The audit surveyed a wide range of Commonwealth agencies' Year 2000 preparedness, their management of the problem and their application of core corporate governance principles, including risk management disciplines. The scope of the audit reflected the wide ranging ramifications of the Year 2000 problem for agencies' overall functions (whole-of-business) internally as well as in terms of external interactions. The audit objectives were to:

• assess the adequacy of agencies' planning in relation to achieving Year 2000 compliance;
• review and assess agencies' implementation, management and monitoring of Year 2000 compliance strategies;
• review agencies' strategic risk assessments in relation to the Year 2000 changeover; and
• raise surveyed agencies' and other Commonwealth agencies' awareness of the various aspects of the Year 2000 problem.

This cross-portfolio audit reviewed the management of Internet security across ten Commonwealth agencies, with the objective of forming an opinion on the adequacy of Internet security management within the selected agencies. The audit pursued two strands - a review of the management systems employed within agencies including the adequacy of risk assessments, security policies and plans, day to day management and business continuity planning in connection with the agencies' Internet presence, and physical testing of the security arrangements of selected Internet sites. Staff from the Defence Signals Directorate were appointed under the Auditor-General Act 1997 to perform the site testing.

Mr P.J. Barrett (AM) - Auditor-General for Australia, presented t the Australian Society of Certified Practising Accountants Annual Research Lecture - Canberra

The audit process involved an assessment of the payroll arrangements in Commonwealth organisations. The objectives of the audit were to determine whether organisations have established internal control frameworks for the management of payroll operations, assess whether payment of salaries and related expenditures is made in accordance with the relevant terms and conditions of employment, and identify better practices in the management and operations of payroll systems.

The objective of the audit was to assess DIMIA's management of offshore measures to prevent and detect unlawful entry, and to identify opportunities for improvement. The audit did not cover the processing arrangements, referred to as the Pacific Strategy, introduced as part of the legislative changes in September 2001. Nor did it cover the range of measures use for prevention and detection at the border and on shore. As DIMIA is the lead agency responsible for the development of immigration policy, the audit focussed in the administrative effectiveness of the governance framework used by the department to implement and to support the achievement of Government strategies to prevent unlawful entry to Australian Territory.

The objective was to assess the extent to which staff reductions have been managed in a sound strategic and cost-effective manner consistent with the Government's guidelines and the ANAO's 1996 better practice guide Managing APS Staff Reductions. The audit focussed on 3 agencies - the Australian Taxation Office, the former Department of Primary Industry and Energy, and the former Department of Transport and Regional Development. The ANAO found that the majority of staff reductions were achieved through retrenchment rather than natural attrition; and that decisions on the number of retrenchments were not always supported by an assessment of the impact of the reductions on the agencies' abilities to conduct their business.

The ANAO assessed agencies' progress in implementing the seven recommendations of Audit Report No.47 of 1998-99, Energy Efficiency in Commonwealth Operations. The Objectives of the follow-up audit were to

(i) asses the extent to which selected Commonwealth agencies have implemented the recommendations of Report No. 47 of 1998-1999, taking account of any changed circumstances or new administrative issues identified as impacting upon implementation of these recommendations; and

(ii) offer continued assurance to the Parliament on the management of Commonwealth agencies' compliance with the Commonwealth energy efficiency requirements, and to identify areas of better practice in energy management by those agencies.

The objective of this audit was to form an opinion on the effectiveness of Internet security measures within the Commonwealth public sector. The second objective was to provide better practice guidance for managing an Internet connection. The audit covered a range of Commonwealth agencies which had established an Internet facility. It specifically addressed the following matters : Internet security policies; site management - including change control processes, virus prevention and detection strategies, and incident response plans; controls over access to the Internet site and to data sources connected to the site; and user education and training.

The audit objective was to determine whether organisations had implemented adequate control frameworks and processes to mitigate the risks associated with GST obligations and transactions. The scope of the audit covered all aspects of GST processing relating to the revenue and expenditure accounting cycles in six Commonwealth organisations. Audit testing of transactions was based on a statistical sample of 160 GST transactions at each of the organisations.

Grants Scheme in Audit Report No.33 of 1993-94. The major recommendations in that report related to:

• improved quality of claims and control measures;
• optimisation of management planning and control;
• rationalisation of the strategic planning structure;
• improved responsiveness of the scheme; and
• improved accountability to Parliament.

The objective of this follow-up audit was to form an opinion on Austrade's progress with implementing the recommendations of Audit Report No.33 of 1993-94.