The purpose of this follow-up audit was to report on action taken by the Department of Social Security and Centrelink in addressing the recommendations of Audit Report No.23 1993-94 Protection of Confidential Client Information from Unauthorised Disclosure. The objectives were to:

• ascertain the extent to which the recommendations of the original audit have been implemented;
• identify other changes made in relation to data confidentiality within the Social Security portfolio since 1993;
• assess the impact of the changes made; and
• identify any scope for further improvement.

Although the audit examined broader aspects of the ATO's administration (such as, tobacco excise governance arrangements, intelligence capability and compliance and investigations activities), we placed particular emphasis on the strategies used by the ATO to address the proliferation of chop-chop (Australian grown tobacco sold illicitly in a chopped up form for $80 to $100 per kilogram. In comparison, 50 grams of legal roll-you-own tobacco costs around $16 i.e. $320 per kilogram) in the Australian markets, as it is an area of major risk to tobacco excise revenue.

The objective of this audit was to establish whether Defence has developed sound fraud control arrangements that are consistent with better practice and fulfil its responsibilities for the protection of public property, revenue, expenditure, and rights and privileges from fraudulent exploitation.

The objectives for the audit were to examine Commonwealth guarantees, indemnities and letters of comfort in relation to:

• the potential size of the Commonwealth's exposure to these instruments;
• the extent to which the overall exposures of the Commonwealth are managed and monitored;
• the adequacy of administrative reporting arrangements;
• areas of better administrative practice relating to their management; and
• to raise agencies' awareness of appropriate risk management and accountability practices in relation to these instruments.

The audit set out to quantify the Commonwealth's exposure to guarantees, indemnities and letters of comfort.

The objective of the audit was to determine whether DEST has effective governance practices for its IT and e- Business; has adequate systems in place to measure the efficiency and effectiveness of its IT and e-Business; implements and maintains appropriate quality standards within its IT and e-Business systems; and implements proper controls, including risk management, to achieve maximum benefits from its IT and e- Business. The audit examined education and training services provided, or managed, by DEST via IT or the Internet.

The objective of this audit was to assess the administration of internal fraud control arrangements in the ATO and to identify areas with potential for improvement as well as identified better practice. To achieve this objective the ANAO focussed on five key areas. These were:

• the application of the ATO's corporate governance processes to the internal fraud control activities;
• the prevention of internal fraud within the ATO;
• the related use of information technology to minimise fraud risks;
• the detection of internal fraud within the ATO; and
• ATO fraud investigation procedures and practices.

The Navy Operational Readiness audit examined the systems that Navy uses to manage readiness and concludes coverage of Navy: readiness organisation and management structures (as well as the interface between these systems and Defence enabling operations); management and maintenance of operational readiness (covering personnel, collective training and other components of operational readiness); and readiness performance information processes. The objective of the audit was to provide assurance to Parliament concerning the progress that Navy has made in the development of operational readiness management and evaluation systems and to identify areas for improvement in these systems.

The objectives of this audit were to examine the management of business support service contracts in selected agencies to: assess the effectiveness of business support service contract management in the transition, ongoing management and monitoring and succession planning stages of the contract management lifecycle; and identify examples of better practice and opportunities for improvement for individual agencies and Australian Government agencies more broadly.

The audit reviewed the management of trust monies in five Commonwealth organisations. The objectives of the audit were to:

• assess whether selected Commonwealth organisations were managing trust monies in accordance with legal and administrative requirements and better practice principles;
• identify better practices in the management of trust monies; and
• recommend improvements in the controls and practices relating to the management of trust monies.

The audit examined the management of computer software assets at four Commonwealth bodies. It focused on the capitalisation of software for the purposes of annual financial reporting. The specific objectives were to: determine whether the selected bodies had established effective internal control frameworks for the capitalisation of externally acquired and internally developed software; and assess whether software costs were capitalised in accordance with organisational policy, accounting standards and relevant legislation.