This audit would examine the effectiveness of the management of cyber security risks within selected entities.
The scope would include:
- reviewing the actions taken by selected entities in prioritising cyber security to support the themes stated in Australia’s Cyber Security Strategy;
- assessing cyber security controls implemented against the entities’ cyber security frameworks; and
- comparing the entities’ implemented cyber security frameworks and controls against the mandatory controls required under the Protective Security Policy Framework and the Australian Signals Directorate’s Essential Eight Maturity Model.
Work program portfolio
This potential performance audit is featured in 1 annual audit work program portfolio: