The objective of this audit is to examine the effectiveness of selected non-corporate Commonwealth entities’ arrangements for managing cyber security incidents.

Audit criteria

The ANAO proposes to examine:

  • Have entities appropriately documented cyber security incident management?
  • Have entities effectively implemented cyber security incident management responses to investigate and respond to cyber security incidents?
  • Have entities effectively implemented processes to mitigate risks where cyber security incident management responses are ineffective?

Work program portfolio

This in-progress Performance audit is featured in 1 annual audit work program portfolio:

Contribution has closed