The objective of this audit is to assess the effectiveness of the management of cyber security risks by three government business enterprises or corporate Commonwealth entities. The entities selected for audit are ASC Pty Ltd, the Australian Postal Corporation and the Reserve Bank of Australia.

Audit criteria

The audit criteria are:

  1. Have entities managed cyber security risks in line with their own risk arrangements?
  2. Have entities managed cyber security risks in line with key aspects of the Information Security Manual?
  3. Do entities have a culture of cyber security resilience?

Contribute to this audit

The ANAO welcomes members of the public contributing information for consideration when conducting performance audits. Performance audits involve the independent and objective assessment of the administration of an entity or body’s programs, policies, projects or activities. They also examine how well administrative support systems operate.

The ANAO does not have a role in commenting on the merits of government policy but focuses on assessing the efficient and effective implementation of government programs, including the achievement of their intended benefits.

The audit you have selected is currently collecting audit evidence and is seeking input from members of the public. We particularly value information that deals with significant matters or insights into the administration of the subject of this audit. Information can be submitted either by uploading a file, or by entering your information into the comments box below.

While your contribution will be considered, and handled with care, you will not automatically receive feedback about your contribution. However, if you provide your contact details, you may be contacted regarding your contribution.

Please note that contributions are intermittently monitored. We aim to consider all contributions within 14 days of receipt.

We anticipate accepting contributions to this audit until Thursday 28 February 2019.

Files must be less than 20 MB.
Allowed file types: txt pdf doc docx.