the Australian Government sector through independent reporting to the Parliament, and thereby drive improvements in public sector performance.

Under the Act, the Auditor-General’s functions or powers include:

• annual financial statements audits of Commonwealth entities, Commonwealth companies and their subsidiaries, including the audit of the Australian Government’s consolidated financial statements;
• conducting performance audits and assurance reviews (including the Defence Major Projects Report) of Commonwealth entities and Commonwealth companies and their subsidiaries;
• auditing annual performance statements of Commonwealth entities on request, in accordance with the PGPA Act; and
• at any time, causing a report to be tabled in either house of the Parliament on any matter.

The Auditor-General must have regard to the audit priorities of the Parliament, as determined by the Joint Committee of Public Accounts and Audit (JCPAA), when exercising the functions or powers under the Act.

The ANAO also supports the Parliament through briefings, appearances at parliamentary committees and other activities.

As a key component of the accountability and integrity framework, the Auditor-General’s functions are part of the core business of Australian Public Sector entities, with the Act setting out the requirements for entities to engage with the ANAO in carrying out the functions.

The Auditor-General publishes an annual audit work program in July each year. The program is designed to reflect the ANAO’s audit strategy and inform the Parliament, government entities and the public of the planned audit coverage for the Australian Government sector. As an independent officer, the Auditor-General has discretion in performing the functions or exercising the powers under the Auditor-General Act 1997 and may at any time explore additional areas of audit interest beyond those published in the annual audit work program.

The annual audit work program is also designed to anticipate and respond to current and emerging risks and challenges impacting on public administration. It complements the ANAO’s primary strategic planning document, the corporate plan.

The ANAO develops the annual audit work program through the process outlined in Figure 1, and is guided by the following objectives:

• having regard to the audit priorities of the Parliament of Australia as determined by the JCPAA along with any reports of the JCPAA;
• providing a balanced program of activity that is informed by risk, and promotes accountability, transparency and improvements in public administration;
• following up on past recommendations and identifying trends for improvement, or declines in performance across government; and
• applying all of the Auditor-General’s mandate.

Figure 1: Annual audit work program development process

1. Environmental scan

The ANAO continually monitors developments in the Australian Government sector to develop a comprehensive understanding of activity and trends in the sector and risks to the achievement of government and legislative objectives, including through analysis of budget decisions. The ANAO also maintains an awareness of the Parliament’s interests throughout the year, including through monitoring of chamber debates and motions, parliamentary committee inquiries, and interactions with Members of Parliament through briefings on request.

The review of trends and risks in the sector involves examination of public and entity-held information gathered through the ANAO’s interaction with entities and stakeholders during performance, performance statement and financial statement audit work and through the attendance of ANAO staff at entity audit committee meetings. The ANAO Corporate Plan 2024–25 sets out the ANAO’s assessment of key features impacting the public sector operating environment including the shifting priorities in the public sector, including the APS reform agenda, emerging public sector risks and approaches to information management within entities.

The ANAO’s environmental scan identified key considerations and risks across government activities driving the 2024–25 work program, as outlined below.

Governance

• The proper use and management of public resources (efficient, effective, ethical and economical use).
• Oversight of the delivery of major projects and transition initiatives.
• Governance of shared responsibilities both with other government entities and with non-government stakeholders.
• Compliance with reporting requirements under the sustainability reporting framework and assurance regime. Planning and risk management during implementation of new policy, policy changes and measures.
• Evidencing achievement of objectives through effective implementation of the Commonwealth performance framework including assessment of performance and achievement of results against targets set out in entity corporate plans.
• Governance of IT systems to promote cyber resilience.

Service delivery

• Developing implementation plans to support the achievement of desired outcomes.
• Demonstrating efficiency in the delivery of services.
• Maintaining accountability for services delivered through third parties.

Grants administration

• Compliance with the letter and intent of the Commonwealth Grants Rules and Guidelines .
• Effectiveness and efficiency of grant program management through grants hubs and other third parties.
• Assurance arrangements to demonstrate that grant program objectives are being met with value for public funding.

Procurement

• Demonstrating value for money, particularly by maintaining competition throughout procurement processes.
• Management of probity in procurement.
• Compliance with the letter and intent of the Commonwealth Procurement Rules.

Policy development

• Use of evidence including performance data in the policy development process.
• Use of consultation with cross-portfolio and state and territory stakeholders in the policy development process.
• Planning for how to evaluate and measure the impact of new policies during the policy development process.

Regulation

• Use of risk-based approaches and data-driven judgement when designing, implementing and assessing compliance, enforcement and assurance activities.
• Delivery of proportionate responses to non-compliance, including fraud.
• Monitoring and reporting on compliance activities.
• Probity in the administration of regulatory functions.

Asset management and sustainment

• Maintenance and sustainability planning tailored to the nature and use of the assets.
• Use of judgement and expertise to value specialist or unique assets.
• The implications for asset management and sustainment of delays in delivering new capability, particularly in the Defence context.

Financial management

• Application of judgement and appropriateness of assumptions for the calculation of liabilities.
• Appropriate governance and management of investments.
• Complex valuation methods and models used to derive the value of Commonwealth investments in portfolio entities.

Cross-cutting themes

The ANAO has identified many instances where implementation of procurement arrangements falls short of reasonable standards and are primarily an exercise in ‘form over substance’ . This puts at risk the achievement of value for money which is a core principle of the Commonwealth Procurement Rules .

Grants administration is a significant activity of Australian Government entities. ANAO audits have shown that there is often a focus on compliance with only the small number of mandatory requirements listed in the framework rather than the overarching principles . This leads to a lack of transparency and accountability over funding decisions, and impacts value for money.

These matters are related to the promotion within entities of an ethical culture that supports effective compliance with mandatory requirements and good practice, including financial (such as in procurement and grants) and non-financial requirements, which is essential for good governance, the proper use of resources and entity success . An ethical culture is one that focuses on compliance with both the letter and intent of requirements.

Australian Government entities deliver a wide range of digital services to the Australian community. Australian Government entities also hold increasingly large volumes of data, some of which is highly sensitive, within information communications technology (ICT) systems and across their networks. Maintaining the security of government ICT systems, networks and data will support Australia’s social, economic and national security interests, as well as the privacy of its citizens .

The Australian Government has identified malicious cyber activity as one of the most significant threats affecting government entities, businesses and individuals. ANAO audits have identified low levels of compliance with mandatory cyber security requirements under the Protective Security Policy Framework .

An effective system of measuring and reporting performance is essential if government is to achieve its policy goals in a way that is transparent and accountable. It enables Parliament and the public to hold Australian Government entities accountable for the proper use of public resources and regulatory powers, and for the effectiveness of their service delivery. Effective performance measurement allows entities to assess their outcomes and the impact of their programs and services on outcomes. It also supports entities to improve data quality and data analytic and evaluation capability. ANAO audits have found that while there is evidence that entities are taking steps to improve their performance reporting, ongoing improvement will require continued investment by entities to build capability and capacity to improve the quality of performance reporting to the Parliament.

2. Topic development

Risks and audit priority areas identified during the environmental scan were developed into potential topics. The development of these topics is guided by six key considerations.

• Risk: both financial and non-financial risk at the whole-of-system, portfolio and individual program levels.
• Impact: possible benefits that will flow from audit coverage, including improved transparency, administrative effectiveness, greater efficiency, improved performance, and key learnings and insights for the sector as a whole.
• Importance: the criticality of the effective and efficient delivery of the proposed topic to key stakeholders, including the Parliament.
• Materiality: the significance of the program in terms of the value, dependence and citizen reach, and the extent to which the program contributes to the broader objectives of government, or to changing or influencing decisions.
• Auditability: the extent to which the area of proposed audit coverage is able to be audited, with consideration for factors such as: the Auditor-General’s mandate; the availability of an appropriate audit methodology and product; quality and accessibility of material for analysis; and the clarity of existing frameworks and requirements to audit against.
• Previous coverage: the extent to which the area has been subject to previous audit coverage or other recent reviews and inquiries, including by the Parliament.

3. Consultation

The annual audit work program is part of the ANAO’s strategic planning framework and is guided by commitments the ANAO has made to the Parliament in its portfolio budget statements and corporate plan. A draft annual audit work program is provided to the Parliament for consultation on the audit priorities of the Parliament, through the Joint Committee of Public Accounts and Audit (JCPAA). The JCPAA may seek input from other parliamentary committees to develop a consolidated response on the audit priorities of the Parliament. The ANAO also invites feedback from accountable authorities of Australian Government entities affected by the proposed audit coverage, members of the public, the Commonwealth Ombudsman, the Inspector-General of Taxation, the Inspector-General of Intelligence and Security, the Office of the Australian Information Commissioner, the Inspector-General of Aged Care, and the National Anti-Corruption Commission.

In the development of the Annual Audit Work Program 2024–25:

• 25 audit priorities of the Parliament were identified by the JCPAA ; and
• 62 entities were consulted with 45 responses received.

4. Coverage review

The ANAO considers the audit priorities of the Parliament, and feedback from entities and the community on the potential topics. The ANAO reviews the topics to assess the extent to which the annual audit work program would appropriately cover Australian Government portfolios and entities, the range of activities undertaken within portfolio entities, the maturity of program/activity delivery, and how the potential audits align with the objectives of the PGPA Act, which include the proper use and management of public resources. Some lower-priority potential topics are removed to ensure that coverage across the program is proportionate to risk and reflects an appropriate entity audit load.

Portfolio coverage

Audit coverage across portfolios is tailored to the level of Australian Government budget commitments, the breadth of responsibilities within entities, and risks to the achievement of government and parliamentary objectives.

Activity coverage

To ensure that the annual audit work program has an appropriate spread of coverage across portfolio responsibilities, the topic list is reviewed against a range of key public administration activities. These activities include governance, service delivery, procurement, regulatory activities, grants administration, asset management and sustainment, and policy development.

Stage-of-delivery coverage

Australian Government programs and activities present a variety of risk profiles related to their stage of maturity. The annual audit work program is reviewed to provide assurance that potential topics cover an appropriate range of programs and activities across different stages of implementation maturity. Audits of programs in the design, standing up and early delivery phases enable insights that assist the implementation, mature delivery and completion stages. Audits of programs at the mature delivery stage aim to provide findings directed towards assurance, evidence collection, lessons learned for future programs and delivery of objectives.

Audit objective coverage

Subsection 15(1) of the PGPA Act provides that the accountable authority of a Commonwealth entity must govern the entity in a way that promotes the proper use and management of public resources. The PGPA Act defines ‘proper’ as efficient, effective, economical and ethical. All entities are also obliged to comply with relevant legislative requirements, and non-corporate Commonwealth entities must be governed in a way that is not inconsistent with the policies of the Australian Government.

In consideration of the obligations set out under the PGPA Act, each audit will include an assessment of the extent to which entities comply with relevant legislative requirements, established administrative frameworks and government policies. Each audit will ultimately make a conclusion on whether the entity was efficient, effective, economical and/or ethical in its implementation of the program or activity under examination.

5. Program finalisation

Following the coverage review the annual audit work program is finalised and published on the ANAO’s website. Figures 2 to 5 set out the coverage of audit topics included in the Annual Audit Work Program 2024–25. 2023–24 information has been included for comparison.

The Annual Audit Work Program 2024–25 identifies the Australian Government portfolios that are relevant to specific performance audit topics. In addition, any Australian Government entity may be included in one of the 11 cross-entity audits included in the Annual Audit Work Program 2024–25. One of the 11 cross-entity audits relates to the ANAO’s series of audits of entities’ compliance with legislative and Australian Government policy requirements. This topic includes a range of different potential compliance areas that may be subject to an audit within the one topic.

A total of 102 topics are included in the 2024–25 program. In addition to the 11 cross-entity topics there are also 11 topics in the 2024–25 program that will potentially include more than one portfolio.

Figure 2 provides an overview of the Annual Audit Work Program 2024–25 by portfolio. It compares portfolio coverage in 2023–24 with 2024–25. Some of the changes observed in Figure 2 between 2023–24 and 2024–25 are due to the number of multi-portfolio and cross-entity audits across different portfolios. Some notable changes in the program this year include increases in:

• the Climate Change, Energy, the Environment and Water portfolio due to an increase in audit focus on implementation of government policies on climate change and energy; and
• the Services Australia and the National Disability Insurance Agency portfolios due to an increased audit focus on service delivery.

The main decreases in portfolio coverage relate to:

• the Infrastructure, Transport, Regional Development, Communication and the Arts portfolio due to recent audit coverage in this area; and
• the Defence portfolio due to the materiality and complexity of the topics selected for consideration, resulting in larger audits with commensurately longer durations.

Figure 2: Portfolio coverage 2024–25

Note: 2023–24 AAWP data has been included for comparison purposes.

The planned activity coverage of the Annual Audit Work Program 2024–25 covers governance, service delivery, grants administration, procurement, policy development, asset management and sustainment, and regulatory activities.

Figure 3 outlines the spread of audit coverage across activities for the 2024–25 program. It shows in comparison to 2023–24, there has a been a shift in focus away from governance and towards grants administration, service delivery and regulatory activities.

Figure 3: Activity coverage, 2024–25

Note: 2023–24 AAWP data has been included for comparison purposes.

Figure 4 provides an overview of the proposed audit objectives covered by the Annual Audit Work Program 2024–25. It shows that in comparison to 2023–24, audit objective coverage of economy has reduced reflecting a shift in focus away from procurement audits as seen in Figure 3.

Figure 4: Audit objective coverage 2024–25

Note: 2023–24 AAWP data has been included for comparison purposes.

The annual audit work program has been designed to capture the variety of public administration challenges related to programs and activities during the stages of design, standing up, early delivery, mature delivery and after completion.

Figure 5 illustrates the spread of audit coverage in 2024–25 across programs and activities at different stages of delivery. It shows in comparison to 2023–24, that stage of implementation coverage has shifted towards early delivery and away from mature delivery to provide coverage of new or revised policy initiatives introduced since the commencement of the 47th Parliament.

Figure 5: Stage-of-implementation coverage, 2024–25

Note: 2023–24 AAWP data has been included for comparison purposes.

Key features of the Annual Audit Work Program 2024–25

In addition to the annual program of mandated financial statements audits, the Annual Audit Work Program 2024–25 includes: 102 potential performance audit, assurance review and information report topics; details about in-progress performance audit and assurance work; and information on the program of audits of annual performance statements. Key focus areas of the Annual Audit Work Program 2024–25 include:

• the key accountabilities as outlined in the Public Governance, Performance and Accountability Act 2013 including efficiency, effectiveness, economy and ethics;
• significant government procurement activities and grants program administration;
• entity implementation of agreed recommendations made by the ANAO and Parliamentary Committees;
• compliance with government legislation and policy frameworks;
• effective delivery of services to citizens;
• cyber security and IT systems controls; and
• an ongoing series of audits of major areas of public investment such as in the Department of Defence, the National Disability Insurance Scheme, programs targeting Aboriginal and Torres Strait Islander Australians, and programs focussed on climate change, energy and the environment.

The ANAO undertakes a series of audits on the implementation of agreed parliamentary committee and ANAO recommendations to provide assurance that actions to improve public administration are implemented as intended and agreed, and within reasonable timeframes. The ANAO has included in the 2024–25 work program a further potential cross-entity audit of implementation of recommendations, and has so far tabled six audits in the series with one further audit in this series underway as at 1 July 2024 :

• Auditor-General Report No. 6 2019–20, Implementation of ANAO and Parliamentary Committee Recommendations;
• Auditor-General Report No. 46 2019–20, Implementation of ANAO and Parliamentary Committee Recommendations – Education and Health Portfolios;
• Auditor-General Report No. 34 2020–21, Implementation of ANAO and Parliamentary Committee Recommendations — Department of Defence;
• Auditor-General Report No. 25 2021–22, Implementation of Parliamentary Committee and Auditor-General Recommendations — Department of Home Affairs; and
• Auditor-General Report No. 22 2022–23, Implementation of Parliamentary Committee and Auditor-General Recommendations — Attorney-General’s Portfolio.
• Auditor-General Report No. 17 2023–24, Implementation of Parliamentary Committee and Auditor-General Recommendations — Department of Finance.

6. Audit selection

Throughout the year, the Auditor-General determines which audits will commence, based on consideration of the audit priorities of the Parliament, an assessment of strategic risk, and achieving sufficient breadth and depth across the government sector. The Auditor-General also considers any recent developments in the public sector, areas of community interest, opportunities to demonstrate good practice in public administration and accountability, resourcing, and requests for audit. Suggestions by parliamentary committees, parliamentarians and others for audits are considered by the Auditor-General throughout the year.

Prior to commencing an audit, the allocated audit team will develop an audit work plan including the proposed audit scope, timeframe and budget, and review strategic and operational risks specific to the audit. The audit work plan informs the Auditor-General’s decision-making on commencing an audit.

7. Delivering against the annual audit work program

Once a performance audit or assurance review is completed and approved by the Auditor-General, the relevant report is tabled in the Parliament of Australia. The tabled report is then published on the ANAO website. Additionally, the ANAO shares key learnings from performance audits in audit reports and Insights products.