The audit objective was to assess the effectiveness of the Department of Defence’s arrangements for monitoring and reporting explosive ordnance and weapons security incidents.

Summary

Introduction

1. The effective management of explosive ordnance (EO) and weapons is integral to military capability and operations, and contributes to the safety of Australian Defence Force (ADF) members and the public.1 The Department of Defence (Defence) should appropriately manage and account for its diverse inventory of EO and weapons to ensure these items are readily available to the ADF when required. EO and weapons held by Defence also pose potential risks to ADF members and public safety if they are mishandled or fall into the hands of those seeking to misuse them. Experience has shown that the barrier between Defence and the community is a permeable one that can be breached accidentally or deliberately.2

2. The management of EO and weapons primarily relies on the design and application of appropriate controls throughout their life cycle, from procurement, storage and handling, through to final use or disposal. A necessary complement to these arrangements is a reliable system for recording and reporting security incidents involving EO and weapons in the event of control failures. Such a system should provide senior management in Defence with visibility of these incidents and their outcomes, and inform the development and application of the procedures used by Defence to store, handle and account for EO and weapons.

3. The Defence Security Manual (DSM) is the authoritative policy for the reporting of security incidents within Defence.3 The DSM defines the following EO and weapons security incidents as major security incidents with consequential reporting requirements:

  • Any actual or suspected loss, theft, attempted theft, recovery of, or suspicious incidents involving EO, Defence weapons, associated equipment or cadet firearms.
  • The discovery of EO or weapons; actual or attempted break-ins to licensed EO facilities, armouries or weapons storage facilities; and loss, compromise or theft of any keys, cards or other access devices associated with EO and weapons security and storage.
  • The inappropriate handling and storage of EO, weapons and associated equipment related to EO and weapons.

4. Defence recorded 960 EO and weapons security incident reports between 1 January 2011 and 28 August 2013. Common examples of the security incidents included items found on, or missing from, Defence premises, such as small arms ammunition, grenades and plastic explosives; and the recovery of World War II munitions in public areas. Two of the most significant security incidents during the period were the discovery of a live in-service grenade in a public area and the loss of an in-service Claymore antipersonnel weapon. Many of the EO and weapons security incidents were multifaceted and had a range of implications for Defence including, for example, issues of safety and proper conduct.

Organisational arrangements for EO and weapons security incidents

5. As a large and dispersed organisation, Defence must have appropriate arrangements in place to provide both local control and effective whole‑of‑Defence oversight and assurance of the management of EO and weapons. Defence’s arrangements for managing EO and weapons security incidents involve a broad range of internal management structures, internal stakeholders and activities.

6. The Defence Security Authority (DSA) is the central point of contact for protective security matters in Defence. The DSA is led by Defence’s Chief Security Officer and is responsible for, among other things:

  • setting Defence protective security policy including Defence’s primary source of protective security policy, the DSM; and
  • monitoring and reporting on Defence’s security compliance, performance and risks, including managing the Defence Security Authority Audit Recommendation Management System (dsaARMS) and compiling regular reports on EO and weapons security incidents for the Defence Explosive Ordnance Committee (DEOC).

7. Defence policy requires the reporting of all major security incidents to the DSA. The DSA is responsible for: ensuring that reported security incidents have been entered into the Defence Policing and Security Management System (DPSMS)4; analysing all reported security incidents; and determining the incidents that need to be investigated and the most appropriate Defence Investigation Authority (DIA)5, Civil Authority or ADF unit to conduct an investigation or administrative inquiry.

8. In August 2007, Defence completed a comprehensive internal performance audit of its management of weapons, munitions and explosives (WME).6 The audit made 58 recommendations focused on improving Defence’s policies and systems for the management and accounting of WME to enhance visibility and control throughout their life cycle. The audit made a number of recommendations to strengthen the role and capability of the DSA in the areas of audit, review, compliance and remediation of WME security.

Audit objective, criteria and scope

9. The audit objective was to assess the effectiveness of Defence’s arrangements for monitoring and reporting EO and weapons security incidents. To reach a conclusion against the audit objective, the following high level audit criteria were used:

  • documentation and advice provided to Defence personnel to assist them in reporting EO and weapons security incidents is adequate;
  • Defence’s reporting arrangements for EO and weapons security incidents are operating effectively (including the processes for Defence personnel to report EO and weapons security incidents, and the process for reporting data on EO and weapons security incidents to the Defence Executive and relevant Defence committees);
  • Defence’s system for recording details of EO and weapons security incidents is adequate; and
  • the DSA’s process for recording, reporting, and responding to the outcomes of investigations into EO and weapons security incidents supports continuous improvement in EO and weapons security incident management.

10. The audit also reviewed Defence’s progress in addressing the two relevant recommendations from ANAO Audit Report No.37, 2010–11, Management of Explosive Ordnance Held by the Air Force, Army and Navy. The two recommendations were that Defence:

  • take steps to remove all the inconsistencies in the definitions and requirements for the management of EO security incidents in Defence policy and procedural documents (Recommendation No.4); and
  • improve its incident reporting and data management of EO security incidents (Recommendation No.5).7

11. The audit focused on the central administration of EO and weapons security incident reporting in Defence by the DSA, and the arrangements in place to assist Defence personnel in reporting incidents.8 The audit did not assess the extent to which all EO and weapons security incidents are reported.

Overall conclusion

12. Defence has diverse EO and weapons holdings throughout Australia and internationally. The secure and effective management of these holdings contributes to national security, military capability and operations, and the safety of ADF members and the public. The implementation of an appropriate control framework covering the storage and transport, usage and disposal of EO and weapons is an essential aspect of their management. Defence security incident reporting and investigations complement these arrangements and provide a means for Defence to understand control failures and inform remedial action, including the identification of opportunities for improvement in the design and application of controls.

13. Experience has shown that EO and weapons security incidents occur relatively frequently and they may have potentially serious consequences. Between 1 January 2011 and 28 August 2013, Defence recorded 960 EO and weapons security incident reports, ranging from the discovery of historical EO and weapons in the community, to the mishandling and misplacement of EO and weapons currently in-service with the ADF.

14. Defence’s arrangements for monitoring and reporting EO and weapons security incidents have only been partially effective in enabling Defence to: centrally identify EO and weapons security incidents, maintain a complete and accurate record of these incidents, and identify and address the underlying causes of incidents.

15. Within Defence’s overall framework for EO and weapons security, the DSA has responsibility for the central monitoring of security incidents and developing Defence-wide protective security policy. The effectiveness of the DSA in fulfilling these functions is dependent on clear security incident reporting requirements, the completion of security incident reports by Defence personnel in accordance with these requirements, and a sound approach to recording details of incidents and investigations, analysing this data and responding appropriately.

16. As part of the framework, Defence has a suite of whole-of-Defence and local policies and guidance available to staff on identifying and reporting EO and weapons security incidents. This suite of policies and guidance reflects different lines of reporting and accountability for the management of EO and weapons under the chain of command for each service, to the Vice Chief of the Defence Force9 and to the DSA for security incidents. However, there is fragmentation and a general lack of coordination in these reporting arrangements, characterised by differing reporting requirements and methods. There is scope for Defence to streamline reporting requirements in order to facilitate timely and complete EO and weapons security incident reporting.

17. Defence policy mandates the reporting of all EO and weapons security incidents to the DSA to enable the DSA to monitor and triage10 these incidents. While incident reporting and management generally occurs at an ADF Service and Defence Group level, reporting is often incomplete because there is regular non-compliance with the requirement to inform the DSA about EO and weapons security incidents. For 27 per cent (186 of the 693) of the EO and weapons security incident reports completed across Defence between 1 January 2011 and 25 March 201311, the DSA was not notified in accordance with Defence’s reporting requirements. During the course of the audit, Defence identified a further 162 EO security incidents for the period January to March 2013 which had not been recorded as security incidents or reported to the DSA in accordance with Defence requirements.12 The DSA investigation into the non-reporting of these additional EO security incidents to the DSA, showed that the non-reporting was widespread, and extended over a more prolonged period13, representing a systemic level of non-compliance with the current and mandatory Defence-wide policy issued by the Secretary and CDF.14 These shortcomings in the reporting of EO and weapons security incidents compromise the integrity of the central monitoring and reporting system and have detracted from the DSA’s capacity to fulfil its central monitoring role.

18. Defence has established a primary electronic system for recording details of all EO and weapons security incidents and investigations, known as the Defence Policing and Security Management System (DPSMS). This system has the potential to provide for central visibility over incidents amidst diverse lines of reporting and accountability. However, the 162 EO security incidents identified during the audit were not recorded in DPSMS and data quality for recorded incidents has been an ongoing issue, with 73 per cent of EO and weapons security incident reports during the period under review requiring some form of data correction. In addition to DPSMS, Defence uses other electronic systems to record details of EO and weapons security incidents but does not formally share and align the information contained in those systems and DPSMS, creating an additional risk of inconsistent and incomplete data in DPSMS. Further, only a small number of DSA staff have broad access to comprehensive records of all EO and weapons security incidents and investigations entered into DPSMS by the various Defence Investigative Authorities (DIAs), and the DSA does not routinely analyse this data. These recording and access arrangements, which are characterised by fragmentation, incomplete data entry and the need for rework, are generally inefficient and not conducive to a whole-of-Defence understanding of the underlying causes and outcomes of EO and weapons security incidents and investigations, and any associated trends. They are also an impediment to establishing a viable feedback loop informing Defence policy and the implementation of the framework for EO and weapons security and control.

19. In 2013, Defence reviewed its implementation of the 58 recommendations from the 2007 Defence internal performance audit on the management of WME security. This review indicated that work remains for Defence to implement, or demonstrate implementation of, almost half of the 58 recommendations. The Defence reviews highlighted the existence of ‘upstream’ risks to Defence’s EO and weapons management in terms of how EO and weapons are stored, handled, transported and accounted for. These risks, coupled with the shortcomings in the current ‘downstream’ monitoring and reporting of EO and weapons security incidents identified in this audit, highlight that Defence still has some way to go to achieve confidence in the effectiveness of its EO and weapons security arrangements. The DSA is not yet fulfilling the strong role envisaged at the time of the 2007 review in the areas of audit, review, compliance and remediation of WME security.15 Symptomatic of this situation, the ADF has conducted periodic amnesties–for EO inappropriately held by personnel–without the knowledge of the DSA16, and without centrally tracking the amnesties or centrally reporting the items recovered.

20. Defence has established central reporting processes and systems at considerable cost in an attempt to achieve an understanding of the occurrence, underlying causes and outcomes of EO and weapons security incidents and investigations across Defence, and any associated trends in these incidents. The efficient and effective operation of its central arrangements will help Defence realise their full potential in support of the ADF, particularly through establishing a robust feedback loop to inform Defence policy and the implementation of the EO and weapons control and security framework. In a resource constrained environment, streamlining reporting and co-ordination arrangements offers an opportunity for Defence to leverage its investment in centralised processes and systems to more effectively mitigate control risks and achieve efficiencies in local and Defence-wide security incident reporting arrangements.

21. The ANAO has made two recommendations directed towards Defence streamlining EO and weapons security incident reporting requirements and strengthening central visibility of EO amnesties. In addition, Recommendation No.5 from ANAO Report No. 37, 2010–11, Management of Explosive Ordnance Held by the Air Force, Army and Navy remains relevant—that Defence improve its incident reporting and data management for EO security incidents.

Key findings by chapter

Reporting EO and weapons security incidents (Chapter 2)

22. The primary sources of Defence’s EO and weapons security incident reporting requirements are the DSM and the Defence Instruction (General) DI(G) ADMIN 45-2 ‘The reporting and management of notifiable incidents’. Some of the reporting requirements in these two policy documents are the same and others differ. ANAO Audit Report No.37, 2010–11, Management of Explosive Ordnance Held by the Air Force, Army and Navy included a recommendation (Recommendation No.4) that Defence take steps to remove all the inconsistencies in the definitions and requirements for the management of EO security incidents in Defence policy and procedural documents. While the DSM has been amended to this end, the content of DI(G) ADMIN 45-2 has not changed since its last revision in March 201017, and there remains scope for Defence to further streamline the requirements in this document and harmonise them with those set out in the revised DSM. Defence’s documentation on its process to address ANAO Recommendation No.4 suggests that despite best efforts in some areas of Defence, the fragmented nature of the ‘ownership’ of Defence policy and procedures continues to challenge Defence’s capacity to rationalise and align its requirements for managing and reporting EO and weapons security incidents, and its ability to do so in a timely way.18

23. Based on the requirements of the DSM and DI(G) ADMIN 45-2, EO and weapons security incidents should be reported to up to eight separate stakeholders using a range of methods, reflecting a general lack of coordination and fragmentation in the reporting arrangements. This situation has contributed to non-compliance with individual reporting requirements, and the emergence of coordination issues relating to the notification of Defence stakeholders and investigators. In order to facilitate timely and complete EO and weapons security incident reporting and an improvement in the DSA’s visibility over these incidents, Defence should streamline reporting requirements. There is also scope to improve arrangements to coordinate the dissemination of reported information to relevant Defence stakeholders.

24. Defence policy provides ADF unit managers with the option to declare periodic amnesties on EO held by personnel but not authorised for retention, which is a potentially beneficial arrangement. However, there are currently no mechanisms in place to centrally track the number of amnesties declared or the types of EO involved. There are also no formal requirements to centrally report EO items recovered through amnesty arrangements. In consequence, there is no process to acquit for items surrendered during an amnesty, and to reconcile Defence-wide records of EO items. To further contribute to Defence’s visibility over EO security incidents and account for items recovered, Defence should establish a formal reporting and acquittal process for EO amnesties.

25. On 20 June 2013, in the course of the audit, Defence informed the ANAO that it is working on establishing a formal reporting process for EO amnesties. Defence noted that this may require changes to key policy documents such as the DSM, and acknowledged that it is important to have the process in place before the return of troops from Afghanistan.

26. The DSA’s Security Incident Centre is responsible for the assessment, referral and analysis of all major security incidents in Defence. Defence identified 194 EO and weapons security incidents reported in DPSMS between 1 January 2011 and 25 March 2013, for which primary responsibility rested with a DIA other than the Security Incident Centre. Of these 194 incidents, only 25 (13 per cent) contained information indicating that the DSA carried out some form of initial assessment.19 Similarly, the DSA has identified 186 EO and weapons security incidents not reported to the DSA in accordance with the DSM between January 2011 and March 2013.20 Consequently, many EO and weapons security incidents are assessed, managed, investigated and/or closed by other DIAs without an initial assessment by the Security Incident Centre, contrary to Defence requirements.

27. During the audit, Defence informed the ANAO of 162 EO security incidents for the period January to March 2013, in addition to those discussed in paragraph 26, which were not reported to the DSA in accordance with Defence reporting requirements.21 The types of EO involved in these incidents were largely small arms rounds, but also included other in-service, recently out-of-service and obsolete EO including some projectiles, grenades, mortars, flares and fuses. A DSA investigation into the non-reporting was finalised in early December 2013. Analysis by the DSA of the EO items involved has determined that a large proportion of the incidents involved EO items that, due to their age, condition and/or origin, are not of significant consequence to Defence in relation to security vulnerabilities. Nonetheless, two of the incidents met the criteria for a DSA investigation, including the discovery of a live in-service grenade by a member of the public in a public area; and another nine incidents required further DSA assessment. The non-reporting of the security incidents to the DSA meant that it could not consider potential security vulnerabilities in a timely way.

28. The DSA informed the ANAO that one of the contributing factors to the non-reporting of incidents is that the area involved in the non-reporting was ‘faced with an onerous task associated with recovery of EO, which includes the requirement to submit up to five separate reports, depending on the circumstances of an incident’. The DSA investigation into the non-reporting indicates that the areas of Defence involved were selective in their application of reporting requirements, and the ADF personnel involved made their own assessments on which EO incidents to report as security incidents to the DSA. The Defence units involved respond to approximately 700 EO incidents per year, the majority of which should have been identified as major security incidents and reported to the DSA. However, the DSA investigation found that almost none of these incidents had been reported to the DSA by the proper channels in accordance with existing policy.

29. Notwithstanding Defence’s assessment of security vulnerabilities, the non-reporting of the EO security incidents to the DSA represents a systemic level of non-compliance with current and mandatory Defence-wide policy issued by the Secretary and CDF. As a result of the findings from Defence’s investigation into the non-reporting of the EO security incidents, the DSA is proposing that Defence undertake a number of policy changes such as simplifying reporting arrangements and revising existing policy documents to remove ambiguity. There would be merit in Defence following-up on these initiatives, and any related reform initiatives, through its internal audit function.

Defence’s information systems for recording EO and weapons security incidents and investigations (Chapter 3)

30. DPSMS is the primary and approved electronic system for recording all reports of, and investigations into, major security incidents within Defence. The quality of security incident data in DPSMS has been an ongoing issue, and was identified in ANAO Report No. 37, 2010–11, Management of Explosive Ordnance Held by the Air Force, Army and Navy. The ANAO recommended that Defence improve its incident reporting and data management for EO security incidents (Recommendation No.5).22 In the context of a reporting framework which involves various DIAs entering data into DPSMS based on information provided by reporting areas, there is a shared responsibility to enter data accurately, and a central responsibility to periodically test the integrity of that data.

31. Over a number of years, the DSA has manually adjusted DPSMS data outside of the system in order to accurately report details of security incidents to senior management in Defence. The DSA sought to address data quality issues through a review of all security incident data in DPSMS for the period January 2011 to March 2013. Of the EO and weapons security incident reports examined as part of this review, 73 per cent required some form of data correction, reflecting ongoing issues around the efficiency and effectiveness of data entry. These findings and the significant breaches of EO security incident reporting requirements discussed in paragraph 27, show that Defence has not yet adequately implemented Recommendation No.5 from ANAO Report No. 37, 2010–11, to improve EO security incident reporting and data management. In its response to that recommendation, Defence could also consider reporting and data management for weapons security incidents.

32. Following its DPSMS data quality review, the DSA has undertaken further data quality checks and intends to institute a standard and regular quality assurance process to check data for all security incidents recorded in DPSMS. Introducing mandatory data fields for security incidents, and where practicable, automating data entry for these fields, would assist in improving the quality of the EO and weapons security incident data in DPSMS, and the efficiency of data entry.

33. Effective monitoring and analysis of its records of EO and weapons security incidents and resulting investigations can provide Defence with valuable information on the health of its security framework. However, only a small number of DSA staff have broad access to the EO and weapons security incidents and investigations data within DPSMS, and the DSA does not routinely analyse this data. Defence could therefore be missing opportunities to identify and manage risks, address systemic problems and make improvements to its EO and weapons security arrangements.

34. Reflecting the multifaceted nature of EO and weapons security incidents, and the range of accountabilities at an ADF Service and Defence Group level for managing EO and weapons, Defence uses multiple information systems to record details of these incidents. The use of multiple information systems needs to be well coordinated because it has the potential to undermine Defence’s efforts to achieve central visibility of EO and weapons security incidents, and consequently the Department’s efforts to monitor and manage the risks associated with these incidents. However, at present, no formal arrangements are in place to share and align the information recorded in the different systems.

EO and weapons security incident investigations (Chapter 4)

35. Defence has in place a range of policies, standards and procedures to guide the conduct of security investigations. These investigations are undertaken by six DIAs. There may be multiple inquiries and investigations of a single security incident undertaken by DIAs and ADF units, which address various considerations including appropriate administrative action. These arrangements highlight the challenge for the DSA in monitoring EO and weapons security incident investigations and following-up on their outcomes.

36. The DSA does monitor the overall numbers of EO and weapons security investigations in order to report these numbers to the Defence Executive. However, the DSA does not regularly monitor other DIAs’ or ADF units’ investigations and/or inquiries, nor are the outcomes routinely recorded against the DSA record for the investigation of that EO and weapons security incident. An examination of common themes emerging from EO and weapons security investigations across the DIAs would contribute to Defence’s understanding of trends and potential issues leading to EO and weapons security incidents.

37. As part of this audit, the ANAO examined records of investigations into EO and weapons security incidents undertaken by the DSA from 1 January 2011 to 25 March 2013. During this period, there were 83 security investigations involving the loss, theft or recovery of EO and weapons. Of these 83 investigations, the DSA Security Investigations Unit was the primary case officer in 24 cases (29 per cent). The main reasons for conducting the DSA investigations included that: the EO or weapon(s) reported lost or stolen represented a significant risk to the community; there was a suspected level of criminality in the EO and weapons security incident; and there had been previous EO and weapons security incidents involving the unit or contractor.

38. The DSA investigation reports provided to the ANAO indicate some common reasons for EO and weapons security incidents. These include poor controls at units or depots over EO and weapons handling; lack of adherence to, or poor knowledge of, extant accounting procedures; security breaches including non-compliance with requirements under the DSM; and lack of security awareness or a disregard for some security protocols. The findings of the reports highlight the need for Defence to reinforce, through responsible commanders and managers, the obligations on Defence personnel and contractors to control and secure EO and weapons.

39. Recommendations were made as an outcome of nine of the 24 investigations conducted by the DSA. In these cases, the responsible area was requested to respond to the DSA on any actions taken to implement the recommendations within a specified timeframe, usually within three months after the completion of the investigation report. However, in some cases the responsible area did not respond to the DSA’s requests for advice about implementation of recommendations. Strengthened follow-up by the DSA on the implementation of investigation recommendations, including escalation of issues with responsible senior management when appropriate, would better promote timely management action.23

Agency response

40. Defence’s covering letter in response to the proposed audit report is reproduced at Appendix 1. Defence’s response to the proposed audit report is set out below:

Defence welcomes the ANAO report. Defence has a wide range of security, safety and administrative procedures and policies for the management of explosive ordnance and weapons. Defence acknowledges that there is scope for improvement in the overall management and reporting of explosive ordnance and weapons related security incidents. Defence agrees with the two recommendations made by the ANAO, which will assist with the effectiveness of reporting of explosive ordnance and weapons related security incidents.

Defence takes the security of its weapons, munitions and explosive ordnance very seriously and has a range of measures in place to safeguard them. The effectiveness of the security regime applied to Defence weapons, munitions and explosives is a significant issue for Defence, affecting its reputation, public safety and the public's confidence in Defence's ability to control its equipment.

Defence regularly reviews its policies and procedures on securing and accounting for weapons and munitions, and thoroughly investigates reported loss and/or theft of items either in Australia or overseas.

Recommendations

Recommendation No.1

Paragraph 2.19

To facilitate timely and complete explosive ordnance and weapons security incident reporting, the ANAO recommends that Defence streamline reporting requirements and improve arrangements to coordinate the dissemination of the information reported to relevant Defence stakeholders.

Defence response: Agreed.

Recommendation No.2

Paragraph 2.25

To further contribute to Defence’s visibility over explosive ordnance security incidents and account for items recovered, the ANAO recommends that Defence establish a formal reporting and acquittal process for explosive ordnance handed in during amnesties.

Defence response: Agreed.

Footnotes

[1] Explosive ordnance (EO) is defined as all munitions containing explosives, nuclear fission or fusion materials and biological and chemical agents. Examples include missiles, torpedoes, mines and flares. Defence’s definition of EO also includes similar and related non-explosive EO items and components (for example, containers and packaging). The term ‘weapon’ includes both a ‘Defence weapon’ and a ‘cadet firearm’. See Appendix 2 for Defence’s detailed definitions of EO and weapons.

[2] In addition to historical EO and weapons discovered periodically in the community (such as munitions found on old training sites or equipment retained by previous generations of ADF personnel), modern EO and weapons can surface in the wider community as a result of misappropriation, malfunction or loss.

[3] Department of Defence, Defence Security Manual, September 2012.

[4] The Defence Policing and Security Management System (DPSMS) is Defence’s primary computerised system for recording all reports of, and investigations into, major security incidents.

[5] The Security Investigations Unit in the DSA is one of the six DIAs. The other DIAs are the Australian Defence Force Investigative Service (ADFIS); the Service police organisations of the Army, Air Force and Navy; and the Directorate of Investigation and Recovery within the Inspector General Division. The DIAs are authorised by the Secretary of Defence and the Chief of the Defence Force (CDF) to conduct formal investigations, including into EO and weapons security incidents.

[6] Department of Defence, ‘Security Performance Audit of Weapons Munitions and Explosives’, 17 August 2007. This audit was initiated following advice from the Australian Federal Police (AFP) to Defence of a police investigation into the source of a military rocket launcher in the possession of criminal elements, which the AFP believed could have been of ADF origin. A subsequent ADF and AFP investigation confirmed that the weapon was of ADF origin and thought by Defence to have been disposed of some years earlier. In 2008, a serving Army officer received a jail sentence for the theft and sale of the item. The impact of the theft is ongoing as not all of the stolen weapons have been recovered.

[7] ANAO Audit Report No.37, 2010–11, Management of Explosive Ordnance Held by the Air Force, Army and Navy, April 2011.

[8] The audit did not examine controls of EO and weapons, such as Defence's security arrangements for storing or transporting EO or weapons and ADF base security arrangements.

[9] Defence refers to the Vice Chief of the Defence Force as the single point of accountability for EO in Defence.

[10] Triaging relates to the process of assessing incidents to determine the order and priority of their treatment and investigation.

[11] As part of this audit, the ANAO reviewed Defence data on 693 security incident reports covering the period 1 January 2011 to 25 March 2013.

[12] However, the 162 incidents were reported as EO incidents through other EO reporting channels to other areas of Defence.

[13] The Defence units involved respond to approximately 700 EO incidents per year─the majority of which should have been identified as major security incidents and reported to the DSA. However, the DSA investigation found that almost none of these incidents had been reported to the DSA by the proper channels in accordance with existing policy.

[14] While a DSA investigation into the non-reporting of the security incidents is ongoing, it also indicates that the areas of Defence involved were selective in their application of reporting requirements.

[15] Defence has noted that the Chief Security Officer made a decision to take DSA staff offline in September 2011 to undertake a higher priority task and they only returned to their routine duties at the end of March 2013.

[16] The DSA advised the ANAO that it was not aware of when amnesties occurred, the frequency of amnesties or how they have been managed.

[17] DI(G) ADMIN 45-2 has also now passed its review date of 30 March 2013. In September 2013, Defence informed the ANAO that it is reviewing a range of issues relating to reporting and management of matters for investigation, and that it has deferred the review of the instruction until there is greater clarity on these issues.

[18] This challenge primarily relates to Defence’s efforts to align the requirements of the DSM (which is ‘owned’ by the DSA) and the DI(G) (which is ‘owned’ by the Inspector General Defence).

[19] Defence informed the ANAO that it was possible that for some of the remaining 169 incidents there may have been DSA action that was not able to be identified through the DPSMS report, and that to identify these actions would require examination of each incident record in DPSMS.

[20] The DSA has access to security incident records that are created and managed by other DIAs and is therefore able to determine the number of security incidents that are not formally reported to the DSA in accordance with the DSM. Defence identified 186 such EO and weapons security incidents that were created by other DIAs on DPSMS.

[21] Defence informed the ANAO that following an examination of 177 EO security incidents, Defence had determined that 15 were reported via Significant Incident Reports to the Security Incident Centre, and the remaining 162 were reported as EO incidents through other EO reporting channels. Defence confirmed that the 162 EO security incidents were not reported to the DSA as required by Defence security incident reporting requirements.

[22] At the time of ANAO Audit Report No.37, 2010–11, there was evidence that not all EO security incidents were being promptly reported to the DSA and the extant reporting examined by the ANAO showed some limitations. Defence was not able to provide the ANAO with complete and consistent data on EO security incidents, leading the ANAO to conclude that Defence had yet to achieve visibility of all EO security incidents.

[23] See for example, ANAO Audit Report No.25, 2012–13, Defence’s Implementation of Audit Recommendations which noted that ‘once agreed, audit recommendations become a management responsibility, and an effective system to implement recommendations will feature collective ownership within the agency and an action orientation which promotes timely and adequate management activity.’ (p. 14).