This edition of Audit Insights is targeted at Australian Government officials who have responsibility for the implementation of cyber security controls or strategy for government systems. The aim is to communicate lessons from our audit work to make it easier for people working within the Australian public sector to apply those lessons. It is drawn from audit reports tabled in 2019–20, 2020–21 and 2022–23 into management of cyber security risks.

Welcome to the fourth edition of the ANAO’s Audit Matters newsletter. The purpose of Audit Matters is to provide updates on the ANAO’s work and provide insights on what we are seeing in the Australian Government sector.

Audit Matters complements the range of reports we table in the Parliament as well as our insights products and events and seminars. I hope you find it useful and please forward it on to your colleagues, and encourage them to sign-up for future editions.

Rona Mellor PSM, Deputy Auditor-General

Mr Mr Ian McPhee - Auditor-General for Australia, presented to the Public Sector Audit Network Group

This report complements the Interim Report on Key Financial Controls of Major Entities financial statement audit report published in May 2023. It provides a summary of the final results of the audits of the Consolidated Financial Statements for the Australian Government and the financial statements of 243 Australian Government entities for the period ended 30 June 2023.

The objective of this audit was to examine the effectiveness of the Department of Home Affairs’ management of its public communications and media activities.

Welcome to the inaugural edition of the ANAO’s quarterly Audit Matters newsletter. The purpose of Audit Matters is to inform external audiences — primarily those working in Commonwealth entities — of updates on the ANAO’s work and provide insights on what we are seeing in the Australian Government sector.

Audit Matters complements the range of reports we table in the Parliament as well as our Insights products and events and seminars. I hope you find it useful and please forward it on to your colleagues, and encourage them to sign-up for future editions.

Carla Jago, Acting Deputy Auditor-General

Mr Mr Ian McPhee - Auditor-General for Australia, presented at the CPA Australia 2013 International Public Sector Convention

This edition of audit insights covers audit reports tabled in Parliament during the fourth quarter of 2017–18 with a focus on the key learnings relating to cyber resilience. Cyber security is an increasing risk across government and one that requires attention by Accountable Authorities.

The objective of this information report is to provide transparency and insights on the governing boards of Commonwealth entities and companies and the membership of these boards.

The Australian National Audit Office has undertaken a pilot project to assess the status of the Australian Government performance measurement and reporting framework as a basis for implementation of a future program of audits of entities’ key performance indicators, and to develop a suitable audit methodology. This report presents a summary of the work completed to date.

This audit would assess the effectiveness of the Department of Industry, Science and Resources’ (DISR) policies, program and stewardship to support safe and responsible use of new and emerging technologies in Australia, including Artificial Intelligence.

In February 2025 the Joint Committee of Public Accounts and Audit released its report Inquiry into the use and governance of artificial intelligence systems by public sector entities — ‘Proceed with Caution’ that noted the need for continuing work in this area given the rapid nature of change.

Mr Ian McPhee - Auditor-General for Australia, presented at the World Bank Seminar, Washington DC By Teleconference

The objective of the audit was to assess the effectiveness of Defence’s monitoring of the implementation of ANAO and internal audit recommendations. The audit also examined a sample of ANAO and internal audit recommendations—reported as being complete by Defence—to assess the extent to which these recommendations had been implemented by Defence.

This report complements the interim phase report published in August 2016, and provides a summary of the final results of the audits of the Consolidated Financial Statements for the Australian Government and the financial statements of Australian Government entities.

Mr Ian McPhee - Auditor-General for Australia, presented at the Public Sector Governance Forum of the Australian Institute of Company Directors and The Institute of Internal Auditors - Australia

Given the importance of customer feedback to Centrelink's business, the ANAO considered it timely to conduct a series of performance audits relating to Centrelink's customer feedback systems, particularly in relation to its delivery of the services then provided on behalf of FaCS. The overarching objective of this series of ANAO performance audits of Centrelink's customer feedback systems was to assess whether Centrelink has effective processes and systems for gathering, measuring, reporting and responding effectively to customer feedback, including in relation to customer satisfaction with Centrelink services and processes.

The objective of this audit was to determine whether Health adequately assessed the State and Territory Governments' compliance with their obligations under the terms of the AHCAs. In conducting the audit, ANAO addressed the following criteria:

• if Health assessed whether the States and Territories were adhering to the AHCAs clause 6 principles that all eligible persons had equitable access to free public health and emergency services on the basis of clinical need within an appropriate period;
• if Health assessed whether the States and Territories were increasing their own source funding at the rate specified in the AHCAs; and
• if Health assessed whether the States and Territories were meeting the performance reporting requirements set out in the AHCAs.

The objective of the audit was to assess the effectiveness of the Department of the Environment and Energy’s arrangements for the preparation and reporting of Australia’s greenhouse gas emissions estimates and projections.

The objectives of this audit were to assess, with respect to guarantees, indemnities and letters of comfort:

• changes in the size and nature of the Commonwealth's reported exposure since 30 June 1995;
• the extent of improvement in agencies' management and monitoring of the Commonwealth's exposure to these instruments;
• the approach of agencies to effective risk management and control of Commonwealth exposures to these instruments; and
• whether current reporting practices provide a sufficiently comprehensive coverage for public accountability purposes, at both the agency and whole of government levels.

The Auditor-General for Australia is an independent officer of the Parliament with responsibility under the Auditor-General Act 1997 for auditing Commonwealth entities and reporting to the Australian Parliament. The Auditor-General is supported by the Australian National Audit Office (ANAO).

The office of Auditor-General is a ten year statutory appointment made by the Governor-General on the advice of the Prime Minister. In recognition of the Auditor-General’s status as an officer of the Parliament, the Australian Parliament’s Joint Committee of Public Accounts and Audit (JCPAA) must approve any proposed recommendation for appointment.

The audit objective was to assess the effectiveness of monitoring arrangements (by the Accreditation Agency) and compliance activities (by DoHA) put in place to achieve residential aged care homes’ compliance with the Accreditation Standards and their other, related, responsibilities under the Act and its associated instruments.

The ANAO’s assessment considered whether:

— a sector-wide compliance strategy was in place and aligned with effective monitoring and compliance activities at the operational level;
— there was a clear articulation of the separat but complementary roles and responsibilities of DoHA and the Accreditation Agency; and
— performance information gathered by both agencies to support public reporting and business improvements was useful and enabled comparison of performance over time.

Mr Ian McPhee - Auditor-General for Australia, presented at the CPA Australia - CFO Public Sector Lunch

The objective of this follow-up audit was to review Centrelink's progress in implementing the findings and recommendation relating to Centrelink's Customer Charter from Audit Report No.32
2004–05, Centrelink's Customer Charter and Community Consultation Program. This audit covers Centrelink's Customer Charter only and does not follow-up on the findings and recommendation on the Community Consultation Program aspect of the 2004–05 audit report.

This report summarises audit and other related activities of the Australian National Audit Office in the period January to June 1998.

This report is an information document summarising the audit activities of the ANAO in the period January to June 1997.

This report summarises audit and other related activities of the Australian National Audit Office in the period January to June 1999.

The objective of this audit was to assess the Tax Office's implementation of the nine recommendations of Audit Report No.19 2004–05 Taxpayers' Charter, having regard to any changed circumstances affecting the implementation of the recommendations. This involved an examination of the Tax Office's:

• systems and processes used to develop, maintain and update the Charter;
• strategic commitment to implementing the principles of the Charter;
• integration of Charter principles with its business processes;
• systems for resolving disputes according to Charter principles; and
• monitoring and reporting of its performance against commitments in the Charter.

Quality in the delivery of the ANAO’s audit services is critical in supporting the integrity of our audit reports and maintaining the confidence of the Parliament and public sector entities. The ANAO Corporate Plan 2023–24 is the ANAO’s primary planning document. It outlines our purpose; the dynamic environment in which we operate; our commitment to building capability; and the priorities, activities and performance measures by which we will be held to account. This quality management framework and plan complements the corporate plan. It describes the ANAO’s system of quality management and reflects the ANAO’s responses to quality risks for the coming year.

The ANAO Quality Management Framework is the ANAO’s established system of quality management to provide the Auditor-General with reasonable assurance that the ANAO complies with the ANAO Auditing Standards and applicable legal and regulatory requirements, and reports issued by the ANAO are appropriate in the circumstances.

The quality management framework and plan component of this document identifies the ANAO’s quality objectives and key responses to address identified quality risks and to provide the Auditor-General with confidence that those responses are implemented and operating effectively.

The ANAO reports on the audit quality indicators that measure the ANAO’s performance against target benchmarks in the annual audit quality report published on the ANAO website. The audit quality report also provides transparency with respect to the implementation and operation of the responses to address quality risks for each component of the ANAO’s system of quality management.

Quality in the delivery of the ANAO’s audit services is critical in supporting the integrity of our audit reports and maintaining the confidence of the Parliament and public sector entities. The ANAO Corporate Plan 2025–26 is the ANAO's primary planning document. It outlines our purpose; the dynamic environment in which we operate; our commitment to building capability; and the activities and performance measures by which we will be held to account.

This Quality Management Framework and Plan complements the Corporate Plan. It describes the ANAO’s system of quality management and reflects the ANAO's responses to quality risks for the coming year.

The ANAO Quality Management Framework is the ANAO’s established system of quality management to provide the Auditor-General with reasonable assurance that the ANAO complies with the ANAO Auditing Standards and applicable legal and regulatory requirements, and reports issued by the ANAO are appropriate in the circumstances.

The Quality Management Strategy and Plan component of this document identifies the ANAO’s quality objectives and key responses to address identified quality risks and to provide the Auditor-General with confidence that those responses are implemented and operating effectively.

The ANAO reports on the audit quality indicators that measure the ANAO’s performance against target benchmarks in the annual Audit Quality Report published on the ANAO website. The Audit Quality Report also provides transparency with respect to the implementation and operation of the responses to address quality risks for each component of the ANAO’s system of quality management.

Quality in the delivery of the ANAO’s audit services is critical in supporting the integrity of our audit reports and maintaining the confidence of the Parliament and public sector entities. The ANAO Corporate Plan 2024–25 is the ANAO's primary planning document. It outlines our purpose; the dynamic environment in which we operate; our commitment to building capability; and the activities and performance measures by which we will be held to account. This Quality Management Framework and Plan complements the Corporate Plan. It describes the ANAO’s system of quality management and reflects the ANAO's responses to quality risks for the coming year.

The ANAO Quality Management Framework is the ANAO’s established system of quality management to provide the Auditor-General with reasonable assurance that the ANAO complies with the ANAO Auditing Standards and applicable legal and regulatory requirements, and reports issued by the ANAO are appropriate in the circumstances.

The Quality Management Strategy and Plan component of this document identifies the ANAO’s quality objectives and key responses to address identified quality risks and to provide the Auditor-General with confidence that those responses are implemented and operating effectively.

The ANAO reports on the audit quality indicators that measure the ANAO’s performance against target benchmarks in the annual Audit Quality Report published on the ANAO website. The Audit Quality Report also provides transparency with respect to the implementation and operation of the responses to address quality risks for each component of the ANAO’s system of quality management.