The Auditor-General is an independent officer of the Parliament with a mandate established by legislation. The Australian National Audit Office (ANAO) assists the Auditor-General to deliver reports under the Auditor-General’s mandate and in accordance with the Auditor-General Act 1997 (the Act), the Public Governance, Performance and Accountability Act 2013 (the PGPA Act) and the Public Service Act 1999. The purpose of the ANAO is to support accountability and transparency in the Australian Government sector through independent reporting to the Parliament, and thereby drive improvements in public sector performance.

Under the Act, the Auditor-General’s functions or powers include:

• annual financial statements audits of Commonwealth entities, Commonwealth companies and their subsidiaries, including the audit of the Australian Government’s consolidated financial statements;
• conducting performance audits and assurance reviews (including the Defence Major Projects Report) of Commonwealth entities and Commonwealth companies and their subsidiaries;
• auditing annual performance statements of Commonwealth entities on request, in accordance with the PGPA Act; and
• at any time, causing a report to be tabled in either house of the Parliament on any matter.

The Auditor-General must have regard to the audit priorities of the Parliament, as determined by the Joint Committee of Public Accounts and Audit (JCPAA), when exercising the functions or powers under the Act.

The ANAO also supports the Parliament through briefings, appearances at parliamentary committees and other activities.

As a key component of the accountability and integrity framework, the Auditor-General’s functions are part of the core business of Australian Public Sector entities, with the Act setting out the requirements for entities to engage with the ANAO in carrying out the functions.

The Auditor-General publishes an annual audit work program in July each year. The program is designed to reflect the ANAO’s audit strategy and inform the Parliament, government entities and the public of the planned audit coverage for the Australian Government sector. As an independent officer, the Auditor-General has discretion in performing the functions or exercising the powers under the Auditor-General Act 1997, and may at any time explore additional areas of audit interest beyond those published in the annual audit work program.

The annual audit work program is also designed to anticipate and respond to current and emerging risks and challenges impacting on public administration. It complements the ANAO’s primary strategic planning document, the corporate plan.

The ANAO will review the 2022–23 AAWP in December 2022 following the Federal Budget, to ensure this audit strategy aligns with the priorities of the new Parliament.

Key features of the Annual Audit Work Program 2022–23

In addition to the annual program of mandated financial statements audits, the Annual Audit Work Program 2022–23 includes: 85 potential performance audit and assurance review topics; details about in-progress performance audit and assurance work; and information on the program of audits of annual performance statements. Key focus areas of the Annual Audit Work Program 2022–23 include:

• key accountabilities as outlined in the Public Governance, Performance and Accountability Act 2013 (the PGPA Act), including the proper use and management of public resources (efficiency, effectiveness, economy and ethics);
• planning and delivery in major areas of public investment, such as in Defence capability, large-scale infrastructure, the National Disability Insurance Scheme, and programs targeting Indigenous Australians;
• the measurement of performance and impact against agreed program objectives;
• emergency response planning, performance and associated risks;
• procurement and contract management;
• grants assessment, decision-making and management;
• the sector meeting security requirements;
• entity governance and the management of program and entity risks, including in relation to probity, integrity and fraud; and
• continuation of the ANAO’s COVID-19 multi-year audit strategy, which focuses on auditing the Australian Government’s response to the COVID-19 pandemic.

The ANAO also undertakes a series of audits on the implementation of agreed parliamentary committee and ANAO recommendations to provide assurance that actions to improve public administration are implemented as intended and agreed, and within reasonable timeframes. The ANAO has included in the 2022–23 work program a further potential cross-entity audit of implementation of recommendations, and has so far tabled four audits in the series:

• Auditor-General Report No. 6 2019–20, Implementation of ANAO and Parliamentary Committee Recommendations;
• Auditor-General Report No. 46 2019–20, Implementation of ANAO and Parliamentary Committee Recommendations – Education and Health Portfolios;
• Auditor-General Report No. 34 2020–21, Implementation of ANAO and Parliamentary Committee Recommendations — Department of Defence; and
• Auditor-General Report No. 25 2021–22, Implementation of Parliamentary Committee and Auditor-General Recommendations — Department of Home Affairs.

The ANAO develops the annual audit work program through the process outlined in Figure 1, and is guided by the following objectives:

• having regard to the audit priorities of the Parliament of Australia as determined by the Joint Committee of Public Accounts and Audit (JCPAA) along with any reports of the JCPAA;
• providing a balanced program of activity that is informed by risk, and promotes accountability, transparency and improvements in public administration;
• following up on past recommendations and identifying trends for improvement, or declines in performance across government; and
• applying all of the Auditor-General’s mandate.

Figure 1: Annual audit work program development process

1. Environmental scan

The ANAO continually monitors developments in the Australian Government sector to develop a comprehensive understanding of activity and trends in the sector and risks to the achievement of government and legislative objectives, including through analysis of budget decisions. The ANAO also maintains an awareness of the Parliament’s interests throughout the year, including through daily monitoring of chamber debates and motions, parliamentary committee inquiries, and interactions with Members of Parliament through briefings on request.

The review of trends and risks in the sector involves examination of public and entity-held information gathered through the ANAO’s interaction with entities and stakeholders during performance, performance statement and financial statement audit work and through the attendance of ANAO staff at entity audit committee meetings. As noted in the ANAO Corporate Plan 2022–23, key features impacting the public sector operating environment include evolving challenges in service delivery and the potential for the policy agenda of the new government to bring challenges for advice and implementation within the APS.

The ANAO’s environmental scan identified key considerations and risks across government activities driving the 2022–23 work program, as outlined below.

Governance

• The proper use and management of public resources (efficient, effective, ethical and economical use).
• Oversight of the delivery of major projects and transition initiatives.
• Governance of shared responsibilities both with other government entities and with non-government stakeholders.
• Governance of Corporate Commonwealth entities and Government Business Enterprises.
• Planning and risk management during implementation of new policy, policy changes and measures.
• Assessment of performance and achievement of results against targets set out in entity corporate plans.

Service delivery

• Evidencing achievement of objectives through effective implementation of the Commonwealth performance framework.
• Demonstrating efficiency in the delivery of services.
• Maintaining accountability for services delivered through third parties.

Grants administration

• Compliance with the letter and intent of the Commonwealth Grants Rules and Guidelines.
• Effectiveness and efficiency of grant program management through grants hubs and other third parties.
• Assurance arrangements to demonstrate that grant program objectives are being met with value for public funding.

Procurement

• Demonstrating value for money, particularly by maintaining competition throughout procurement processes.
• Management of probity in procurement.
• Compliance with the letter and intent of the Commonwealth Procurement Rules.

Policy development

• Use of evidence including data and performance measures in the policy development process.

Regulatory

• Design and implementation of risk-based compliance strategies.
• Delivery of proportionate responses to non-compliance.
• Monitoring and reporting on compliance activities.
• Probity in the administration of regulatory functions.

Asset management and sustainment

• Maintenance and sustainability planning tailored to the nature and use of the assets.
• Use of judgement and expertise to value specialist or unique assets.
• The implications for asset management and sustainment of delays in delivering new capability, particularly in the Defence context.

Financial management

• Application of judgement and appropriateness of assumptions for the calculation of liabilities.
• Appropriate governance and management of investments.
• Complex valuation methods and models used to derive the value of Commonwealth investments in portfolio entities.

Cross-cutting theme

A key focus cutting across all portfolios and areas of public sector activity continues to be the promotion within entities of an ethical culture that supports effective compliance with mandatory requirements and good practice, including financial (such as in procurement) and non-financial requirements, essential for good governance, the proper use of resources and entity success. An ethical culture is one that focuses on compliance with both the letter and intent of requirements.

Australian Government entities deliver a wide range of digital services to the Australian community. Australian Government entities also hold increasingly large volumes of data, some of which is highly sensitive, within information communications technology (ICT) systems and across their networks. Maintaining the security of government ICT systems, networks and data will support Australia’s social, economic and national security interests, as well as the privacy of its citizens.

The Australian Government has identified malicious cyber activity as one of the most significant threats affecting government entities, businesses and individuals. ANAO audits have identified low levels of compliance with mandatory cyber security requirements under the Protective Security Policy Framework (PSPF).

The risk environment faced by the Australian public sector was impacted by the COVID-19 pandemic, which challenged policy design, service delivery, IT systems and information management, and resource allocation. During 2022–23, the ANAO will continue to implement its COVID-19 audit strategy and transition to phase three of the three-stage strategy, which will focus on the outcomes of the Australian Government’s COVID-19 response, recovery plans and programs, and preparedness for future crises.

2. Topic development

Risks and audit priority areas identified during the environmental scan were developed into potential topics. The development of these topics is guided by six key considerations.

• Risk: both financial and non-financial risk at the whole-of-system, portfolio and individual program levels.
• Impact: possible benefits that will flow from audit coverage, including improved transparency, administrative effectiveness, greater efficiency, improved performance, and key learnings and insights for the sector as a whole.
• Importance: the criticality of the effective and efficient delivery of the proposed topic to key stakeholders, including the Parliament.
• Materiality: the significance of the program in terms of the value, dependence and citizen reach, and the extent to which the program contributes to the broader objectives of government, or to changing or influencing decisions.
• Auditability: the extent to which the area of proposed audit coverage is able to be audited, with consideration for factors such as: the Auditor-General’s mandate; the availability of an appropriate audit methodology and product; quality and accessibility of material for analysis; and the clarity of existing frameworks and requirements to audit against.
• Previous coverage: the extent to which the area has been subject to previous audit coverage or other recent reviews and inquiries, including by the Parliament.

3. Consultation

The annual audit work program is part of the ANAO’s strategic planning framework and is guided by commitments the ANAO has made to the Parliament in its portfolio budget statements and corporate plan. A draft annual audit work program is provided to the Parliament for consultation on the audit priorities of the Parliament, through the JCPAA. The JCPAA may seek input from other parliamentary committees to develop a consolidated response on the audit priorities of the Parliament. The ANAO also invites feedback from accountable authorities of Australian Government entities affected by the proposed audit coverage, members of the public, the Commonwealth Ombudsman, the Inspector-General of Taxation, the Inspector-General of Intelligence and Security and the Office of the Australian Information Commissioner.

In the development of the Annual Audit Work Program 2022–23:

• 18 audit priorities were identified by the JCPAA and one new potential audit topic was suggested by the JCPAA; and
• 49 entities were consulted with 31 responses received.

4. Coverage review

The ANAO considers the audit priorities of the Parliament, and feedback from entities and the community on the potential topics. The ANAO reviews the topics to assess the extent to which the annual audit work program would appropriately cover Australian Government portfolios and entities, the range of activities undertaken within portfolio entities, the maturity of program/activity delivery, and how the potential audits align with the objectives of the PGPA Act, which include the proper use and management of public resources. Some lower-priority potential topics are removed to ensure that coverage across the program is proportionate to risk and reflects an appropriate entity audit load.

Portfolio coverage

Audit coverage across portfolios is tailored to the level of Australian Government budget commitments, the breadth of responsibilities within entities, and risks to the achievement of government and parliamentary objectives.

Activity coverage

To ensure that the annual audit work program has an appropriate spread of coverage across portfolio responsibilities, the topic list is reviewed against a range of key public administration activities. These activities include governance, service delivery, procurement, regulatory activities, grants administration, asset management and sustainment, and policy development.

Stage-of-delivery coverage

Australian Government programs and activities present a variety of risk profiles related to their stage of maturity. The annual audit work program is reviewed to provide assurance that potential topics cover an appropriate range of programs and activities across different stages of implementation maturity. Audits of programs in the design, standing up and early delivery phases enable insights that assist the implementation, mature delivery and completion stages. Audits of programs at the mature delivery stage aim to provide findings directed towards assurance, evidence collection, lessons learned for future programs and delivery of objectives.

Audit objective coverage

Subsection 15(1) of the PGPA Act provides that the accountable authority of a Commonwealth entity must govern the entity in a way that promotes the proper use and management of public resources. The PGPA Act defines ‘proper’ as efficient, effective, economical and ethical. Further, all entities are obliged to comply with relevant legislative requirements, and non-corporate Commonwealth entities must be governed in a way that is not inconsistent with the policies of the Australian Government.

In consideration of the obligations set out under the PGPA Act, each audit will include an assessment of the extent to which entities comply with relevant legislative requirements, established administrative frameworks and government policies. Further, each audit will ultimately make a conclusion on whether the entity was efficient, effective, economical and/or ethical in its implementation of the program or activity under examination.

5. Machinery of Government changes

On 1 July 2022 an Administrative Arrangements Order (AAO) took effect which involved a number of changes, including:

• the creation of the Department of Climate Change, Energy, the Environment and Water;
• the creation of the Department of Employment and Workplace Relations;
• the Department of Health being renamed the Department of Health and Aged Care;
• the Department of Infrastructure, Transport, Regional Development and Communications being renamed the Department of Infrastructure, Transport, Regional Development, Communications and the Arts;
• the Department of Education, Skills and Employment being renamed the Department of Education;
• the Department of Agriculture, Water and the Environment being renamed the Department of Agriculture, Fisheries and Forestry;
• The Department of Industry, Science, Energy and Resources being renamed the Department of Industry, Science and Resources; and
• the reallocation of responsibilities and functions between both new and existing portfolios.

The AAWP 2022–23 has been updated to reflect these changes. A further review of topics and portfolio information will occur after the October Federal Budget process to capture any further changes.

6. Program finalisation and audit selection

Following the coverage review the annual audit work program is finalised and published on the ANAO’s website. Figures 2 to 5 set out the coverage of audit topics included in the Annual Audit Work Program 2022–23.

The Annual Audit Work Program 2022–23 identifies the Australian Government portfolios that are relevant to specific performance audit topics. In addition, any Australian Government entity may be included in one of the 14 cross-entity audits included in the Annual Audit Work Program 2022–23. Figure 2 provides an overview of the Annual Audit Work Program 2022–23 by portfolio.

Figure 2: Portfolio coverage 2022–23

The planned activity coverage of the Annual Audit Work Program 2022–23 covers governance, service delivery, procurement, regulatory activities, grants administration, asset management and sustainment and policy development. Figure 3 outlines the spread of audit coverage across activities for the 2022–23 program.

Figure 3: Activity coverage, 2022–23

The annual audit work program has been designed to capture the varying public administration challenges related to programs and activities during the stages of design, standing up, early delivery, mature delivery and after completion. Figure 4 illustrates the spread of audit coverage in 2022–23 across programs and activities at different stages of delivery.

Figure 4: Stage-of-implementation coverage, 2022–23

Figure 5 provides an overview of the proposed audit objectives covered by the Annual Audit Work Program 2022–23.

Figure 5: Audit objective coverage 2022–23

Audit selection

Throughout the year, the Auditor-General determines which audits will commence, based on consideration of the audit priorities of the Parliament, an assessment of strategic risk, and achieving sufficient breadth and depth across the government sector. The Auditor-General also considers any recent developments in the public sector, areas of community interest, opportunities to demonstrate good practice in public administration and accountability, resourcing, and requests for audit. Suggestions by parliamentary committees, parliamentarians and others for audits are considered by the Auditor-General throughout the year.

Prior to commencing an audit, the allocated audit team will develop an audit work plan including the proposed audit scope, timeframe and budget, and review strategic and operational risks specific to the audit. The audit work plan informs the Auditor-General’s decision-making on commencing an audit.

Once a performance audit or assurance review is completed and approved by the Auditor-General, the relevant report is tabled in the Parliament of Australia. The tabled report is then published on the ANAO website. Additionally, the ANAO shares key learnings from performance audits in audit reports and Audit Insights products.