This audit is a part of the ANAO's protective security audit coverage. The objective of this audit was to determine whether agencies audited had developed and implemented sound IT security management principles and practices supported by an IT security control framework, in accordance with Australian Government policies and guidelines. The audit at each agency examined the framework for the effective management and control of IT security, including the management of IT operational security controls and, where applicable, was based on the Australian Government protective security and information and communications technology (ICT) security guidelines that were current at that time.

The audit objective was to assess the effectiveness of the Department of Veterans’ Affairs management of complaints and other feedback to support service delivery. The audit criteria were that DVA has:

• a well-designed framework for managing complaints and other feedback;
• effective processes and practices to manage complaints; and
• appropriately analysed complaints to inform service delivery.

The objective of the audit was to assess the effectiveness of security awareness and training arrangements at selected Australian Government organisations, including whether they addressed selected security issues from the PSM.

The audit objective was to assess the appropriateness of the use and reporting of confidentiality provisions in Australian Government contracts for the 2012 calendar year reporting period.

The objective of the audit was to examine the investment of public funds by selected entities, including: compliance with relevant legislation, delegations and instructions; the value for money of investment strategies; and reporting of investment activities. Six entities were selected for audit, comprising three FMA Act agencies and three Commonwealth authorities. The six entities had aggregrate investments of $1.64 billion as at 30 June 2004 and realised investment earnings of some $80.4 million during 2003/04.

The audit examined the Aboriginal and Torres Strait Islander Commission's (ATSIC's) grant management practices. The audit sought to determine if ATSIC provides fair and equal access to funding, what the risks to the grants program are, if decision-makers receive the key information they need to make informed funding decisions, and if ATSIC staff complying with grants procedures. The ANAO did not examine the appropriateness of the funding decisions made by regional councils.

The objective of the audit was to assess the administrative effectiveness of the CCAS. The audit focused on the following key areas: targeting non-compliance; real time compliance activity; post transaction compliance activity; and planning and performance evaluation. As the imports phase of the Integrated Cargo System (ICS) was only introduced in October 2005, this system was not reviewed as part of the audit. Our audit programme for 2005–06 includes ICS as a potential audit topic.

The Australian Prudential Regulation Authority (APRA) was established on 1 July 1998 as the prudential regulator of banks and other authorised deposit-taking institutions (ADIs), life insurance companies (including friendly societies), general insurance companies, superannuation funds and retirement savings accounts. ANAO's objectives for this audit were to assess the efficiency and effectiveness of APRA's prudential supervision of banks. Prudential supervision aims to protect depositors by ensuring that financial institutions adopt prudent risk management practices designed to ensure their continuing solvency and liquidity. APRA is a relatively new organisation, established in July 1998 and becoming responsible for prudential supervision of all ADIs from July 1999. ANAO concluded that there are steps APRA can take in a number of areas to improve its supervisory practices, including improving the administration of the ADI supervisory levy; strengthening its risk management approach; and maintaining closer adherence to international standards for prudential supervision issued by the Basle Committee on Banking Supervision. ANAO made five recommendations concerning administration of levies, risk-based supervision and supervision of cross-border banking. APRA agreed, or agreed with qualifications, to all recommendations, as well as agreeing with the overall audit conclusions.

The objective of this audit was to assess whether agencies had effectively administered credit cards, including having complied with legislative and internal requirements.

The objective of this audit was to assess DIMIA's management of the tender, evaluation and contract negotiation processes for the Detention Services Contract. Specifically, the audit considered DIMIA's processes for determining value for money based on the department's: evaluation of the request for tender, including the announcement of the preferred tenderer; negotiations with the successful and unsuccessful tenderers; and management of liability, indemnity and insurance.