This audit is a part of the ANAO's protective security audit coverage. The objective of this audit was to determine whether agencies audited had developed and implemented sound IT security management principles and practices supported by an IT security control framework, in accordance with Australian Government policies and guidelines. The audit at each agency examined the framework for the effective management and control of IT security, including the management of IT operational security controls and, where applicable, was based on the Australian Government protective security and information and communications technology (ICT) security guidelines that were current at that time.

The objective of the audit was to examine key aspects of the NBN RFP process, including:

• the background to and conduct of the RFP process;
• management of key risks associated with the process and outcome; and
• stakeholder consultations.

The audit objective was to assess the effectiveness of the Parliamentary Budget Office in conducting its role since being established in July 2012.

Mr P.J. Barrett (AM) - Auditor-General for Australia, presented at a Laboratory for Politicians and Top Managers from Different Public Institutions in Europe

The Audit Activity Report: July-December 2002 summarises performance audit, financial audit and other related activities for the ANAO for the period. The key issues arising from the performance audits are summarised against the ANAO themes. The appendices in the report provide a short summary of each of the audits tabled for this period, the audits in progress as at 1 January 2003 and a list of the presentations and papers given by the Auditor-General and ANAO staff.

Mr P.J. Barrett (AM) - Auditor-General for Australia, Address to University of Canberra students participating in the Graduate Certificate in Performance Auditing

This report summarises audit and other related activities of the Australian National Audit Office in the period January to June 1998.

The report summarises the audit and other related activities of the ANAO in the period January to June 2002. Key issues arising from performance audits tabled in this period are summarised. Appendix 1 of the Activity Report provides a short summary of each of the audits tabled between 1 January 2002 and 30 June 2002.

The Department of Veterans' Affairs (DVA) uses information technology (IT) extensively in providing services to Australia's veteran and defence force communities. The audit reviewed DVA's management of its IT outsourcing contract. The audit considered DVA's planning to meet its strategic IT needs through the IT outsourcing contract, the provisions of the contract, contract administration, management of the impacts of the outsourced services on DVA's business and the outcomes of DVA's approach to the contract.

This cross-portfolio audit reviewed the management of Internet security across ten Commonwealth agencies, with the objective of forming an opinion on the adequacy of Internet security management within the selected agencies. The audit pursued two strands - a review of the management systems employed within agencies including the adequacy of risk assessments, security policies and plans, day to day management and business continuity planning in connection with the agencies' Internet presence, and physical testing of the security arrangements of selected Internet sites. Staff from the Defence Signals Directorate were appointed under the Auditor-General Act 1997 to perform the site testing.