The audit objective was to assess entities’ progress in implementing the corporate planning requirement under the Public Governance, Performance and Accountability Act 2013 and related PGPA Rule 2014.

Summary and recommendations

Background

1. Performance reporting arrangements in the public sector have moved, over time, from a narrow focus on financial inputs, towards models designed to provide a clearer picture of the outcomes being achieved by government.1 Appropriate and timely performance information strengthens accountability by informing the Parliament and government about the impact of policy measures. It also assists entities to manage programs and activities for which they are responsible and provides a basis for advice to government.

2. The Public Governance, Performance and Accountability Act 2013 (PGPA Act) which took full effect from 1 July 2014, underpins the implementation of the Australian Government’s enhanced Commonwealth performance framework (performance framework). The PGPA Act is supported by the Public Governance, Performance and Accountability Rule 2014 (PGPA Rule).2 The performance framework requires Accountable Authorities3 to publish on their entity’s website a corporate plan for the entity at least once each reporting period and to give that corporate plan to the responsible Minister and the Finance Minister. Corporate plans are intended to be the primary planning documents of Commonwealth entities and companies4 and represent the beginning of a performance cycle. The publication of a performance statement in the entity’s annual report represents the end of the performance cycle.

3. Accountable Authorities are responsible for the implementation of the performance framework, including the corporate planning requirement. The Department of Finance (Finance) is responsible for whole-of-government administration of the resource management framework and related legislation. As part of its administration of this framework, Finance provides guidance and advice to entities on their obligations, as well as tools and training to assist their awareness and compliance.

Rationale for undertaking the audit

4. This audit was conducted as part of a multi-year audit program on implementation of the resource management framework introduced by the PGPA Act. It is intended to assist in keeping the Parliament, government and the community informed about the extent to which the resource management framework established by the PGPA Act is achieving its objectives.

5. This is the third in a series of performance audits which examine entities’ implementation of the corporate planning requirement. The ANAO’s audit program has also examined implementation of the annual performance statements requirements and the risk management framework.

Audit objective and criteria

6. The objective of the audit was to assess the selected entities’ progress in implementing the corporate planning requirements under the Public Governance, Performance and Accountability Act 2013 and related Public Governance, Performance and Accountability Rule 2014 (PGPA Rule).

7. To form a conclusion against the audit objective, the ANAO adopted the following high level audit criteria:

  • the selected entities’ corporate plans were established as their primary planning document and outline how entities intended to achieve their purposes over the period of the plans;
  • the selected entities’ corporate plans met the minimum content and publication requirements of PGPA Rule; and
  • entities’ supporting systems and processes for developing their corporate plans and monitoring achievements against their plans were mature.

Audit methodology

8. The audit involved reviewing the corporate plans and supporting systems and processes, reviewing records and interviewing staff of the following four entities:

  • Australian Transaction Reports and Analysis Centre (AUSTRAC);
  • Commonwealth Scientific and Industrial Research Organisation (CSIRO);
  • Department of the Treasury (Treasury); and
  • Office of the Commonwealth Ombudsman (the Ombudsman).

9. To assist in its review the ANAO developed an assessment matrix which is provided in Appendix 3. The scope of the audit did not include a detailed assessment of: the appropriateness of the performance measures included in entity plans; or entities’ management of risk.

Conclusion

10. The four entities involved in the audit were at different levels of progress in their implementation of the corporate plan requirements introduced in 2015. Given this is the third year that entities have been required to produce corporate plans under the Public Governance, Performance and Accountability Act 2013 (PGPA Act) and Public Governance, Performance and Accountability Rule 2014 (PGPA Rule) greater progress in implementation than what this audit indicates could have been expected.

11. In line with the policy intent of the performance framework, AUSTRAC and the Ombudsman had positioned their corporate plan as the primary planning document. Treasury had not fully done so and CSIRO had not done so.

12. Each of the selected entities has developed processes to support the development of the corporate plan and to monitor achievement against the plan. AUSTRAC and the Ombudsman have more mature systems and processes in place. The corporate plan has been integrated in their broader planning frameworks and they are using the corporate plan to support their decision making and manage the business.

13. Only CSIRO met all of the minimum requirements of the PGPA Rule. AUSTRAC, the Ombudsman and Treasury, to varying degrees, did not address each of the four reporting periods covered by the plan in each of the environment, performance, capability and risk oversight and management systems section of their corporate plan.

14. The ANAO’s assessment of the maturity of key mandatory sections of the selected entities’ corporate plans—relating to entity purposes, environment, performance, capability and risk oversight and management systems—indicates that there remains scope for improvement in a range of areas. In particular, the inclusion of purely descriptive information in respect to entities’ risk oversight and management systems is not consistent with one of the objects of the PGPA Act, which is to require Commonwealth entities to provide meaningful information to the Parliament and the public. There is also scope for the selected entities to review the reliability and completeness of the performance indicators included in their corporate plans, as a basis for providing a meaningful performance story in their performance statements.

15. This is the third year that entities have been required to produce corporate plans under the PGPA Act and PGPA Rule. It can reasonably be expected that entities have learned from previous experiences. This includes their own experience in the previous two years, the feedback and lessons learned processes undertaken by the Department of Finance, and the two ANAO performance audits of corporate planning which identified key learnings and opportunities for improvement. Entities should have moved beyond simple compliance with the minimum requirements set out in the PGPA Rule and established mature systems and processes to support the development and monitoring of the corporate plan—to ensure it provides a firm basis for reporting on entity performance in the annual performance statement to Parliament. They should also have embedded the corporate plan as the entity’s primary planning document, and progressed the development of meaningful risk management summaries and performance indicators.

Supporting findings

Corporate plans in Commonwealth entities

16. AUSTRAC and the Ombudsman had established the corporate plan as the primary planning document and were using it to manage their business. Treasury had not fully done so and CSIRO had not done so.

17. The quality and implementation of relevant entity systems and processes to support the development of the corporate plan was variable.

18. In CSIRO and Treasury only some key elements in the development process were evident. Most key elements were evident in the Ombudsman’s development process. All key elements were evident in AUSTRAC’s development process and were operating as intended.

19. There remains scope for CSIRO and Treasury in particular, to strengthen the systems and processes used for developing their corporate plans. A more structured approach would involve:

  • fully integrating the corporate plan into the entities’ broader planning framework in a way that clearly positions it as the primary planning document and in a way that it is actively used to drive business decision making;
  • clearly defining roles, responsibilities and accountabilities and ensuring they operate as intended;
  • developing strategies for more systematic engagement of internal and external stakeholders; and
  • earlier and more systematic involvement of Executive management in the corporate planning process to direct the development process.

20. Each of the selected entities met the minimum requirements for the publication of its corporate plan prepared for the 2017–18 planning cycle. Entity plans were provided to the responsible Minister and the Finance Minister as required and placed on each entity’s website by 31 August 2017.

21. Each of the selected entities met the minimum requirements regarding the inclusion of an introduction and matters relating to the entity’s purposes, environment, performance, capability, and risk oversight and management systems in their corporate plan as required by the PGPA Rule. However, the provision of purely descriptive information in respect to risk oversight and management systems is not consistent with the objects of the PGPA Act, which are to require Commonwealth entities ‘to provide meaningful information to the Parliament and the public’.5

22. With the exception of CSIRO none of the selected entities fully met the requirement to address each of the four reporting periods covered by the plan in each of the environment, performance, capability, and risk oversight and management systems sections of their corporate plan.

23. The ANAO’s assessment of the maturity of key mandatory sections of the selected entities’ corporate plans—relating to purposes, environment, performance, capability, and risk oversight and management systems—indicates that there is scope for improvement in respect to:

  • Purposes—by making the purposes more readily identifiable (Treasury), and providing a clearer statement of the intended outcome and the intended beneficiaries of these outcomes when the purposes are fulfilled (CSIRO and Treasury).
  • Environment—by better outlining the main factors that are both in control and beyond the control of the entity that are expected to impact the achievement of its purposes and linking this with the capability and risk sections of the corporate plan to provide details of the entity’s operating context (CSIRO, the Ombudsman and Treasury).
  • Performance—by improving the relevance, and particularly the reliability and completeness of performance indicators (all selected entities).
  • Capability—by clearly addressing how capability impacts the achievement of purpose, how capability requirements might change over time and integrating this into its broader discussion of operating context (CSIRO, the Ombudsman and Treasury).
  • Risk oversight and management systems—by identifying the key risks facing each entity and clearly outlining how each entity’s approach to managing risk will support the achievement of its purpose, and linking with the environment and capability sections of the plan to provide an integrated discussion of operating context (the Ombudsman and Treasury).

24. AUSTRAC and the Ombudsman had developed mature systems and processes to monitor achievements against the plan (particularly in relation to performance) and report regularly to their senior management and Accountable Authority. These were fully operating in a manner that supported decision making and the corporate plan was being used in managing the business.

25. In CSIRO and Treasury some systems and processes for regular monitoring of achievements against the plan were in place. In CSIRO and to a lesser extent Treasury there was a need to embed systems and processes for monitoring and reporting which fully position the corporate plan as the primary planning document in such a way that is it used to support decision making and managing the business.

Recommendations

Recommendation no.1

Paragraph 2.11

That CSIRO and Treasury fully establish the corporate plan as their primary planning document to provide a firmer basis for reporting to Parliament in the annual performance statement.

Commonwealth Scientific and Industrial Research Organisation response: Agreed.

Department of the Treasury response: Disagreed.

Recommendation no.2

Paragraph

2.28

That AUSTRAC, the Ombudsman and Treasury comply with the mandatory requirements of the Public Governance, Performance and Accountability Rule 2014 by ensuring that each of the four mandatory sections of the plan specifically address the four reporting periods covered by the plan.

Australian Transaction Reports and Analysis Centre response: Agreed.

Department of the Treasury response: Disagreed.

Office of the Commonwealth Ombudsman response: Agreed.

Recommendation no.3

Paragraph

2.39

That all entities include a meaningful summary of risk management and oversight systems in their corporate plan, consistent with the objects of the Public Governance, Performance and Accountability Act 2013, which are to require Commonwealth entities to provide meaningful information to the Parliament and the public.

Australian Transaction Reports and Analysis Centre response: Disagreed.

Commonwealth Scientific and Industrial Research Organisation response: Agreed.

Department of the Treasury response: Disagreed.

Office of the Commonwealth Ombudsman response: Agreed with qualifications.

Recommendation no.4

Paragraph

2.96

That:

  • the Ombudsman and Treasury identify in their corporate plan key risks and how their approach to managing risk will support the achievement of their purposes; and
  • the selected entities review the reliability and completeness of performance indicators as a basis for providing a meaningful performance story in their performance statements.

Australian Transaction Reports and Analysis Centre response: Agreed.

Commonwealth Scientific and Industrial Research Organisation response: Agreed.

Department of the Treasury response: Agreed.

Office of the Commonwealth Ombudsman response: Agreed.

Summary of entity responses

26. Summary responses from the selected entities are provided below. The full responses are provided at Appendix 1.

Australian Transaction Reports and Analysis Centre

AUSTRAC acknowledges the Australian National Audit Office’s (ANAO) report on Corporate Planning in the Australian Public Service 2017–18. The insights provided by this report will inform AUSTRAC’s commitment to strengthening the preparation of the 2018–19 Corporate Plan and future corporate plans. AUSTRAC agrees with most of the findings, however, notes the inconsistent interpretation and guidance relating to the requirement to provide a meaningful summary of its risk management and oversight systems. It is AUSTRAC’s view that the requirements of the Public Governance, Performance and Accountability Rule in relation to this section of the 2017–18 Corporate Plan were met in accordance with the guidance available at that time. AUSTRAC requests that further guidance be developed to clarify the manner in which non-corporate Commonwealth entities should describe their systems of risk management and oversight. This necessity is further emphasised given conflicting feedback received from the Department of Finance in relation to AUSTRAC’s 2017–18 Corporate Plan, particularly with regard to four year outlooks and related summaries.

Commonwealth Scientific and Industrial Research Organisation

CSIRO accepts the Recommendations as outlined in the Proposed Report. CSIRO has given consideration to the implementation of the recommendations and it is anticipated that implementing the recommendations will commence with the development of the 2018–19 CSIRO Corporate Plan. Given current timing, it should be anticipated that implementation of the recommendations in full would manifest with the 2019–20 CSIRO Corporate Plan.

Department of the Treasury

The Treasury will continue efforts already underway to improve its corporate planning framework. The audit sets a benchmark beyond the minimum requirements of the Public Governance, Performance and Accountability Act 2013 (PGPA Act) and Public Governance, Performance and Accountability Rule 2014 (PGPA Rule). This level of maturity is likely to take several years and dedication of specialised expertise to achieve.

It is a matter for the Accountable Authority to determine how corporate planning will be embedded into an agency’s planning and resourcing frameworks. It must be done in a way that is fit for purpose and does not compromise the agency’s capacity to deliver core functions, while responding to emerging priorities.

All that said, for a Department like the Treasury, the notion that any corporate plan should provide an ‘operational manual’ is problematic. The agenda for the Treasury remains highly unpredictable and requires great flexibility in resource utilisation and in setting priorities.

There is an obvious opportunity for clarification of the intent of the PGPA Rule and supporting guidance in respect of requirements to set relevant sections of a corporate plan out by each of the four reporting years, and provide a summary of systems of risk oversight and management.

Office of the Commonwealth Ombudsman

The ANAO’s assessment that the Office’s 2017–18 Corporate Plan is positioned as our primary planning document affirms that the intentions of the Office are being carried out in practice. The Office acknowledges the learnings identified during this review and will integrate these learnings as part of our journey of continuous improvement in corporate planning.

The Office agrees with the majority of findings presented, however, we note that section 16E(2) of the PGPA Rule requires a corporate plan to include a summary of risk oversight and management systems. It is the view of the Office that this requirement was met in the Office’s 2017–18 Corporate Plan and is in compliance with minimum PGPA requirements.

We thank the ANAO team for their professional conduct and collaborative approach during the review, which has resulted in a report that is a valuable resource for the development of the Office’s future corporate plans and more broadly, those of all Commonwealth agencies.

Department of Finance

The Department of Finance supports the findings of the report.

    Key learnings for all Australian Government entities

    Below is a summary of key learnings identified in this audit report that may be considered by other Commonwealth entities when implementing the corporate planning requirements.

    Establishing the corporate plan as the primary planning document

    Developing the corporate plan

    Content of the corporate plan

    Monitoring achievement against the corporate plan

    1. Background

    Introduction

    1.1 Performance reporting regimes have been in place in the Australian public sector since the mid-1980s, when the Australian Government introduced budgetary and reporting arrangements intended to allow citizens to better understand government operations and the use of public funds to achieve policy objectives.6 Performance reporting also contributes to public accountability by providing a basis for Parliamentary scrutiny of government operations.

    1.2 Over time, performance reporting arrangements in the public sector have moved from a narrow focus on financial inputs, towards models designed to provide a clearer picture of the outcomes being achieved by government.7 Appropriate and timely performance information strengthens accountability by informing the Parliament and government about the impact of policy measures. It also assists entities to manage programs and activities for which they are responsible, and provides a basis for advice to government on the implementation and adjustment of policy directions.

    1.3 While there has been a focus on improving public sector performance measurement and reporting over many years, there has been general agreement in recent years that this aspect of public administration requires considerable improvement.8 Experience indicates that public sector entities often fall short in demonstrating a clear understanding of what they are trying to achieve and whether intended outcomes are being achieved. The most recent reform of the Commonwealth resource management framework, which commenced in December 2010, sought to improve performance, accountability and risk management across the public sector.9

    Public Management Reform Agenda

    1.4 The Public Management Reform Agenda (PMRA)—with the Public Governance, Performance and Accountability Act 2013 (PGPA Act) as its basis—sought to modernise the resource management framework of the Australian Government so that it will support high quality resource management and performance now and into the future.10 It aimed to improve performance, accountability and risk management across government through a single framework.

    1.5 The PMRA commenced in December 2010 with the Commonwealth Financial Accountability Review. The PMRA is a significant initiative, aimed at encouraging fundamental cultural change in the way government does business. The PMRA and PGPA Act have been established on the basis of five guiding principles:

    • Government should operate as a coherent whole
    • A uniform set of duties should apply to all resources handled by Commonwealth entities
    • Performance of the public sector is more than financial
    • Engaging with risk is a necessary step in improving performance
    • The financial framework, including the rules and supporting policy and guidance, should support the legitimate requirements of the Government and the Parliament in discharging their respective responsibilities.11
    Enhanced Commonwealth performance framework

    1.6 A key objective of the PMRA is to improve the standard of non-financial performance information produced by Commonwealth entities and companies through the implementation of an enhanced Commonwealth performance framework (performance framework). The performance framework is established by the PGPA Act. The PGPA Act is supported by the Public Governance, Performance and Accountability Rule 2014 (PGPA Rule).12 It requires Accountable Authorities to publish a corporate plan for the entity at least once each reporting period and to give that corporate plan to the responsible Minister and the Finance Minister. Accountable Authorities are also required to include a performance statement in the entity’s annual report that measures the achievement of the entity’s purposes.13 The preparation of a corporate plan is in addition to the existing requirement for an entity to prepare Portfolio Budget Statements (PBS) each year.14 The performance framework is presented in Figure 1.1.

    Figure 1.1: The Enhanced Commonwealth Performance Framework

    A diagram that shows the interrelationship between Portfolio Budget Statements (funding document), the Corporate Plan (refer Resource Management Guides 132 and 133) and the Annual Report (refer Resource Management Guide 135-137) which include entities’ an

    Source: Department of Finance, Resource Management Guide No. 132: Corporate plans for Commonwealth entities January 2017, p. 9.

    Corporate plans

    1.7 The current arrangements, among other things, require entities to prepare a corporate plan, setting out the entity’s objectives and strategies, and explaining how the entity will use its resources to achieve the relevant priorities of government. The corporate plan is intended to be the primary planning document of an entity and represents the beginning of the annual performance cycle.15 An annual performance statement closes the performance cycle and is intended to provide an assessment of the extent to which an entity has succeeded in achieving its purposes, as outlined in its corporate plan.

    1.8 The first corporate plans were required to be published by 31 August 2015. The ANAO reviewed the first corporate plans under the current arrangements in Audit Report No.6 2016–17 Corporate Planning in the Australian Public Sector. The second corporate plans were required to be published by 31 August 2016 and the ANAO reviewed these corporate plans in Audit Report No.54 2016–17 Corporate Planning in the Australian Public Sector 201617. This, the ANAO’s third performance audit of entities’ corporate planning, examines corporate plans for 2017–18.

    1.9 The first performance statements that report on entities’ performance for 2015–16 were required to be included in entities’ 2015–16 annual reports. The ANAO reviewed the first annual performance statement reporting in Audit Report No.58 2016–17 Implementation of the Annual Performance Statement Requirements 201516. The ANAO’s second audit of annual performance statements is reported on in Audit Report No.33 2017–18 Implementation of the Annual Performance Statement Requirements 201617.

    1.10 Finance is responsible for the whole-of-government administration of the resource management framework and related legislation. As part of its administration of this framework, Finance provides guidance and advice to entities on their obligations, as well as tools and training to assist their awareness and compliance. The ANAO’s previous audit reports on corporate planning have identified opportunities for improvement related to Finance.16 At the time Finance advised that matters raised by the ANAO would be considered as part of a review required under section 112 of the PGPA Act.17 This review commenced in 2017. The objectives of the review are:

    • To examine whether the operation of the PGPA Act and Rule is achieving the objectives of the PGPA Act in a manner consistent with the guiding principles.
    • To identify legislative, policy or other changes or initiatives, to enhance public sector productivity, governance, performance and accountability arrangements covered by the PGPA Act.
    • To examine whether policy owners’ implementation of the PGPA Act and Rule has appropriately supported their operation in Commonwealth entities.18

    1.11 It is intended that the reviewers will:

    provide a progress report to the Finance Minister. A written report of the review will be provided to the Finance Minister in early 2018. The Finance Minister will cause copies of the final report to be tabled in Parliament within 15 sitting days.19

    1.12 The ANAO’s previous audit reports also observed that Finance had provided support to entities through a variety of relevant and helpful engagement activities. These activities utilised a number of media such as newsletters, websites, and Community of Practice workshops20 as well as providing feedback to entities on Finance’s assessment of entity corporate plans.21 Finance has continued to provide similar support to entities. On the basis of this work Finance has observed in its ‘lessons learned’ papers that:

    Many Commonwealth entities and companies have made progress since the publication of their first corporate plans in 2015. Entities’ corporate plans show an increasing level of maturity with plans going beyond merely complying with the minimum requirements prescribed in the PGPA Rule.

    The 2015–16 and 2016–17 lessons learned papers identified particular elements in the first two sets of corporate plans that represented better practice. This year, there are good examples of entities whose corporate plans show maturity and a forward outlook that allows the reader to understand how the entity positions itself within its operating context to achieve its purposes.

    There is evidence that the lessons learned from the previous sets of corporate plans have been noted and built upon in the 2017–18 corporate plans.22

    1.13 Finance’s assessment indicated improvements were evident in the following areas:

    • Integration—in terms of clear alignment through the different sections of the plans and/or with the entity’s previous plans which enabled the reader to track the development of particular issues over time.
    • Clear and concise purpose statements—with most of the 2017–18 corporate plans including examples of clear and concise purpose statements.
    • Operating context—Finance considered entities were doing a much better job describing the environment in which they operate including discussing enterprise risk and a recognition of the potential for change in the environment over the four-year reporting period of the plan.
    • Focusing on improving performance information—Finance considered entities had worked on the quality of performance information in their corporate plans. There was a notable shift towards more outcome based measures and away from output based measurement and good performance information was relevant, reliable and complete.23

    1.14 The Commonwealth performance framework is also a focus area for the Parliament’s Joint Committee of Public Accounts and Audit (JCPAA) which undertook an inquiry in 2017. The JCPAA’s Report 469: Commonwealth Performance Framework released in December 2017 included consideration of ANAO reports:

    • No.58 (2016–17) Implementation of the Annual Performance Statements Requirements 201516;
    • No.6 (2016–17) Corporate Planning in the Australian Public Sector;
    • No.31 (2015–16) Administration of Higher Education Loan Program Debt and Repayments; and briefly
    • No.54 (2016–17), Corporate Planning in the Australian Public Sector 201617.

    1.15 The inquiry made ten recommendations, including a number related to improving corporate planning, which were directed at:

    • the Australian Government;
    • the entities involved in Audit Report No.54 (2016–17), Corporate Planning in the Australian Public Sector 2016–17;
    • Finance;
    • the reviewers undertaking the review into the PGPA Act;
    • Government entities (such as the Australian Public Service Commission and the Department of Education and Training)24; and
    • the ANAO.25

    Previous audit coverage

    1.16 As mentioned in paragraph 1.8, this is the third in a series of performance audits which examine entities’ implementation of the corporate planning requirement. This performance audit is also one of three audits published recently that address key aspects of the implementation of the PGPA Act. The other two audits are:

    • Audit Report No.6 2017–18, The Management of Risk by Public Sector Entities. This audit assessed how a selection of entities manage risk; and
    • Audit Report No.33 2017–18, Implementation of the Annual Performance Statement Requirements 201617. This audit assessed a selection of entity performance statements included in 2016–17 Annual Reports.

    Rationale for undertaking the audit

    1.17 This audit was conducted as part of a multi-year audit program on implementation of the resource management framework introduced by the PGPA Act. It is intended to assist in keeping the Parliament, government and the community informed about the extent to which the resource management framework established by the PGPA Act is achieving its objectives.

    1.18 This is the third in a series of performance audits which examine entities’ implementation of the corporate planning requirement. The ANAO’s audit program has also examined implementation of the annual performance statements requirements and the risk management framework.

    Audit objective, criteria and scope

    1.19 The objective of the audit was to assess the selected entities’ progress in implementing the corporate planning requirements under the Public Governance, Performance and Accountability Act 2013 and related Public Governance, Performance and Accountability Rule 2014 (PGPA Rule).

    1.20 To form a conclusion against the audit objective, the ANAO adopted the following high-level audit criteria:

    • the selected entities’ corporate plans were established as their primary planning document and outline how entities intended to achieve their purposes over the period of the plans;
    • the selected entities’ corporate plans met the minimum content and publication requirements of PGPA Rule26; and
    • entities’ supporting systems and processes for developing their corporate plans and monitoring achievements against their plans are mature.

    1.21 The audit involved reviewing the corporate plans and supporting systems and processes, reviewing records and interviewing staff of the following four entities:

    • Australian Transaction Reports and Analysis Centre (AUSTRAC);
    • Commonwealth Scientific and Industrial Research Organisation (CSIRO);
    • Department of the Treasury (Treasury); and
    • Office of the Commonwealth Ombudsman (the Ombudsman).

    1.22 To assist in its review the ANAO developed an assessment matrix which is provided in Appendix 3. The scope of the audit did not include a detailed assessment of: the appropriateness of the performance measures included in entity plans; or entities’ management of risk.

    1.23 In its review of entity corporate plans, the ANAO has had regard to the current stage of the enhanced Commonwealth performance framework initiative. This is the third year entities have been required to produce corporate plans under the PGPA Act and PGPA Rule. It can reasonably be expected that entities have learned from previous experiences. This includes their own experience in the previous two years, the feedback and lessons learned processes undertaken by the Department of Finance, and the two ANAO performance audits of corporate planning which identified key learnings and opportunities for improvement. Entities should have moved beyond simple compliance with the minimum requirements set out in the PGPA Rule and established mature systems and processes to support the development and monitoring of the corporate plan. They should also have embedded the corporate plan as the entity’s primary planning document, and progressed the development of meaningful performance indicators.

    1.24 The audit was conducted in accordance with the ANAO Auditing Standards at a cost to the ANAO of approximately $375 185.

    1.25 Team members for this audit were Grace Guilfoyle, Jacqueline Hedditch, Nikol Jepson and Michelle Page.

    2. Corporate plans in Commonwealth entities

    Areas examined

    The ANAO examined whether the corporate plans of the four selected entities were positioned as each entity’s primary planning document in line with the Government’s policy intent. The ANAO also examined:

    • the systems and processes in the four entities for the development of their corporate plan;
    • whether entity corporate plans met mandatory reporting requirements and reflected guidance provided by the Department of Finance (Finance); and
    • the subsequent monitoring of achievements against these plans.
    Conclusion

    In line with the policy intent of the performance framework, AUSTRAC and the Ombudsman had positioned their corporate plan as the primary planning document. Treasury had not fully done so and CSIRO had not done so.

    Each of the selected entities has developed processes to support the development of the corporate plan and to monitor achievement against the plan. AUSTRAC and the Ombudsman have more mature systems and processes in place. The corporate plan has been integrated in their broader planning frameworks and they are using the corporate plan to support their decision making and manage the business.

    Only CSIRO met all of the minimum requirements of the PGPA Rule. AUSTRAC, the Ombudsman and Treasury, to varying degrees, did not address each of the four reporting periods covered by the plan in each of the environment, performance, capability and risk oversight and management systems sections of their corporate plan.

    The ANAO’s assessment of the maturity of key mandatory sections of the selected entities’ corporate plans—relating to entity purposes, environment, performance, capability and risk oversight and management systems—indicates that there remains scope for improvement in a range of areas. In particular, the inclusion of purely descriptive information in respect to entities’ risk oversight and management systems is not consistent with one of the objects of the PGPA Act, which is to require Commonwealth entities to provide meaningful information to the Parliament and the public. There is also scope for the selected entities to review the reliability and completeness of the performance indicators included in their corporate plans, as a basis for providing a meaningful performance story in their performance statements.

    Areas for improvement

    The ANAO has made four recommendations aimed at: improving compliance with the requirements of the PGPA Act (paragraphs 2.11 and 2.39); improving compliance with the PGPA Rule (paragraph 2.28); and improving the quality of entities’ corporate plans (paragraph 2.96).

    Introduction

    2.1 The ANAO developed an assessment matrix (provided at Appendix 3)27 that was used to review:

    • whether the corporate plan had been positioned as the entity’s primary planning document;
    • whether the entity’s corporate plan met mandatory requirements; and
    • the maturity of the systems and processes established by entities to develop their third corporate plan (for the 2017–18 planning cycle) and the subsequent monitoring of achievements against these plans.

    2.2 The ANAO’s review took into account that the corporate planning initiative establishes minimum standards. Many of the minimum content requirements for entities’ corporate plans are linked to the content requirements for annual performance statements. This alignment recognises the close relationship between the annual performance statement and the corporate plan. The two documents, along with the PBS, are key features of the annual performance cycle.

    2.3 This is the third year that entities have been required to produce corporate plans under the PGPA Act and PGPA Rule. It can reasonably be expected that entities have learned from previous experiences. This includes their own experience in the previous two years, the feedback and lessons learned processes undertaken by the Department of Finance, and the two ANAO performance audits of corporate planning which identified key learnings and opportunities for improvement. Entities should have moved beyond simple compliance with the minimum requirements set out in the PGPA Rule and established mature systems and processes to support the development and monitoring of the corporate plan—to ensure it provides a firm basis for reporting on entity performance in the annual performance statement to Parliament. They should also have embedded the corporate plan as the entity’s primary planning document, and progressed the development of meaningful risk management summaries and appropriate performance indicators. A key object of the PGPA Act is that entities are required to provide meaningful information to the Parliament and the public, including through the corporate planning process mandated by the PGPA Act and PGPA Rule.

    Were corporate plans positioned as the entities’ primary planning document?

    AUSTRAC and the Ombudsman had established the corporate plan as the primary planning document and were using it to manage their business. Treasury had not fully done so and CSIRO had not done so.

    2.4 Under the enhanced Commonwealth performance framework (performance framework), the corporate plan is intended to be an entity’s primary planning document.28 It is required to set out the purposes and activities that the entity will pursue and the results it expects to achieve, including explaining the environment and context in which the entity operates, its planned performance measures, risk profile and capabilities over a minimum of four reporting periods.29

    2.5 The ANAO assessed the maturity of the selected entities’ 2017–18 corporate plans and supporting systems and processes, to assess whether entities had positioned their corporate plans as their primary planning document. Specifically, the ANAO considered whether:

    • planning frameworks incorporated entity corporate plans as the central element;
    • entities monitored achievements against their plans to assist in driving business performance; and
    • senior management was fully engaged in the development and monitoring of the plans.

    2.6 The ANAO’s overall assessment of whether entities’ corporate plans (prepared for the 2017–18 planning cycle) were positioned as the entity’s primary planning document is presented in Figure 2.1.

    Figure 2.1: Assessment of whether corporate plans were positioned as the entities’ primary planning document (2017–18 planning cycle)

    A bar chart against a four level maturity rating scale (depicted by a quarter circle, half circle, three quarter circle and full circle) that assesses the extent to which entities had positioned the corporate plan as the primary planning document.

    Source: ANAO analysis.

    2.7 AUSTRAC and the Ombudsman had established their corporate plan as the primary planning document, had integrated the plan into the entity’s broader planning frameworks and were using it to support decision making and manage the business. Both entities were monitoring achievements against the performance criterion included in the corporate plan.

    2.8 Treasury had not fully established the corporate plan as its primary planning document. At the time of audit fieldwork there was no overarching entity-level planning framework within Treasury. In the absence of such a framework, there was no clear line of sight between the corporate plan and other planning tools and no clear evidence that the corporate plan was formally and deliberately driving planning at the business level. Treasury monitors performance against the corporate plan on a bi-annual basis. The outcomes of this monitoring process were not actively used to inform strategic decision making. At the time of audit fieldwork work was underway to strengthen the department’s business planning processes.

    2.9 In CSIRO the corporate plan had not been established as the entity’s primary planning document. Similar to Treasury, there was no clear line of sight between the corporate plan and other planning tools and no clear evidence that the corporate plan was formally and deliberately driving planning at the business level. CSIRO’s corporate plan was one component of an overarching business planning framework which consisted of a number of planning processes and documents. The corporate plan provides a summary of a number of other planning processes which drive CSIRO’s business. CSIRO’s Strategy 2020 document30 was in effect CSIRO’s primary planning document. CSIRO reported results against the metrics outlined in the corporate plan to its Board annually through its Executive Team. Reporting against metrics annually (as distinct from more regular monitoring throughout the year) does not support ongoing decision making by the Board and Executive management throughout the year. CSIRO had established a range of additional systems and processes to monitor, report on and review various aspects of its performance (not directly related to the corporate plan) at varying frequencies throughout the year.31

    2.10 The ANAO has now completed three corporate planning audits that have assessed whether 17 entities have positioned their corporate plan as the primary planning document. The combined results of this assessment are presented in Figure 2.2. These results indicate more active attention is needed by some entities to embed corporate plan as the primary planning document.

    Figure 2.2: Assessment of whether corporate plans were positioned as the entity’s primary planning document (planning cycles 2015–16, 2016–17 and 2017–18)

    A bar chart against a four level maturity rating scale (depicted by a quarter circle, half circle, three quarter circle and full circle) that assesses the extent to which entities had positioned the corporate plan as the primary planning document.

    Note: The maturity levels depicted in Figure 2.2 above are described as:

    The four ratings and entity assessments are depicted by a quarter circle, half circle, three-quarter circle and full circle.

    Note: The description of the maturity levels has changed slightly from that used in previous audits on corporate planning to reflect increasing expectations. See paragraphs 2.1 and 2.3 of this audit report.

    Source: ANAO analysis and ANAO, Audit Report No.6 2016–17, Corporate Planning in the Australian Public Sector, p. 29 and ANAO Audit Report No.54 2016–17, Corporate Planning in the Australian Public Sector 2016–17 p. 23.

    Recommendation no.1

    2.11 That CSIRO and Treasury fully establish the corporate plan as their primary planning document to provide a firmer basis for reporting to Parliament in the annual performance statement.

    Commonwealth Scientific and Industrial Research Organisation response: Agreed.

    2.12 CSIRO accepts the Recommendation as outlined.

    Department of the Treasury response: Disagreed.

    2.13 Treasury does not agree that it needs to fully establish the corporate plan as the primary document, on the basis that Treasury considers the Corporate Plan is currently the department’s primary planning document. All Treasury Groups provide input into the Corporate Plan which is endorsed by the Executive Committee and Secretary. Accordingly, the Treasury Corporate Plan is the primary planning document, setting out key activities and expectations for the forward years.

    2.14 The Executive Committee is formally accountable for the performance measures in the Corporate Plan, reported mid-year in an internal performance report and in the Annual Performance Statement which forms part of the Annual Report.

    2.15 Managers are empowered to tailor their approach to business planning according to their business needs, reflecting the varied nature of work the Treasury delivers and the requirement to rapidly respond to emerging priorities.

    2.16 This approach continues to prove effective for the Treasury and achieves consistent or stronger outcomes to the broader APS, while avoiding an administratively burdensome business planning processes. Treasury’s 2017 APS Census results show that 87% of staff ‘have a clear understanding of how their workgroups role contributes to the Treasury’s strategic direction’ (APS average 85%). 82% agreed with the statement ‘My SES manager ensures that work effort contributes to the strategic direction of the agency and the APS’,20 percentage points higher than the APS average at 62%.

    Did entities have sound systems and processes for developing their corporate plan?

    The quality and implementation of relevant entity systems and processes to support the development of the corporate plan was variable.

    In CSIRO and Treasury only some key elements in the development process were evident. Most key elements were evident in the Ombudsman’s development process. All key elements were evident in AUSTRAC’s development process and were operating as intended.

    There remains scope for CSIRO and Treasury in particular to strengthen the systems and processes used for developing their corporate plans. A more structured approach would involve:

    • fully integrating the corporate plan into the entities’ broader planning framework in a way that clearly positions it as the primary planning document and in a way that it is actively used to drive business decision making;
    • clearly defining roles, responsibilities and accountabilities and ensuring they operate as intended;
    • developing strategies for more systematic engagement of internal and external stakeholders; and
    • earlier and more systematic involvement of Executive management in the corporate planning process to direct the development process.

    2.17 In reviewing the systems and processes of the selected entities in developing their corporate plan, the ANAO considered whether entities:

    • established structured approaches to support the development of their plan;
    • clearly defined roles, responsibilities and accountabilities;
    • consulted internal and external stakeholders; and
    • had fully engaged their senior management and/or Board.

    2.18 The ANAO’s overall assessment of the maturity of the systems and processes adopted by the selected entities to develop their corporate plan (prepared for the 2017—18 planning cycle) is presented in Figure 2.3.

    Figure 2.3: Assessment of the maturity of entities’ systems and processes to support the development of corporate plans (2017–18 planning cycle)

    A bar chart against a four level maturity rating scale (depicted by a quarter circle, half circle, three quarter circle and full circle) that assesses the maturity of systems and processes developed to support the development of the corporate plan.

    Source: ANAO analysis.

    2.19 AUSTRAC and the Ombudsman had established a structured approach to support the development of the corporate plan that was integrated with each entity’s broader planning framework. CSIRO and Treasury had established some elements of a structured approach to support the development of their corporate plans but these were not fully integrated into a broader planning framework.32 AUSTRAC’s approach to the development of its corporate plan was supported by a schedule which outlined key activities and tasks, dates and responsible owners. Treasury, and to a lesser extent the Ombudsman, had some aspects of their process for developing the corporate plan documented at the time the current plan was developed. CSIRO’s process for developing its corporate plan was not documented. Documenting the processes or key steps and accountabilities involved in developing a corporate plan can assist entities to develop their corporate plan in an efficient and effective manner and ensure the entity complies with the requirements of the PGPA Act and Rule.

    2.20 In AUSTRAC roles, responsibilities and accountabilities for developing the corporate plan were clearly defined and operated as intended. In the remaining three entities roles, responsibilities and accountabilities were partially defined.

    2.21 All of the selected entities undertook some internal consultation across varying business areas and senior management in the course of developing their corporate plan. With the exception of AUSTRAC, none of the selected entities consulted with external stakeholders when developing their corporate plan and no formal arrangements were in place for this to occur.

    2.22 In CSIRO and Treasury there was scope to engage senior management earlier and more systematically to better direct the development process.

    Did entities’ corporate plans meet the requirements of the PGPA Rule?

    Each of the selected entities met the minimum requirements for the publication of its corporate plan prepared for the 2017–18 planning cycle. Entity plans were provided to the responsible Minister and the Finance Minister as required and placed on each entity’s website by 31 August 2017.

    Each of the selected entities met the minimum requirements regarding the inclusion of an introduction and matters relating to the entity’s purposes, environment, performance, capability, and risk oversight and management systems in their corporate plan as required by the PGPA Rule. However, the provision of purely descriptive information in respect to risk oversight and management systems is not consistent with the objects of the PGPA Act, which are to require Commonwealth entities ‘to provide meaningful information to the Parliament and the public’.

    With the exception of CSIRO none of the selected entities fully met the requirement to address each of the four reporting periods covered by the plan in each of the environment, performance, capability and risk oversight and management systems sections of their corporate plan.

    2.23 The PGPA Act (section 35) requires the Accountable Authority of a Commonwealth entity to prepare and publish a corporate plan each year in accordance with any requirements prescribed by the PGPA Rule. There is a similar requirement (section 95) for the directors of a Commonwealth company.33 The PGPA Rule (sections 16E and 27A) outlines the minimum content and publishing requirements for all corporate plans.34

    2.24 All of the selected entities met the minimum requirements for the publication of their corporate plans for the 2017–18 planning cycle. These requirements are to provide the entity corporate plan to the relevant Minister and the Minister for Finance prior to publishing the plan on the entity’s website by 31 August 2017.35

    2.25 The PGPA Rule also requires that six specific matters be included in entity corporate plans. These matters are: an introduction, and matters relating to the entity’s purposes, environment, performance, capability, and risk oversight and management systems. All entities included the six matters in their corporate plans.36 Two specific issues identified in the course of the audit are discussed below.

    Four year time horizon

    2.26 The PGPA Rule requires that information relating to environment, performance, capability and risk oversight and management systems be provided for each reporting period covered by the plan. Finance’s review of the three cycles of corporate plans (2015–16, 2016–17 and 2017–18 planning cycles respectively) identified this area as one in which entities consistently did not meet the mandatory requirements. The ANAO’s two previous performance audits identified similar findings and commented that Finance should clarify, in future guidance, the requirements relating to reporting on each period covered by the corporate plan.37 In response to Audit Report No.54 2016–17 Finance advised that it would not be issuing revised guidance until after completion of the review of the operations of the PGPA Act and the PGPA Rule. The review was in progress at the time of writing this report.38

    2.27 The content, interpretation and application of the requirement and revised guidance remain an issue for most of the entities examined in this audit. Three entities selected for this audit did not report, in a manner that specifically addressed the four reporting periods, for each of the four mandatory sections of the plan:

    • AUSTRAC did not clearly address each of the four reporting periods covered by its corporate plan in the environment and risk sections;
    • The Ombudsman did not clearly address each of the four reporting periods covered by its corporate plan in the environment, capability and risk sections; and
    • Treasury did not clearly address each of the four reporting periods covered by its corporate plan in any of the four mandatory sections of the plan.

    Recommendation no.2

    2.28 That AUSTRAC, the Ombudsman and Treasury comply with the mandatory requirements of the Public Governance, Performance and Accountability Rule 2014 by ensuring that each of the four mandatory sections of the plan specifically address the four reporting periods covered by the plan.

    Australian Transaction Reports and Analysis Centre response: Agreed.

    2.29 AUSTRAC agrees that more information on specific time-bound deliverables across the four year period specific to the environment and risk sections be included in the corporate plan for future iterations.

    2.30 AUSTRAC notes differing feedback provided separately by the Department of Finance which stated that the four-year outlook was evident throughout AUSTRAC’s corporate plan.

    Department of the Treasury response: Disagreed.

    2.31 Treasury’s corporate plan in its entirety applies to the forward four years and is refreshed annually – this is stated clearly in the Secretary’s introduction. Setting out the performance measures in the way suggested by the ANAO is challenging and may mislead users rather than provide the desired transparency.

    Office of the Commonwealth Ombudsman response: Agreed.

    Risk oversight and management systems

    2.32 Section 16E of the PGPA Rule requires entities to include in their corporate plan a summary of the risk oversight and management systems of the entity for each reporting period covered by the plan, including any measures that will be implemented to ensure compliance with finance law. Finance Guidance states that:

    Entities should explain how risk management will underpin their approach to achieving their purposes. Appropriate risk-taking and innovation are consistent with the proper use of and management of public resources. As a strategic planning document, the corporate plan should demonstrate that effective risk management priorities have been considered and implemented.

    Section 16 of the PGPA Act provides that accountable authorities of all Commonwealth entities must establish and maintain appropriate systems of risk oversight, management and internal control for the entity.

    The Commonwealth Risk Management Policy, released by Comcover, applies to non-corporate Commonwealth entities to support compliance with section 16 of the PGPA Act. Corporate Commonwealth entities are not required to comply with the policy, although the policy says they may review and align their risk management frameworks and systems with the policy as a matter of good practice.

    In addition to describing the formal risk oversight and management systems they will have in place over the period covered by a corporate plan, entities are encouraged to also identify specific risks in its environment, and how these risks will shape the activities to be undertaken to fulfil its purposes.39

    2.33 Each of the selected entities provided in their corporate plans, information in relation to aspects of their risk oversight and management systems. The information was often descriptive and did not address the interaction of key system elements. None of the selected entities provided a summary which detailed the key aspects of the entity’s risk oversight and management systems in a manner that provides confidence to the reader that the entity has established and maintained appropriate risk oversight and management systems.

    2.34 When preparing corporate plans entities should have regard to both the PGPA Act and the PGPA Rule and the intent of the framework as a whole. The objects of the PGPA Act, as expressed in section 5, are

    (c) to require the Commonwealth and Commonwealth entities:

    … (ii) to provide meaningful information to the Parliament and the public; …40

    2.35 Section 16 of the PGPA Act specifically relates to the duty to establish and maintain systems relating to risk and control. It states that:

    The accountable authority of a Commonwealth entity must establish and maintain:

    (a) an appropriate system of risk oversight and management for the entity; and

    (b) an appropriate system of internal control for the entity including by implementing measures directed at ensuring officials of the entity comply with the finance law.41

    2.36 The corporate plan should provide a meaningful summary that enables readers to understand how an entity had established an appropriate system of risk oversight and management having regard to its specific risks and operating environment. This could include a summary discussion of the entity’s implementation of the key elements of the Commonwealth Risk Management Policy, which are:

    a. Establishing a risk management policy;

    b. Establishing a risk management framework;

    c. Defining responsibility for managing risk;

    d. Embedding systematic risk management into business processes;

    e. Developing a positive risk culture;

    f. Communicating and consulting about risk;

    g. Understanding and managing shared risk;

    h. Maintaining risk management capability; and

    i. Reviewing and continuously improving the management of risk.42

    2.37 The Risk Management Policy states that all non-corporate entities:

    must comply with this Commonwealth Risk Management Policy, which supports the requirements of section 16 of the PGPA Act.43

    2.38 During the course of the audit Treasury advised the ANAO that:

    The PGPA Rule requires the corporate plan to include a summary of Treasury’s risk oversight and management systems. In our view, the draft [ANAO] report sets out an expectation above and beyond the requirements of the PGPA Rule, i.e. an entity’s corporate plan should provide meaningful discussion on systems of risk oversight and management.

    Further to this, the draft report assesses the Treasury’s compliance against non-published criteria on what constitutes a meaningful summary…It is my firm view that Treasury has met the requirements of the PGPA Rule by providing an appropriate summary of Treasury’s risk oversight and management systems in its corporate plan.

    Recommendation no.3

    2.39 That all entities include a meaningful summary of risk management and oversight systems in their corporate plan, consistent with the objects of the Public Governance, Performance and Accountability Act 2013, which are to require Commonwealth entities to provide meaningful information to the Parliament and the public.

    Australian Transaction Reports and Analysis Centre response: Disagreed.

    2.40 AUSTRAC does not agree with this recommendation. AUSTRAC is of the view that it provided a meaningful summary of risk management and oversight systems within its corporate plan.

    2.41 AUSTRAC considers that the method of assessment applied in this audit was not an explicit requirement under the PGPA Rule or related guidance at the time the corporate plan was published in August 2017.

    2.42 Feedback from Department of Finance supports this view describing AUSTRAC’s risk section as strong and an appropriate narrative detailing the risk management approach, strategic risks, controls and integration within the organisation.

    2.43 To clarify inconsistencies in interpretation, AUSTRAC requests that further and specific guidance be developed to clarify the manner in which non-corporate Commonwealth entities should describe their systems of risk management and oversight.

    Commonwealth Scientific and Industrial Research Organisation response: Agreed.

    2.44 CSIRO accepts the Recommendation as outlined.

    Department of the Treasury response: Disagreed.

    2.45 The PGPA Rule sets out a clear requirement to ‘provide a summary of Treasury’s risk oversight and management systems’. The Managing Risk section in the Treasury Corporate Plan complies with this Rule by setting out the Treasury’s key risk documentation, the desired risk culture, behaviours, roles and responsibilities, as well as key activities for the forward year and evaluation mechanisms.

    2.46 The report suggests that, to be meaningful, a summary could include a discussion of how all nine elements of the Commonwealth Risk Policy are implemented. Analysis of this nature is disproportionate to the remaining sections of the plan and would unnecessarily replicate the Treasury Risk Policy and Framework.

    2.47 The intent of the corporate plan is to provide confidence to the reader appropriate systems of risk management and oversight are in place, not to detail those systems. The suggestion that the Treasury corporate plan does not achieve this is disputed. Given all entities were subject to this recommendation, further guidance is appropriate from the Department of Finance.

    Office of the Commonwealth Ombudsman response: Agreed with qualifications.

    2.48 The Office notes this recommendation and will make improvements to this section going forward. However, the requirement in section 16E(2) of the PGPA Rule requires a corporate plan to include a summary of risk oversight and management systems. It is the view of the Office that this requirement was met in the Office’s 2017–18 Corporate Plan.

    Did the corporate plans outline how entities intended to achieve their purposes over the period of the plan?

    The ANAO’s assessment of the maturity of key mandatory sections of the selected entities’ corporate plans—relating to purposes, environment, performance, capability, and risk oversight and management systems—indicates that there is scope for improvement in respect to:

    • Purposes—by making the purposes more readily identifiable (Treasury), and providing a clearer statement of the intended outcome and the intended beneficiaries of these outcomes when the purposes are fulfilled (CSIRO and Treasury).
    • Environment—by better outlining the main factors that are both in control and beyond the control of the entity that are expected to impact the achievement of its purposes and linking this with the capability and risk sections of the corporate plan to provide details of the entity’s operating context (CSIRO, the Ombudsman and Treasury).
    • Performance—by improving the relevance, and particularly the reliability and completeness of performance indicators (all selected entities).
    • Capability—by clearly addressing how capability impacts the achievement of purpose, how capability requirements might change over time and integrating this into its broader discussion of operating context (CSIRO, the Ombudsman and Treasury).
    • Risk oversight and management systems—by identifying the key risks facing each entity and clearly outlining how each entity’s approach to managing risk will support the achievement of its purpose, and linking with the environment and capability sections of the plan to provide an integrated discussion of operating context (the Ombudsman and Treasury).

    2.49 Good performance is likely to result when the purposes of an entity are clear and senior leaders are able to organise resources and activities to deliver on these purposes.44 Finance guidance recognises that an entity’s Accountable Authority is responsible for developing and tailoring the corporate plan to suit the entity’s particular circumstances.

    2.50 In addition to assessing compliance with the PGPA Rule, the ANAO assessed the maturity of key mandatory sections of the selected entities’ corporate plans, relating to: purposes, environment, performance, capability, and risk oversight and management systems.45 The material in these sections of the corporate plan should enable a reader to assess how an entity intends to achieve its purposes over the period of the plan.

    Purposes

    2.51 Section 16E of the PGPA Rule requires that an entity’s corporate plan state the entity’s purposes over the next four years. The PGPA Act defines purpose/s as including the objectives, functions or role of an entity. Finance guidance notes that:

    Well‐expressed purpose statements make it clear who benefits from an entity’s activities, how they benefit and what is achieved when an entity successfully delivers its purposes. Essentially, purposes describe the value an entity seeks to create or preserve.46

    2.52 Finance guidance also indicates that the purposes of a Commonwealth entity are the strategic objectives that the entity intends to pursue over the reporting period. The aim of the purposes is to give context to the significant activities that the entity will pursue over the period covered by the plan.47 Clearly and concisely presenting purposes in entity corporate plans better allows a clear read through to results reported at the end of the reporting period through annual performance statements. The description of purposes and activities in the corporate plan forms the foundation on which to develop performance information and tell a meaningful performance story.48 Meaningful performance information depends on having a clear understanding of the purpose to be fulfilled, and expressing that understanding in a way that is measurable.49 A well-expressed purpose states the outcome that an entity seeks to achieve for clients, stakeholders and the public.50

    2.53 Finance provides guidance to entities on the wording of purposes and also provides tips for developing a common understanding of purpose as outlined in Table 2.1 and Example 2.1 respectively.

    Table 2.1: Example of entity purpose in Finance guidance

    Poorly worded purpose

    Better worded purpose

    Provide support to regional industry

    Encourage further investment in regional areas that leads to generation of new jobs

    Defending Australia

    Develop and sustain military capability that meets the government’s strategic and operational needs

    Improve health services for people with serious and life-threatening illnesses

    Reduce mortality rates for people with serious and life-threatening illnesses

       

    Source: Department of Finance, Resource Management Guide No. 131 Developing good performance information, April 2015, p. 15.

    Example 2.1: Tips for developing a common understanding of purpose

    Discussing the following questions extensively internally as well as with delivery partners and key external stakeholders, will assist in establishing a clear and coherent understanding of the purpose (or purposes) to be fulfilled:

    • What need is being met? What is the government’s role in meeting that need?
    • How will things be different when the need is met, and for whom?
    • Who should be involved in making this difference? How long will it take?
    • How can this difference be achieved effectively at the lowest cost?
    • When will stakeholders know a significant difference has been made? What will be observed to have changed?

    Source: Department of Finance, Resource Management Guide No. 131, Developing good performance information, April 2015, p. 16.

    2.54 The ANAO’s assessment of the maturity of the purposes section of the selected entities’ corporate plans (2017–18 planning cycle) is presented in Figure 2.4.

    Figure 2.4: Assessment of the maturity of the purposes section of corporate plans (2017–18 planning cycle)

    A bar chart against a four level maturity rating scale (depicted by a quarter circle, half circle, three quarter circle and full circle) that assesses the maturity of  the purposes section of entity corporate plans (2017–18 planning cycle).

    Source: ANAO analysis.

    2.55 Each of the selected entities expressed their strategic objectives in their 2017–18 corporate plan and provided context for the entity’s activities.

    2.56 AUSTRAC and the Ombudsman’s purpose statements are succinct and readily identifiable but do not provide a clear statement of both the intended outcome and the beneficiaries. AUSTRAC’s purpose statement states the beneficiaries of the intended outcome; and provides some indication of the intended outcomes when the purposes are fulfilled. The Ombudsman’s purpose is in two parts. The first does not clearly state the beneficiaries and the second is broad and does not clearly express the intended outcome.

    2.57 CSIRO’s purpose statement is clearly identifiable and succinct. The purpose statement in Treasury’s corporate plan is not as readily identifiable as it is presented as part of the Secretary’s Introduction and then discussed in more detail in other pages of the plan. CSIRO and Treasury’s purpose statements are not expressed in a manner that enables a reader to clearly understand the intended outcomes when the purposes are fulfilled or the beneficiaries of the intended activities and outcomes.

    Environment

    2.58 Section 16E of the PGPA Rule requires the corporate plan to describe the environment in which the entity will operate for each reporting period covered by the plan. The environment section may provide an explanation of the nature and intricacies of the environment in which the entity operates. This could include demographic, geographic or temporal factors that affect the entity and its work, and the regulatory or competitive environment in which it operates. An entity could also discuss the main external and internal factors that affect or influence its performance. Where environmental issues relate to the risks faced by the entity, identification in a way that allows for a clear read between the environment and risk oversight and management sections of the corporate plan is encouraged.51

    2.59 The ANAO’s assessment of the maturity of the environment section of the selected entities’ corporate plans (2017–18 planning cycle) is presented in Figure 2.5.

    Figure 2.5: Assessment of the maturity of the environment section of corporate plans (2017–18 planning cycle)

    A bar chart against a four level maturity rating scale (depicted by a quarter circle, half circle, three quarter circle and full circle) that assesses the maturity of  the environment section of corporate plans (2017–18 planning cycle).

    Source: ANAO analysis.

    2.60 All entities referred to factors such as global, national, social and economic factors, changes in technology or other challenges, many of which are common to the operating environment of most entities in the Australian public sector. AUSTRAC best outlined the main factors in its internal and external operating environment to provide the reader with some indication of how these factors are expected to impact on the achievement of its specific purposes.

    2.61 CSIRO, the Ombudsman and Treasury’s description of the environment lacked specificity and generally did not outline how specific changes in their operating environment would impact their ability to achieve their purposes. These entities included limited discussion as to whether the environment was likely to remain relatively static for the period covered by the plan or change and, if so, how. This approach does not enable readers to gain a sense of how the entities are positioned to manage change or how the environment influences, or is influenced by, capability and risk. As such, the discussion does not provide the reader with a clear view of each entity’s broader operating context.

    2.62 Clearly identifying how environmental factors, both within and outside the control of the entity, are likely to impact on an entity’s capacity to achieve its purposes would strengthen this section of entities’ corporate plans and assist readers to understand the entity’s annual performance statements. As discussed in paragraph 2.58 Finance guidance suggests that where environmental factors relate to the risks faced by entities, identification of these factors makes for a ‘clear read’ between the environment, capability and risk oversight and management sections of entity corporate plans and is encouraged. This would provide readers with a more integrated discussion of an entity’s operating context.

    Performance

    2.63 The performance framework is comprised of several components which act together to allow entities to report on their performance and the impact of their activities. The Portfolio Budget Statements (PBS) describe, at a strategic level, the outcomes intended to be achieved with the funding appropriated by the Parliament. Corporate plans must set out entity strategies for both achieving their purposes and measuring progress. Entities are also required to prepare annual performance statements at the end of the reporting period which are to be included in entity annual reports. The intended users of the PBS, corporate plan, and annual performance statements are the Parliament and the public. It is for this reason that an entity must carefully consider whether the level of performance information presented in these documents will meet those users’ needs.52

    2.64 The PGPA Rule requires that for each reporting period covered by the corporate plan, the entity must provide a summary of how the entity will achieve its purposes, and how the entity’s performance will be measured and assessed. The summary must include any measures, targets and assessments that will subsequently be used to measure and assess the entity’s performance in the entity’s annual performance statements prepared under section 16F of the PGPA Rule.53 Finance has advised entities that performance information generated through these mechanisms should provide meaningful information about the performance of an entity and whether it is achieving its purposes over the periods of the plan.54

    A good performance story answers the following questions: What did we do and how much? How well did we do it? Who was better off and why55?

    2.65 Finance has further advised that a small set of relevant and high-quality performance measures that generate information, and tell a coherent story about the achievements of activities directed at satisfying a specific purpose, will always be preferred over larger amounts of poorly focused and messaged56 performance information.57

    2.66 The measures/indicators outlined in the corporate plan show how entities intend to measure performance. As actual performance is not reported until entities publish their annual performance statements, assessments on the maturity of performance information is based on whether the indicators are likely to enable each entity to provide a meaningful performance story. The ANAO assessed whether the selected entities’ performance criteria were relevant, reliable and complete. The basis for assessment was set out in ANAO Report No.58 2016–17 Implementation of the Annual Performance Statements Requirements 2015–16 and the criteria can be found at Appendix 4 of this audit report.

    2.67 In applying the relevant criterion, the ANAO considered the extent to which performance measures in general:

    • clearly indicated who benefited and how they benefited from the entity’s activities;
    • were focused on a specific aspect of the entity’s purpose/s and activity/ies, and the attribution of the result to the entity is clear; and
    • were easily understandable.

    2.68 A relevant performance criterion assists users’ decision making in regard to an entity’s progress in fulfilling its purpose.

    2.69 In applying the reliable criterion the ANAO considered the extent to which performance measures in general:

    • were measurable, that is, it used and disclosed information sources and methodologies (including a basis or baseline for measurement or assessment, for example a target or benchmark) that were fit-for-purpose and verifiable; and
    • were free from bias, allowing for clear interpretation and an objective basis for assessment of the results.

    2.70 A reliable performance criterion allows for reasonably consistent assessment of an entity’s progress in fulfilling its purpose.

    2.71 In assessing the selected entities’ performance criteria for completeness, the ANAO considered whether the performance criteria present a basis for a collective and balanced assessment of the entity against its purpose. In particular, the ANAO considered whether the selected entities’ performance criteria:

    • clearly align to the entity’s purpose;
    • provide a basis for assessment of the effectiveness and efficiency of the entity in fulfilling its purpose;
    • relied on a mixture of quantitative and qualitative data; and
    • assess a mixture of short, medium and long term objectives.

    2.72 Complete performance criteria allow for the overall assessment of an entity’s progress in fulfilling its purpose to inform users’ decision making. Where the purpose statement does not clearly identify the intended outcomes this affects the ability of the performance measures to tell a meaningful performance story.

    2.73 The ANAO’s assessment of the maturity of the performance section of the selected entities’ corporate plans (2017–18 planning cycle) is presented in Figure 2.6.

    Figure 2.6: Assessment of the maturity of the performance section of corporate plans (2017–18 planning cycle)

    A bar chart against a four level maturity rating scale (depicted by a quarter circle, half circle, three quarter circle and full circle) that assesses the maturity of  the performance section of entity corporate plans (2017–18 planning cycle).

    Note a: The audit did not include a detailed assessment of the appropriateness of the performance measures included in entity plans.

    Source: ANAO analysis.

    2.74 Each of the selected entities’ corporate plans outlined how they intended to measure their performance. All entities found establishing the right mix of appropriate performance measures challenging and acknowledged that they have scope to improve. All entities advised that they were continuing to make efforts to improve the development and presentation of their performance information.

    2.75 Across the four selected entities performance measures were generally relevant. The reliability and (to a greater extent) the completeness of measures could be improved.

    Relevant

    2.76 Performance measures in entity corporate plans were generally relevant to the activities listed. There remains scope to improve relevance by avoiding the use of performance criteria:

    • that do not assist significantly in informing whether the purpose is being achieved;
    • that are not easily understandable or do not signal the impacts of activities to inform users; and
    • where it is not clear who will benefit from the activity or how they will benefit.

    2.77 For example:

    • AUSTRAC’s corporate plan had metrics such as AUSTRAC’s delivery against the recommendations from the statutory review of the AML/CTF58 regime which is to be measured by qualitative self-assessments. This criterion does not provide the user with an indication of the results that will occur from implementation of the recommendations or the intended outcomes and beneficiaries. As a consequence there is no clear connection between the activities and expected outcomes.
    • CSIRO’s corporate plan had metrics such as maintain or increase the assessments on ‘impact’ criteria from independent business unit reviews in the top two rating levels, and Customer Net Promoter Score. In both these cases users of the corporate plan would require assumed knowledge to understand what the indicator means. It is also not clear who benefits from the activity or how they will benefit.
    • The Ombudsman’s corporate plan had metrics such as Percentage of reports on long term detention cases sent to the Minister within 12 months of the review being received by the Department. Metrics such as this could benefit from being more understandable as it is not clear to the user which Minister and which Department the metric is referring to.
    • Treasury’s corporate plan included the metric Economic and productivity enhancing reforms are developed and progressed. Performance will be measured by long term productivity trends. Long term productivity trends will be influenced by a range of factors not just activities undertaken by Treasury so it could be difficult for Treasury to accurately attribute the effect that its activities have had on changes in trends.
    Reliable

    2.78 The reliability of performance criteria is affected by the extent to which they:

    • can be measured to demonstrate the progress of fulfilling the purpose; and
    • allow for clear interpretation of results and provide an unbiased basis for assessment.

    2.79 There is scope for entities to improve the relevance of performance criteria included in the corporate plan. For example:

    • AUSTRAC and CSIRO cited case studies as a means by which they would measure their performance against their performance measures. A case study on its own cannot adequately demonstrate performance and should be used to build or support a performance story. The framework for selecting and reporting on case studies should also be specified in the corporate plan as it reduces the risk of reporting bias in the annual performance statements where potentially only good news case studies may be presented.
    • The Ombudsman’s corporate plan included the criteria Percentage of outputs delivered under the Australian Aid arrangements and Percentage of reporting requirements met under the Australian Aid arrangements. It is not clear what is being measured—specifically whether the criteria are measuring the Ombudsman’s outputs and compliance or the outputs and compliance of entities providing the aid.
    • Treasury’s corporate plan includes the performance criteria Government measures to improve fiscal sustainability are legislated and implemented in a timely manner and Reduction of portfolio red tape on a net basis. In the first criterion it is not clear what the measures are and what ‘timely’ means, and in the second criterion it is not clear to the user what is being measured as there is insufficient detail to interpret whether the measurement method was appropriate and would provide the required performance information.

    2.80 CSIRO and the Ombudsman provided targets against their performance information. CSIRO outlined some expected incremental improvements while the targets adopted by the Ombudsman were almost all static. AUSTRAC and Treasury did not provide any targets against their performance information. Without an accompanying target, a reader is unable to determine what is being measured or what success looks like. This affects the reliability of the measure. In addition, including information on the basis for targets and why targets would change or remain static over the reporting period further assists readers in providing a comprehensive story on performance.

    Complete

    2.81 Performance criteria should reflect a balance of measurement types (effectiveness and efficiency), bases (quantitative and qualitative) and timeframes (short, medium and long-term). They should also demonstrate the extent of achievement against the entity’s purpose.

    2.82 Performance information in CSIRO, the Ombudsman and Treasury’s corporate plans was often incomplete as it placed a heavy focus on activities or outputs rather than the outcomes/impacts sought by the entity from conducting its activities. There were also examples in the Ombudsman and CSIRO corporate plans where performance measures included meeting legislative obligations or service standards; and/or included metrics associated with supporting activities such as staff morale and budget results. While these measures can provide useful management information, entities need to balance the information contained in the corporate plan and ensure that it includes performance measures that measure the impact of the entity’s activities.

    2.83 AUSTRAC’s corporate plan placed a heavy reliance on qualitative performance information. As a result, the performance information is not complete. As discussed, a more complete set of performance indicators would include criteria that reflect a balance of measurement types (effectiveness and efficiency), bases (quantitative and qualitative) and timeframes (short, medium and long term).

    2.84 The selected entities could usefully review the relevance, and particularly the reliability and completeness of performance measures, as a basis for providing a meaningful performance story in their performance statements.

    Capability

    2.85 The PGPA Rule states that the corporate plan must include the key strategies and plans that the entity will implement in each reporting period covered by the plan to achieve the entity’s purposes.59 Entities are expected to describe their current capability and assess how their capability needs may change over the term of the corporate plan. They may also outline the strategies they will put in place to build the capability they need in areas such as (but not limited to) staffing, capital investment or ICT.60

    2.86 The ANAO’s assessment of the maturity of the capability section of the selected entities’ corporate plans (2017–18 planning cycle) is presented in Figure 2.7.

    Figure 2.7: Assessment of the maturity of the capability section of corporate plans (2017–18 planning cycle)

    A bar chart against a four level maturity rating scale (depicted by a quarter circle, half circle, three quarter circle and full circle) that assesses the maturity of  the capability section of entity corporate plans (2017–18 planning cycle).

    Source: ANAO analysis.

    2.87 The capability section in AUSTRAC’s corporate plan includes a discussion across seven key areas which relate to people, processes, information and technology. The plan outlines and addresses activities to be undertaken in the short and medium term to improve capability in supporting the achievement of AUSTRAC’s purposes. The discussion of capability would be improved if AUSTRAC more clearly articulated how all of the planned strategies would impact on the achievement of purpose. The capability section also integrates with other sections of the plan, such as the environment section, to explain how the environment influences capability factors—providing the user with an appreciation of the broader operating context in which AUSTRAC operates.

    2.88 CSIRO and Treasury, and to a lesser extent the Ombudsman, each gave some indication of the key strategies and plans to be implemented to achieve the entity’s purposes over the life of the plan. In CSIRO’s corporate plan the identified strategies and activities are very high-level and it could more clearly identify the strategies it will adopt to build the necessary capability. Treasury’s discussion of capability identifies some planned activities to build the necessary capability. It does not go as far as to outline how these capability factors will impact on Treasury’s ability to achieve its purpose. The Ombudsman’s discussion on capability was expressed in generic terms that could apply to most entities in the Australian public sector.

    2.89 The capability section of entities’ corporate plans would be improved by:

    • more clearly linking how capability factors influence an entity’s ability to achieve its purpose;
    • including more detailed discussion of existing and future capability requirements and how these might change over time;
    • discussing how an entity plans to obtain or build the necessary capabilities to enable it to achieve its purpose; and
    • improving integration between the capability, environment and risk sections to give users specific information on an entity’s operating context, including an understanding of any changes and how the entity has positioned itself to deal with these changes.

    Risk oversight and management systems

    2.90 The PGPA Rule requires corporate plans to include a summary of the risk oversight and management systems of the entity for each reporting period covered by the plan (including any measures that will be implemented to ensure compliance with the finance law).61 As stated in paragraph 2.32 of this report, the applicable Finance guidance noted that:

    Entities should explain how risk management will underpin their approach to achieving their purposes. Appropriate risk-taking and innovation are consistent with the proper use of and management of public resources. As a strategic planning document, the corporate plan should demonstrate that effective risk management priorities have been considered and implemented.62

    2.91 Discussing risks in the corporate plan, particularly when integrated with discussion on environment and capability provides meaningful information to readers. Including information on entity specific risks and their potential impact on an entity’s performance during a reporting period also enables readers to gain a deeper understanding of the effectiveness of an entity in anticipating and/or addressing matters affecting its performance during the reporting period.

    2.92 The ANAO’s assessment of the maturity of the risk oversight and management systems section of the selected entities’ corporate plans (2017–18 planning cycle) is presented in Figure 2.8.

    Figure 2.8: Assessment of the maturity of the risk oversight and management systems section of corporate plans (2017–18 planning cycle)

    A bar chart against a four level maturity rating scale (depicted by a quarter circle, half circle, three quarter circle and full circle) that assesses the maturity of  the risk oversight and management section of entity corporate plans (2017–18 planning c

    Source: ANAO analysis.

    2.93 The audit did not include an assessment of entities’ management of risk. The audit focussed on entities’ discussion of risk in their corporate plan.

    2.94 AUSTRAC and CSIRO’s corporate plans demonstrated a more mature approach to the discussion of risk oversight and management systems than those of the Ombudsman and Treasury. Both AUSTRAC and CSIRO’s plans include a discussion of entity specific risks which provides context for the user although both could more clearly link this discussion to the achievement of their purposes. The discussion in the Ombudsman’s, and to a lesser extent Treasury’s, risk oversight and management section was largely generic and did not meaningfully inform the user of entity specific risks. As a consequence, there is little sense of how the entity is positioned to manage change and enterprise risks into the future or how these risks will influence its ability to achieve its purpose.

    2.95 The discussion of risk in each of the selected entities’ corporate plans could be improved by:

    • more clearly articulating how their individual approach to managing risk supports the achievement of their specific purposes (particularly the Ombudsman and Treasury); and
    • to varying degrees, linking the discussion on risk with the discussion on environment and capability to provide readers with a better understanding of each entity’s operating context (particularly the Ombudsman and Treasury and to a lesser extent AUSTRAC and CSIRO).

    Recommendation no.4

    2.96 That:

    • the Ombudsman and Treasury identify in their corporate plan key risks and how their approach to managing risk will support the achievement of their purposes; and
    • the selected entities review the reliability and completeness of performance indicators as a basis for providing a meaningful performance story in their performance statements.

    Australian Transaction Reports and Analysis Centre response: Agreed.

    2.97 AUSTRAC agrees with the assessment made on its performance information. AUSTRAC acknowledges scope to mature in this area and is actively seeking to improve performance information. Specifically, how it could be improved to more clearly reflect AUSTRAC’s achievements against performance criteria. However, we note a challenge commonly faced by regulatory and intelligence agencies is the ability to collect and use quantitative data to reflect a meaningful outcome.

    Commonwealth Scientific and Industrial Research Organisation response: Agreed.

    2.98 CSIRO accepts the Recommendation as outlined.

    Department of the Treasury response: Agreed.

    2.99 There is an opportunity in future plans to enhance the environmental risk analysis, including how this might affect the achievement of Treasury’s purpose, and improve the rigour of performance indicators. As noted in the report, work is already underway in the Treasury to achieve this.

    Office of the Commonwealth Ombudsman response: Agreed.

    2.100 Agreed to both points.

    Did entities develop sound systems and processes for monitoring achievements against their corporate plan?

    AUSTRAC and the Ombudsman had developed mature systems and processes to monitor achievements against the plan (particularly in relation to performance) and report regularly to their senior management and Accountable Authority. These were fully operating in a manner that supported decision making and the corporate plan was being used in managing the business.

    In CSIRO and Treasury some systems and processes for regular monitoring of achievements against the plan were in place. In CSIRO and to a lesser extent Treasury there was a need to embed systems and processes for monitoring and reporting which fully position the corporate plan as the primary planning document in such a way that is it used to support decision making and managing the business.

    2.101 The corporate plan is intended to be the primary planning document of an entity and represents the beginning of the annual performance cycle. An annual performance statement closes the performance cycle and is intended to provide an assessment of the extent to which an entity has succeeded in achieving its purposes, as outlined in its corporate plan. It is therefore important that entities establish arrangements for monitoring and reporting on progress in achieving the measures and other commitments included in the corporate plan and to enable the reporting of relevant, reliable and complete performance information in the annual performance statement.

    2.102 In reviewing the arrangements adopted by entities to monitor achievement against their corporate plans, the ANAO considered whether entities:

    • developed systems and processes to monitor their plans, particularly in relation to performance;
    • established clearly defined roles, responsibilities and accountabilities; and
    • had fully engaged their Executive management and/or Board.

    2.103 The ANAO’s overall assessment of the maturity of the systems and processes adopted by the selected entities to monitor achievements against their corporate plans (2017–18 planning cycle) is presented in Figure 2.9.

    Figure 2.9: Assessment of the maturity of entity systems and processes to support monitoring achievement against corporate plans (2017–18 planning cycle)

    A bar chart against a four level maturity rating scale (depicted by a quarter circle, half circle, three quarter circle and full circle) that assesses the maturity of  the systems and processes developed to support monitoring achievement against the corpo

    Note: The ANAO’s conclusion is based on a review of Treasury’s Triannual Performance Reporting arrangements that were in place for the 2016–17 corporate plan. Treasury advised the ANAO that for the 2017–18 corporate plan it has moved to biannual reporting. At the time of audit fieldwork Treasury had not yet produced its biannual performance report.

    Source: ANAO analysis.

    2.104 Regular reporting to senior management of progress in achieving the measures and other commitments outlined in an entity’s corporate plan supports management decision making and is an indicator of an entity’s commitment to positioning the corporate plan as the entity’s primary planning document.

    2.105 AUSTRAC and the Ombudsman had systems and processes in place for regular monitoring of achievements against the plan that were operating in a manner that supported management decision making. CSIRO had established a range of systems and processes to monitor and report on various aspects of performance. These did not relate specifically to the corporate plan. Treasury had some systems and processes in place for regular monitoring of achievements (particularly relating to performance) against the plan.

    2.106 Roles and responsibilities in relation to monitoring achievement against the corporate plan (particularly in relation to performance) were clearly and formally documented in AUSTRAC and the Ombudsman but not so in CSIRO and Treasury.63

    2.107 AUSTRAC and the Ombudsman provide quarterly performance reports against the metrics in their corporate plan to their senior executive to assist in decision making and both entities had established the corporate plan as their primary planning document.

    2.108 Treasury monitors performance against the performance indicators in its corporate plan on a biannual basis. Reports are provided to the Secretary and the Audit Committee.64 There was no evidence that the outcomes of this monitoring process were actively used to inform strategic decision making. As discussed in paragraph 2.8, at the time of the audit there was no overarching entity-level planning framework that operated across Treasury. The department had recognised that formal business planning had been undertaken inconsistently across the entity65 and, at the time of audit fieldwork, work was underway to strengthen the department’s business planning processes.

    2.109 CSIRO provided results against the metrics outlined in the corporate plan to its Board annually through its Executive Team. Annual reporting against metrics (as distinct from more regular monitoring throughout the year) does not support ongoing decision making by the Board and Executive management throughout the year. CSIRO had established a range of systems and processes to monitor and report on various aspects of performance and reviewed performance at varying frequencies throughout the year for a range of activities which indirectly related to the corporate plan.

    2.110 The monitoring arrangements implemented by Treasury and CSIRO reflect that Treasury had not fully established its corporate plan as its primary planning document and that CSIRO had not established its corporate plan as its primary planning document.

    Appendices

    Appendix 1 Entity responses

    Australian Transaction Reports and Analysis Centre (AUSTRAC)

    Commonwealth Scientific and Industrial Research Organisation

    Department of the Treasury

    Office of the Commonwealth Ombudsman

    Department of Finance

    Appendix 2 Extract of PGPA Rule 2014

    Appendix 3 ANAO assessment matrix

    66Criteria to assess entities’ positioning of their corporate plans as their primary planning document

    This appendix shows a series of tables that present the assessment criteria used throughout the report. Each table is structured with  five columns.

    Criteria to assess entities’ corporate planning—development of entity corporate plans

    For this specific table, in addition to the principles of presentation outlined above for this appendix in general, the last row of the table summarises the rankings

    Criteria to assess entities’ corporate planning—corporate plans

    Criteria to assess entities’ corporate planning—monitoring achievements against entity corporate plans

    Source: ANAO.

    Appendix 4 Criteria for the assessment of the relevance, reliability and completeness of performance information

    The following criteria have been adapted from the evaluation of the appropriateness of key performance indicators as depicted in ANAO Report No.21 2013–14. Pilot Project to Audit Key Performance Indicators. The criteria have been updated to reflect Finance’s guidance to support the enhanced Commonwealth performance framework.

    Table A.1: Criteria for the assessment of the relevance, reliability and completeness of performance information

     

    Criteria

    Characteristics

    Explanation

    Individual assessment

    Relevant

    A relevant performance criterion assists users’ decision making in regard to an entity’s progress in fulfilling its purpose.

    Benefit

    The performance criterion clearly indicates who will benefit and how they will benefit from the entity’s activities.

    The performance criterion should explain who will benefit from the activity and how the recipient benefited.

    Focus

    The performance criterion should address a significant aspect/s of the purpose, via the activities.

    The performance criterion should assist significantly in informing whether the purpose is being achieved.

    Understandable

    The performance criterion should provide sufficient information in a clear and concise manner.

    The performance criterion should be stated in plain English and signal the impacts of activities to inform users.

    Reliable

    A reliable performance criterion allows for reasonably consistent assessment of an entity’s progress in fulfilling its purpose.

    Measurable

    The performance criterion should use information sources and methodologies that are fit for purpose.

    The performance criterion should be capable of being measured to demonstrate the progress of fulfilling the purpose. This includes documenting a basis or baseline for measurement or assessment, for example a target or benchmark.

    Free from Bias

    The performance criterion should be free from bias and where possible, benchmarked against similar activities.

    The performance criterion should allow for clear interpretation of results and provide an unbiased basis for assessment.

    Overall assessment

    Complete

    Performance criteria allow for the overall assessment of an entity’s progress in fulfilling its purpose to inform users’ decision making.

    Balanced

    The performance criteria should provide a balanced examination of the overall performance story.

    The performance criteria should reflect a balance of measurement types (effectiveness and efficiency), bases (quantitative and qualitative) and timeframes (short, medium and long-term).

    Collective

    The performance criteria should collectively address the purpose.

    The performance criteria should demonstrate the extent of achievement against the purpose.

           

    Source: ANAO, Audit Report No.58 2016–17, Implementation of the Annual Performance Statements Requirements 2015–16.

    Footnotes

    1 ANAO, Audit Report No. 28 2012–13, The Australian Government Performance Measurement and Reporting Framework: Pilot Project to Audit Key Performance Indicators, p. 14, [Internet], available from <https://www.anao.gov.au/work/performance-audit/agencies-implementation-performance-audit-recommendations> [accessed February 2018].

    2 Sections 16E and 27A of the PGPA Rule sets out the requirements for corporates plans for Commonwealth entities and are reproduced at Appendix 2.

    3 An Accountable Authority for a Commonwealth entity is generally the person or group of persons that has responsibility for, and control over, the entity’s operations. Subsection 12(2) of the PGPA Act sets out the person(s) or body that is the Accountable Authority of a Commonwealth entity, available from <https://www.legislation.gov.au/Details/C2017C00269> [accessed February 2018].

    4 Explanatory Memorandum, Public Governance, Performance and Accountability Bill 2013, p. 31, [Internet], available from <http://parlinfo.aph.gov.au/parlInfo/download/legislation/ems/r5058_ems_5771fa39-4fac-45d7-9699-75920976ba70/upload_pdf/380781-2.pdf;fileType=application%2Fpdf> [accessed February 2018]; Department of Finance, Resource Management Guide No. 132: Corporate plans for Commonwealth entities, January 2017, p. 7, [Internet], available from <http://www.finance.gov.au/sites/default/files/RMG_132 _Corporate_plans_for_Commonwealth_entities_Mar17.pdf> [accessed February 2018]; and Department of Finance, Resource Management Guide No. 133: Corporate plans for Commonwealth companies, January 2017, p. 5, [Internet], available from <http://www.finance.gov.au/sites/default/files/RMG_133_ Corporate_plans_for_companies_Mar17.pdf> [accessed February 2018].

    5 Subsection 5(c) (ii) of the PGPA Act, [Internet], available from <https://www.legislation.gov.au/ Details/C2017C00269> [accessed February 2018].

    6 ANAO, Audit Report No.5 2011–12, Development and Implementation of Key Performance Indicators to Support the Outcomes and Programs Framework, 2011, p. 33, [Internet], available from <https://www.anao.gov.au/work/performance-audit/development-and-implementation-key-performance-indicators-support-outcomes> [accessed February 2018].

    7 ANAO, Audit Report No.28 2012–13 The Australian Government Performance Measurement and Reporting Framework: Pilot Project to Audit Key Performance Indicators, 2013, p. 14, [Internet].

    8 Department of Finance, Enhanced Commonwealth Performance Framework—Discussion Paper, Canberra, August 2014, p. 2, [Internet], available from <https://www.finance.gov.au/sites/default/files/enhanced-commonwealth-performance-framework-discussion-paper.pdf> [accessed February 2018].

    9 Department of Finance, Is Less More? Towards Better Commonwealth Performance, Commonwealth Financial Accountability Review, March 2012, [Internet], available from <https://www.finance.gov.au/sites/default/files /CFAR_Discussion_Paper.pdf> [accessed February 2018].

    10 Department of Finance, Public Management Reform Agenda, [Internet], available from <https://www.finance.gov.au/resource-management/pmra/> [accessed February 2018].

    11 Department of Finance, About the PMRA, [Internet], available from <https://www.finance.gov.au/resource-management/pmra/about/> [accessed February 2018].

    12 The PGPA Rule prescribes a range of matters that are necessary or convenient to be prescribed for the purposes of carrying out or giving effect to the PGPA Act. Sections 16E and 27A of the PGPA Rule set out the matters that the Accountable Authority must include in the entity’s corporate plan, [Internet], available from <https://www.legislation.gov.au/Details/F2018C00014> [accessed February 2018] and are reproduced at Appendix 2 of this report.

    13 Division 2 Section 8 of the PGPA Act defines purposes of a Commonwealth entity or company as including the objectives, functions, or role of the entity or company, [Internet], available from <https://www.legislation.gov.au/Details/C2017C00269> [accessed February 2018].

    14 The Portfolio Budget Statements, tabled in Parliament by the relevant Minister, set out an entity’s outcome(s), programs, expenses, deliverables and key performance criteria. Entities subsequently report their performance against these criteria in their annual reports.

    15 Explanatory Memorandum, Public Governance, Performance and Accountability Bill 2013, p. 31,[Internet], Department of Finance, Resource Management Guide No. 132: Corporate plans for Commonwealth entities, January 2017, p. 7, [Internet], available from <http://www.finance.gov.au/sites/default/files/ RMG_132_Corporate_plans_for_Commonwealth_entities_Mar17.pdf> [accessed February 2018]; and Department of Finance, Resource Management Guide No. 133: Corporate plans for Commonwealth companies, January 2017, p. 5, [Internet], available from <http://www.finance.gov.au/sites/default/files/ RMG_133_Corporate_plans_for_companies_Mar17.pdf> [accessed February 2018].

    16 These include the need for entities to include resourcing information and key entity risk information in their corporate plans and improve clarity around requirements and guidance.

    17 The effect of section 112 is to require the Finance Minister, in consultation with the Joint Committee of Public Accounts and Audit (JCPAA), to conduct an independent review of the PGPA Act and the PGPA Rules as soon as practicable after 1 July 2017.

    18 Department of Finance, Public Governance, Performance and Accountability Act 2013 and Rule—Independent Review, [Internet], available from <https://www.finance.gov.au/pgpa-independent-review/#intro>[accessed February 2018].

    19 ibid.

    20 ANAO, Audit Report No.6 2016–17 Corporate Planning in the Australian Public Sector, p. 12 and Audit Report No.54 2016–17 Corporate Planning in the Australian Public Sector 201617, pp. 18–19.

    21 Finance undertook qualitative analysis of the 2016–17 corporate plans of 121 entities and the 2017–18 corporate plans of 166 entities. After both sets of analysis Finance published a lessons learned paper outlining its observations and providing better practice examples.

    22 Department of Finance, The Enhanced Commonwealth Performance Framework 201718 Corporate Plans Lessons Learned; December 2017, p. 3, [Internet] available from <https://www.finance.gov.au/sites/default/files/2017-18%20Corporate%20Plan%20Lessons%20Learned.pdf> [accessed February 2018].

    23 ibid., pp. 3–4.

    24 These recommendations related to non-financial performance reporting and evaluation.

    25 JCPAA, Report 469: Commonwealth Performance Framework, December 2017, [Internet], available from <https://www.aph.gov.au/Parliamentary_Business/Committees/ Joint/Public_Accounts_and_Audit/Completed inquiries> [accessed February 2018].

    26 Sections 16E and 27A of the PGPA Rule set out the requirements for corporates plans for Commonwealth entities and are reproduced at Appendix 2.

    27 This assessment matrix has been updated from the matrix used in previous audits on corporate planning to reflect increasing expectations given this is the third year entities have been required to produce corporate plans under the PGPA Act.

    28 Explanatory Memorandum, Public Governance, Performance and Accountability Bill 2013, p. 31, [Internet]; Department of Finance, Resource Management Guide No. 132: Corporate plans for Commonwealth entities, January 2017, p. 7, [Internet]; and Department of Finance, Resource Management Guide No. 133: Corporate plans for Commonwealth companies, January 2017, p. 5; [Internet].

    29 Department of Finance, Resource Management Guide No. 130: Overview of the Enhanced Commonwealth Performance Framework, July 2016, p. 6, [Internet], available from <http://www.finance.gov.au/sites/default/files/rmg-130-overview-of-the-enhanced-commonwealth-performance-framework_0.pdf> [accessed February 2018].

    30 CSIRO’s Strategy 2020 was released in 2015 and sets out CSIRO’s strategy, vision, mission, strategic actions and how it will measure its performance for the five year period 2015–2020.

    31 This included reporting three times a year to its Executive Team on progress against the strategic actions from its Strategy 2020 document.

    32 As noted in paragraph 2.8, Treasury did not have a formal entity-level planning framework at the time of the development of the 2017–18 corporate plan. A draft planning framework was in development at the time of the audit.

    33 Sections 35 and 95 of the PGPA Act, [Internet].

    34 The PGPA Rule requires that entities publish their corporate plan on their website by 31 August each year (or the end of February for entities that operate on a calendar year basis), unless another date is specified for an entity in its enabling legislation. The PGPA Rule also requires entities to set out the purposes and activities that the entity will pursue and the results it expects to achieve, including explaining the environment and context in which it operates, and its planned performance measures, risk profile and capabilities to cover a minimum of four reporting periods. Sections 16E and 27A of the PGPA Rule are reproduced in Appendix 2 of this audit report.

    35 Subsection 16E(5) of the PGPA Rule requires that the corporate plan be given to the responsible Minister and the Finance Minister: (a) as soon as practicable after the plan is prepared; and (b) before the plan is published on the entity’s website.

    36 Treasury incorporated material on the environment in which it operates throughout its corporate plan rather than in one specific section. The PGPA Rule requires certain matters be included in an entity’s corporate plan but does not prescribe how entities are required to present such matters.

    37 ANAO, Audit Report No.6 2016–17, Corporate Planning in the Australian Public Sector, p.13 and pp. 44–45 and ANAO Audit Report No.54 2016–17, Corporate Planning in the Australian Public Sector 2016–17 p. 28.

    38 In JCPAA Report 469 the Committee recommended that Finance note that the Committee referred the following matters to the attention of the review of the PGPA Act:

    • the requirements relating to the inclusion in corporate plans of resourcing information and key entity risks, informed by the findings of ANAO Report No.6 (2016–17), Corporate Planning in the Australian Public Sector (paragraphs 3.10 to 3.16); and
    • the content, interpretation and application of the mandatory process requirement relating to the four reporting periods of the corporate plan, informed by the findings of Audit Report No.54 (2016–17), Corporate Planning in the Australian Public Sector 2016–17 (paragraphs 2.21 to 2.24).
    • Source: JCPAA, Report 469: Commonwealth Performance Framework, December 2017, p. vii, [Internet].

    39 Department of Finance, Resource Management Guide No. 132: Corporate plans for Commonwealth entities, January 2017, p. 38, [Internet].

    40 PGPA Act subsection 5(c) (ii), [Internet].

    41 PGPA Act section 16, [Internet].

    42 Department of Finance, Commonwealth Risk Management Policy 1 July 2014, pp. 9–10, [Internet], available from <https://www.finance.gov.au/comcover/risk-management/the-commonwealth-risk-management-policy/> [accessed February 2018]. Corporate Commonwealth entities such as CSIRO are not required to comply with the Commonwealth Risk Management Policy, but should review and align their risk management frameworks and systems with the policy as a matter of good practice.

    43 ibid., p. 9.

    44 Department of Finance, Resource Management Guide No. 130: Overview of the enhanced Commonwealth performance framework, July 2016, p. 6, [Internet].

    45 The ANAO’s review was based on the assessment matrix provided at Appendix 3 of this audit report.

    46 Department of Finance, 2017‐18 Corporate Plan Lessons Learned, November 2017 [Internet].

    47 Department of Finance, Resource Management Guide No. 132: Corporate Plans for Commonwealth entities, January 2017, p. 18, [Internet].

    48 Department of Finance, Resource Management Guide No.131: Developing good performance information, April 2015, p. 10, [Internet], available from <https://www.finance.gov.au/sites/default/files/RMG%20131%20 Developing%20good%20performance%20information.pdf> [accessed February 2018].

    49 ibid., p. 15.

    50 ibid.

    51 Department of Finance, Resource Management Guide No. 132: Corporate Plans for Commonwealth entities, January 2017, p. 21, [Internet].

    52 Department of Finance, Resource Management Guide 130: Overview of the enhanced Commonwealth performance framework, July 2016 p. 3–5 [Internet].

    53 PGPA Rule subsection 16E(4). Section 16E of the PGPA Rule is reproduced in Appendix 2 of this audit report.

    54 Department of Finance, Resource Management Guide 132: Corporate Plans for Commonwealth entities, January 2017 p. 23, [Internet]. As discussed, the requirement to provide meaningful information to the Parliament and public is articulated in section 5 of the PGPA Act.

    55 ibid., p. 19.

    56 Department of Finance, Resource Management Guide No 131: Developing good performance information, April 2015, p. 41, [Internet].

    57 Figure 1.4 in Audit Report No.33 2017–18, Implementation of the Annual Performance Statements Requirements 2016–17 provides information on the number of performance criteria presented in a sample of 2017–18 corporate plans. The number ranges from five to 79. The wide range in the number of performance criteria indicates that entities are embracing the flexibility provided by the framework to design performance information tailored to their circumstances. For entities with greater than 30 performance criteria, it may be appropriate for entities to confirm that an appropriate balance of performance information is being achieved.

    58 AML and CTF stand for Anti-Money Laundering and Counter-Terrorism Financing respectively.

    59 PGPA Rule subsection 16E(5). Section 16E of the PGPA Rule is reproduced in Appendix 2 of this audit report.

    60 Department of Finance, Resource Management Guide No. 132: Corporate Plans for Commonwealth entities, January 2017, p. 34, [Internet].

    61 PGPA Rule subsection 16E(6). Section 16E of the PGPA Rule is reproduced in Appendix 2 of this audit report.

    62 Department of Finance, Resource Management Guide No. 132: Corporate plans for Commonwealth entities, January 2017, p. 37, [Internet].

    63 At the time of the audit Treasury was developing guidance relating to accountabilities, roles and responsibilities, processes and timeframes for annual performance reporting and corporate planning.

    64 For the 2016–17 corporate plan these were provided three times per year. For the 2017–18 corporate plan Treasury advised the ANAO that these would be provided twice per year. At the time of preparing this audit report Treasury had not yet produced its biannual performance report so the ANAO has based its conclusion on a review of Treasury’s Triannual Performance Reporting arrangements that were in place for the 2016–17 corporate plan.

    65 In November 2016 an internal audit report identified that business planning had been undertaken inconsistently across the entity.

    66 This assessment matrix has been updated from the matrix used in previous audits on corporate planning to reflect increasing expectations given this is the third year entities have been required to produce corporate plans under the PGPA Act.