Browse our range of reports and publications including performance and financial statement audit reports, assurance review reports, information reports and annual reports.
Institute of Public Administration Australia — Secretary Series
Please direct enquiries through our contact page.
Dr Caralee McLiesh, Auditor-General for Australia, delivered a speech at the Institute of Public Administration Australia on Wednesday 2 July 2025.
Introduction
Good morning everyone. I would like to begin by acknowledging the traditional custodians of the land on which we meet today, the Ngunnawal people, and pay my respects to their elders past and present. I extend that respect to all Aboriginal and Torres Strait Islander peoples joining us today.
Thank you to the Institute of Public Administration Australia (IPAA) for the opportunity to be here this morning, and for your important role in connecting and supporting the Australian public sector.
I am grateful to be here today and to have the opportunity to do three things:
- First, to introduce myself and role of Auditor-General.
- Second, to offer some early reflections on the public sector — drawing on the insights produced by the Australian National Audit Office (ANAO).
- And third, to outline the strategic direction for the ANAO — and what you can expect from us in the years ahead.
Personal introduction and the role of Auditor-General
Secretary Jones has spoken about my background working in different sectors and places. The common thread in my career is improving performance in the public sector. That is the mindset I bring to this role: whether you are in the Parliament, the public sector, or an oversight institution like the ANAO, our purpose is ultimately to get better outcomes for people in Australia.
It is a privilege to continue that thread as the 16th Auditor-General for Australia. I have long viewed the audit office as a key part of building trust and confidence in our parliamentary system of democracy. Through independent reporting to the Parliament, the executive and the public, audits support transparency, accountability and performance in government administration.
In today’s world, with growing mis- and dis-information, political polarisation and a global shift away from international rules-based order, public trust and confidence in government institutions is either waning or under threat in most Western democracies. Effective institutional checks and balances — like independent audit — are as important now as they ever have been.
The office of the Auditor-General has a long and distinguished history. It was created in the fourth Act of the Australian Parliament, with the first being the Consolidated Revenue Act 1901. Obviously the Commonwealth needed someone to watch over the dollars.
Financial auditing has therefore been in place since Federation. Performance auditing (then known as efficiency auditing) became a function (not always a popular one) after the Coombs Royal Commission in the late 1970s.
After 45 years, the performance audit function has become well-embedded —and of great interest to the Parliament through our special relationship with the Joint Committee of Public Accounts and Audit (JCPAA).
Performance statements auditing joined our suite of services in 2021, and soon we will take on the auditing of climate disclosures.
We are one of the oldest Commonwealth institutions with 124 years of continuous service to the Parliament. Accountability through transparency remains a driving force for the ANAO. Like any steward, my goal is to leave things better than when I came. This means seeking to safeguard and strengthen the institutional settings that underpin the Auditor-General function.
I have come to a respected, highly capable organisation in the ANAO, and I pay tribute to my predecessors and to the ANAO team for that.
Legislative settings are also strong. Under the Auditor-General Act, my role is an independent officer of the Parliament and has complete discretion in exercising the Auditor-General functions or powers. The Act provides for extensive powers to access information and report, alongside strong confidentiality requirements.
Even so, in comparative measures on the independence of auditors-general, the Commonwealth has ranked only 7th out of 10 Australasian jurisdictions.1 Some of the ways in which independence can be strengthened were the subject of a JCPAA review of the Auditor-General Act2, and there is a process underway to respond to the recommendations in the report.
Observations
This morning I’d like to make a few early observations on the public sector, drawing on the ANAO’s work in four thematic areas: integrity, transparency, accountability and performance.
Integrity
In stepping into the role of Auditor-General, I have been struck by the focus on integrity in the Australian Public Service (APS). From the conversations with people I’ve met in the sector, to hearing questions in Parliament, to seeing integrity initiatives in agencies and APS-wide integrity reforms being implemented, I am impressed with the efforts to strengthen integrity.
I would also observe how important it is to maintain and strengthen momentum. The biggest theme in our audit findings is ‘not getting the basics right’ — like adhering to the law, frameworks, and good practices. For example:
- our financial statements audits show persistence in significant findings related to legislative breaches and compliance; and
- around two-thirds of findings relate to weaknesses in basic information technology (IT) controls — such as not cutting off IT system access when a person leaves a role, or authorising IT systems changes. These are not just technical IT matters for IT specialists. They are fundamental business risks to security and the integrity of information systems. They are essential basics to address in a world in which agencies are increasingly using technology, including artificial intelligence (AI).
Encouragingly, we have also seen some improvements through recent interim financial statements audits — for example, the Department of Defence has worked to fix its IT access controls; a good practice from which others can learn.
We also see evidence, through our performance audit work, of not getting the basics right. For example:
- the results of more than half of procurement audits over the last five years were classified as ineffective or partly effective. We observed many instances of breaches of Commonwealth Procurement Rules (CPRs) and instances where advice from agency procurement teams was ignored;
- audits of compliance with gifts and benefits, or conflict-of-interest policies — which can signal tone at the top — continue to identify evidence of senior staff operating outside of the policies; and
- ninety per cent of performance audits over the last five years had negative findings on record keeping. Effective records management is not low-level administration — it is required by law, and it strengthens governance, accountability and performance.
These and other findings raise important questions on how to build capability in the craft of public service, as well as how to provide clarity of expectations and support for staff in understanding and adhering to the law, frameworks and requirements that they administer or that apply to them. Breaches typically are not intended.
One of my reflections after my appointment as Auditor-General is that I wish I’d had a stint in audit earlier in my career. It offers such a valuable perspective. I think the question I would have asked myself at the start of any task is not just ‘How do I get the outcome?’, but also ‘How would this be audited?’. Taking an audit perspective requires you to focus on frameworks, governance, risk management, systems for monitoring, reporting and learning. Even when you know this, it can slip if you are not deliberate.
The ANAO’s findings on integrity also raise important questions on whether risk settings are correct on basic legality and compliance. I have heard some commentary on whether a focus on integrity is imposing too many costs — for example, a trade-off between integrity and delivery. I am of the view that:
- Laws and frameworks are there for a reason. If they are compromised to meet short-term deadlines, this could lead to delivery problems over the longer term. Our audit work is full of examples where shortcuts weren’t only a breach — they led to poor outcomes. These broader and longer-term costs need prominence also.
- If there are instances in which laws and frameworks are imposing unnecessary costs, then it is possible to change those laws or frameworks.
- Unlawfulness and lack of integrity damages the quality of government institutions and erodes public trust and confidence, which is far more costly in the long term. How can the public be expected to follow the law if government departments don’t?
One of the first audits I tabled as Auditor-General was the Implementation and Award of Funding for the Growing Regions Program. In this audit we found a good practice example of a department working hard to deliver program outcomes while also finding solutions to ensure lawfulness (in this case, for the constitutionality of grants). I hope to highlight more cases where delivery and integrity go together.
My predecessor, Grant Hehir, and Deputy Auditor-General, Rona Mellor, had a focus on integrity, and I intend to build upon that throughout my tenure.
Transparency
Coming most recently from New Zealand, one of the more noticeable differences in public service systems is the approach to transparency. The New Zealand Official Information Act starts from a presumption of availability — that requested information will be made available unless there is a good reason not to. It is a strong default, supported by strong conventions like ministers releasing and holding media conferences on Cabinet papers on the same day as decisions are made.
That was a bit confronting when I first arrived in New Zealand, but I quickly came to see how it enabled informed public debate, and participation in democracy. It also promoted accountability. Knowing that your brief is about to get public scrutiny is another incentive to get it right.
Transparency is an important requirement in the Commonwealth government system also. Australia ranks comparatively well on international measures of transparency and there are many good practices like public reporting on contracts through Austender. Despite this, the ANAO continues to find gaps in adherence to transparency requirements and principles.
I have been a bit surprised by some of the approaches I have seen to transparency — for example, information that is marked ‘not for publication’ because of security reasons, but was previously published; a data point marked ‘Cabinet in confidence’ when it was analysis in a background paper that would not be close to revealing deliberations of Cabinet; or officials not directly answering parliamentary questions, and questions on notice answered with ‘refer to website’.
There can be genuine costs of transparency that must be weighed — to security, commercial arrangements, privacy, and Cabinet confidentiality. I have also heard many times about the administrative costs of complying with freedom of information (FOI) laws (although I note good record keeping and technology could reduce those costs), or the risks of perverse incentives to avoid free and frank advice.
But what about the costs of not being transparent?
- The public sector is the custodian of public resources. It is in the public interest to have information on how their public resources are spent.
- A lack of transparency means it is harder for people to understand government activity, obtain information to make decisions, and participate more fully in public life. It weakens accountability in a system that lacks other accountability mechanisms — for example, the public sector does not face market forces, competition or external regulation.
- It erodes trust and confidence in the institutions that the public sector is charged with stewarding.
These are long-term costs, which are difficult to measure and as such are often underplayed in an individual decision on disclosing information.
The ANAO is an important part of the system for transparency in government. At times, that can be a little uncomfortable for audited entities. We will always start with a view to transparency, and we always consider carefully the treatment of sensitive information to determine whether it is contrary to the public interest to disclose in audit reports — as I am required to do by law. I see it as a priority to contribute to transparency in the public sector through my tenure.
Accountability and performance
Next, a few observations on accountability and performance. I’ll focus on the ANAO’s performance statements audits, which go to the big question of accountability and stewardship of public resources: how do we know if services are delivering the results intended?
The ANAO is a leader internationally in auditing performance measures. We are now in the fourth full year of the performance statements audit program with 21 audits planned for the 2024–25 performance statements audit program.
I want to emphasise the importance of this work. Meaningful performance information keeps the Parliament and the public informed about how taxpayer dollars and powers entrusted in the government sector are used to deliver better services. Accountability for performance is at the foundation of trust and confidence in the public sector.
Meaningful performance information is also needed by agencies to run their business: to understand what is working and what needs improvement; and to monitor, learn and change where needed. If we don’t have good measures as evidence, how do we know how to lift performance?
Meaningful performance information can also give insights on whether frameworks are fit for purpose. If we see compliance with frameworks but performance is weak, or we see non-compliance but strong performance, it’s a sign that frameworks may need review.
Around the world, public sector performance measurement remains a challenge. While financial performance systems are well-developed, non-financial performance systems are comparatively weak. It can be hard to measure performance — let alone link performance with finances to assess value for money, or integrate performance reporting for accountability with internal performance management. I don’t know any jurisdiction that says they have perfected performance measurement systems.
In meeting with stakeholders as I commenced my term, I heard leaders speak of: the importance of performance management systems; the need to strengthen them (and recognition that they have not always had the focus they deserve); and the role that performance statements audits are playing in this.
The audits have raised awareness within entities about the value of performance information and, as such, there has been a stronger focus on developing performance frameworks and establishing empowered central performance teams.
The results of audits over the last four years show encouraging evidence of improvement in performance reporting. Compliance with legal requirements and the reliability of measures has strengthened. In entities that have had repeat audits, we see fewer audit findings and growing measures of maturity in performance measurement systems.
While we are seeing improvement, there is further to go. I would like to see our work used to help entities develop good performance measures that tell a story about outcomes and drive business improvements. This means entities measuring what matters, rather than what is easy to measure (or easy to pass audit). We also see very limited reporting on efficiency and productivity measures, which goes to the heart of proper use of resources and is particularly important given today’s challenges.
The ANAO is working with an expert advisory panel consisting of leaders across the sector, which was established to improve performance reporting in the Commonwealth. This includes how we evolve the performance statements audits. For example:
- how we assess use of narrative to explain measures, which is especially important where quantitative measures are not available; and
- how we further calibrate our efforts to risk — with less work on low-risk measures and low-risk audits, and potential for greater coverage of the sector.
As this work develops, there is a real opportunity within the sector for entities to share good practice with one another and improve performance management and accountability in the Commonwealth.
Strategic priorities for the ANAO
These broad themes — integrity, transparency, accountability and performance — underpin our strategic directions in the coming years.
We’ve had lots of great input from across the ANAO team in shaping the strategy. We have landed on 3 high-level strategic priorities, which we will publish in this year’s corporate plan.
Our first strategic priority is having impact where it matters
The ANAO’s stated purpose is to support accountability and transparency in the Australian Government sector through independent reporting to the Parliament, and thereby contribute to improved public sector performance.
Our first strategic priority is about how we lean into that end purpose of better public services to people in Australia.
ANAO audits have had significant impact on Australian public services. Audits have led to changes in legislation — for example, supporting telehealth services or tax debt collection. They have led to improvements in the Commonwealth grant rules and CPRs, to support value for money in public services. For example, 22 per cent of changes to CPRs in 2024 were directly linked to ANAO audits. Audits have also led to a vast range of improvements in the frameworks and practices in individual agencies.
The question here is: how do we maximise that impact?
A focus on impact means keeping outcomes for people in Australia in sight in all of our work. Our goal is not just delivering independent reports to the Parliament. We also need to ask: how is that leading to change for the better? How does our work help to reduce risk, and identify gaps, to help agencies to deliver better services for people in Australia, now and into the future?
We can maximise our impact by selecting topics and focussing our effort on the big risks and priorities for the public sector. This includes fiscal risks, productivity, and integrity. Over the last 8 months I’ve been struck by the incredible detail and precision of the ANAO’s work. It is impressive, and it supports quality. It also means that there are a lot of trees, and we need to ensure we are always stepping back to look at the forest and ask what is strategically important for driving improvements.
The timing of audits also matters for impact. Well-timed audits can inform reviews of frameworks and policy reform. They can also inform delivery. The current government has stated its focus on delivery of reforms. In this environment, early implementation audits to test whether implementation is set up for success can be valuable — rather than waiting until implementation is complete and pointing out how it could have been improved.
I experienced the value of these ‘real time’ audits myself in New Zealand during the pandemic. I remember the New Zealand Auditor-General telling me shortly after the wage subsidy scheme (JobKeeper equivalent) was established that he was going to audit it. I also remember thinking: ‘Why on earth are you doing this to us now?’ The scale, pace and uncertainty of the COVID response already had us under huge pressure — people were working shifts to have 24/7 coverage. But in fact, the audit was enormously valuable. It led to stronger controls in the wage subsidy to reduce waste and fraud and help money to reach those who needed it. I look back at it now as a good example of different parts of the government system working together to get better outcomes.
With impact in mind, we are also seeking to broaden and develop our mix of audit products. For example, we plan to trial greater use of short, sharp performance audits or ‘rapid reviews’, which will take a few months as opposed to the current average of 10 to 12.
We will also invest further in sharing lessons from audit. The ANAO has a unique view of agencies across the public sector. A lot people I’ve met across the sector and also in the Parliament have highlighted to me the importance of sharing our insights. They help entities learn from the experience of others as well as their own. They can also help whole-of-government policy owners (for example, the Department of Finance on CPRs, or the Department of Home Affairs on the protective security policy framework) to understand whether rules are working as intended.
We have a publication called ‘Audit Insights’, which seeks to identify lessons from audit work — covering good practices, case studies of improvement, as well as common pitfalls.
Some of the Insight reports that have been published recently include:
- Auditing Regulatory Activities — in which one of the key takeaways is the need for a risk-based approach to regulation.
- Governance of Data — which highlights five lessons, including the importance of treating data as an asset to enable evidence-based decisions and realise benefits of good data.
- Records Management — in which we publish eight lessons, including the importance of promoting a culture where records management is valued.
- Management of Corporate Credit Cards — which outlines six lessons, including one on preventative and detective controls to prevent misuse.
We will be further developing these Audit Insights reports with a view to making them as practical and useful for the sector as we can. We welcome your feedback as part of this, including on topics you would like to see covered.
Finally, having impact is also about how we communicate and engage. Our reports speak for themselves, but the way we explain our work matters. We influence significant change through our relationships with the Parliament, such as submissions and advice to the JCPAA. For example, the ANAO recommended to the JCPAA to have public reporting on the use of panels in procurement, and this recommendation was put into force yesterday [1 July 2025].
We can also influence through sector engagement and broader communications so that our work is understood and more likely to be acted upon. Reports that are easy to digest, while being balanced and objective, are more likely to be read. Recommendations that are worded to be specific, practical and implementable are more likely to effect change.
As auditors, we cannot be advisors to the public sector. But I am confident that we can be both uncompromising in our independence and objectivity, and also helpful and constructive in sharing our knowledge, and supporting better performance.
Of course, good engagement is a two-way street. In my experience, audits work best when the audited entity is also engaging early; operating on a shared ‘no surprises’ approach, and welcomes the ‘fresh eyes,’ evidence-based view and opportunity to learn.
Our second strategic priority is ‘driving performance through innovation’
Our environment is changing so rapidly: there are new technologies, more complex services, fiscal constraints, shifting geopolitics, changing demographics and community expectations, and more. Our second strategic direction is about how we best adapt our work to stay relevant, and also drive quality and efficiency for both the ANAO and the entities we audit in an environment of rapid change.
Innovation is one area in the ANAO’s staff census results where we perform below the APS average. In many ways, this makes sense — people don’t generally look to audit for maverick ideas. Audit opinions have consequences. A major mistake could be devastating — look at infamous cases in the private sector like Enron or China Evergrande.
To me, the key for innovation in audit is unpacking our risk appetite. I have no tolerance for risk of confidentiality breaches of sensitive information, or failing to identify gross breach of accounting standards. But I have a reasonably high tolerance for risk in trying ways to boost our impact and productivity: like short, sharp audits; new ways to craft our recommendations; or automating routine audit procedures.
For those areas where we seek to innovate, I want to be explicit: it is OK to fail. That is not to say that we welcome failure — but where we agree our goal and risk appetite, accept the risk of failure, and put in place mitigations, it’s OK. If failure happens, we can approach it with curiosity, no blame, and focus on learning. In many instances, I’d rather we try, fail and learn, than not try at all.
The approach to adopting AI is a good example. We can’t just focus on the risk of adopting AI in audit, although there are many risks and they need to be mitigated. We also need to look at risk of not adopting AI. Our audited entities are increasingly using AI and emerging technologies. If we do not build our capability in these technologies, we may not be able to assess risk and do our audit work effectively. Similarly in the APS, if the organisations you regulate and the citizens you serve are using AI and you are not, you risk not being able to do your work effectively. AI can empower audit. We risk less relevance, less impact, less productivity if we do not use it.
Under this strategic priority ‘performance through innovation’, we are seeking to further embrace technology, including AI. We are about to launch a new AI policy to enable our use of AI in audit as well as for non-audit and administrative purposes, while maintaining appropriate guardrails for the risks. We are following lessons from our audit work on governance of technology, and will start with low-risk tasks, then learn, and build capability.
Beyond technology, we are also looking to innovate in our processes and methods. For example, in 2025–26 we will review our methodology for performance statements audit and financial statements audit with the intent of bringing our effort across these services further together. In doing so, we can gain efficiencies for the ANAO but also benefit audited entities, by reducing duplication of effort and enabling the ANAO to coordinate engagement and have a more comprehensive understanding of agency business and risk.
Our third strategic priority is more internally focussed: to inspire and develop our people
People are at the heart of any high-functioning organisation.
Coming into the role, I have been struck by the professionalism, warmth, and strong values of our ANAO team. We have high staff engagement scores and people who are highly skilled, curious and deeply committed to the purpose of the ANAO. I am proud to work with them.
We offer fantastic careers — a way to make a difference for the public service and Australians, interesting and influential work across the entire public sector, and working with great people.
The market for talent is more competitive than ever. Fewer young people are choosing to study auditing, accounting and finance, although we recruit from diverse backgrounds. Expectations in the workforce are changing. Many people are wanting more mobility and more flexibility in their careers. Over the last several years, staff turnover at the ANAO has been high.
In this environment, we need to invest heavily in growing our own talent. Auditors need technical skills, leadership skills and relationship management skills. We’re seeking to grow our people across these domains.
One of the ways we’re doing this that I want to highlight today is by creating more opportunities for our people to step across our audit services and have more opportunities to broaden and develop their skills.
Over time, I would also like to expand opportunities for mobility (for example, secondments) across the public sector, other jurisdictions and the private sector. Mobility of roles isn’t for everyone — there is also value in deep specialist expertise in some areas. But it can be a way to fast-track learning, and you build a bit of empathy and perspective from understanding the world from another side of the fence.
I also believe that a thriving, high-performing workforce depends on a culture of inclusion, wellbeing and support. Auditing can be tough. Sometimes you need to deliver difficult messages, and not all entities are welcoming of that. People bring their best when they feel valued and supported, and so we will be investing in further ways to create a great employee experience.
Closing remarks
If there is one message I’d like you to take away, it is that audit can help you be more effective — to serve the government of the day, serve the Parliament, and serve the public.
At its best, audit is rigorous, frank and fearless — and also insightful, helpful and a way to continually improve.
We will continue our work to press for greater transparency and accountability, and we do so with our shared goal of improving public sector performance and making the lives of people in Australia better. I am looking forward to working together with you to achieve this.