The objective of this audit was to assess the effectiveness of the management of cyber security risks by three government business enterprises or corporate Commonwealth entities. The entities selected for audit are ASC Pty Ltd, the Australian Postal Corporation and the Reserve Bank of Australia.

The ANAO Corporate Plan 2018–19 is the ANAO's key strategic planning document. It guides our operating environment and sets out how we will deliver on our purpose. The corporate plan is complemented by the annual audit work program which reflects the ANAO's audit strategy and deliverables for the coming year.

Mr P.J. Barrett (AM) - Auditor-General for Australia, presented at the Security in Government 95 Conference, Canberra

The objective of the Risk Framework and associated programs of risk management activities is to support effective risk management across all ANAO operations.

The 2025–27 version of this publication is available here.

The fifteenth Commonwealth Auditor-General of Australia, Grant Hehir, has prepared a mid-term report reflecting on his first five years in the role. The report presents a description and analysis of the role and impact of audit, as well as analysis of the financial audit and performance audit work of the Australian National Audit Office (ANAO). The report concludes with coverage of ANAO continuous improvement activities across audit quality, better communication, transparency, efficiency and workforce capability.

The objective of this performance audit was to assess the effectiveness of the conduct of the first National Infrastructure Audit and development of the Infrastructure Priority List.

The audit objective was to assess the effectiveness of DEEWR's administration of the National Partnership Agreement on Literacy and Numeracy (LNNP). The three high-level audit criteria used to form a conclusion examined the extent to which DEEWR:

• established sound administrative and payment arrangements consistent with government policy, including through its negotiation of bilateral agreements, implementation plans and reform targets;
• properly managed administrative and payment arrangements; and
• effectively monitored and reported on delivery and outcomes.

The objective of the audit was to assess the effectiveness of the administration, by DoHA and the Commonwealth partners, of the 2008 and 2011 Heads of Agreement for the management, operation and funding of the Mersey Community Hospital (The Commonwealth partners for this audit were the Tasmanian Government Department of Health and Human Services and the Tasmanian Health Organisation – North West).

The objective of the audit was to assess the effectiveness of AGD's arrangements for coordinating the development of the National Identity Security Strategy.

The ANAO's assessment was based on the following criteria:

• governance arrangements for the NISS;
• progress, to date, of the six NISS elements; and
• AGD's administrative arrangements for developing the NISS.

The objective of this report is to provide the Auditor-General’s independent assurance over the status of the selected Major Projects, as reflected in the Statement by the Secretary of Defence, and the Project Data Summary Sheets (PDSSs) prepared by Defence, in accordance with the Guidelines endorsed by the Joint Committee of Public Accounts and Audit.

The objective of the audit was to assess the effectiveness of the Department of Resources, Energy and Tourism’s administration of the Renewable Energy Demonstration Program (REDP), including progress towards achieving the programʹs objectives.

The audit examined whether the department had established effective arrangements to:

• implement REDP, including governance arrangements;
• assess applications for REDP funding assistance and recommend projects to the Minister for funding approval;
• negotiate funding agreements for approved projects; and
• monitor progress towards the achievement of the REDP objective.

The audit process involved an assessment of the accounts receivable function in eight Commonwealth organisations. The objectives of the audit were to assess whether the processing, collection and overall management of the accounts receivable function was being performed in accordance with applicable legislation, government policy, applicable internal controls, and identify better practices in accounts receivable activities.

The overall objective of the preliminary study was to determine whether a performance audit of the management of corporate sponsorship was warranted. Specifically, the areas canvassed during the preliminary study were:

• policies and guidelines for the management of corporate sponsorship;
• integration of corporate sponsorship into agency planning;
• contractual arrangements;
• evaluation of corporate sponsorship within the agency;
• valuation and reporting of corporate sponsorship; and
• costs and benefits associated with corporate sponsorship.

The preliminary study findings did not warrant proceeding to a full performance audit. However, because corporate sponsorship is likely to be a growing area of importance for the Commonwealth, the ANAO concluded that there was value in producing a better practice guide in addition to the audit report.

The objective of this audit was to assess the effectiveness of Tourism Australia's governance arrangements, the management of its marketing contracts, and whether outcomes are being achieved. The audit reviewed Tourism Australia's:

• procurement processes for selecting service providers;
• management of service provider contracts; and
• governance framework including planning, performance management and reporting.

This report complements the interim phase report published in June 2014 (Audit Report No.44 2013–14), and provides a summary of the final audit results of the audits of the financial statements of 251 Australian Government entities, including the Consolidated Financial Statements for the Australian Government.

Integrity is a core value of the Australian National Audit Office (ANAO) — critical in sustaining the confidence of Parliament, strengthening public trust in government and delivering quality audit products. Maintaining strong institutional integrity is essential to the operations and reputation of the ANAO.

The ANAO Integrity Framework provides an overarching structure to the integrity control system, supporting our institution’s integrity. The Framework serves to assist in ethical decision-making and risk, fraud and misconduct management.

Beyond its control system, the ANAO maintains an enduring focus on promoting integrity as a value that is embedded in our work and culture. The ANAO recognises that integrity demands quality not only in our products but also in the behaviours of our people.

The ANAO Integrity Advisor supports the effective and ongoing application of the Integrity Framework by providing advice to staff regarding integrity matters. The Integrity Advisor is responsible for increasing integrity awareness across the organisation and for reporting annually to the ANAO Executive Board of Management on actions taken under the Framework. The Auditor-General publishes the ANAO Integrity Report to provide increased transparency of the measures we undertake to maintain a high-integrity culture in the ANAO.

The audit objective was to form an opinion on the adequacy of a select group of Australian Government agencies' management of Internet security, including following-up on agencies' implementation of recommendations from the ANAO's 2001 audit. The agencies audited were Australian Customs Service (ACS), Australian Federal Police (AFP), Australian Radiation Protection and Nuclear Safety Agency (ARPANSA), Department of Employment and Workplace Relations (DEWR), Department of Industry, Tourism and Resources (DITR) and Medicare Australia. Factors considered in selecting agencies were agency size based on funding levels, whether the agency was included in ANAO's 2001 audit (ACS, ARPANSA, and DEWR), whether the agency's ICT was managed in-house or outsourced, and the nature of the agency's website (that is, general or restricted access).

The audit objective was to form an opinion on the effectiveness of the NHMRC's grant administration. To meet this objective the NHMRC was assessed against four criteria:

• the NHMRC's governance arrangements provide appropriate accountability that it is meeting its objectives and obligations to Government (Chapter 2);
• there are strategic and systematic processes for developing and implementing grant programs (Chapter 3);
• the NHMRC manages grants post-award effectively, and complies with legislative requirements and program directives (Chapters 4 and 5); and
• the NHMRC monitors and evaluates its business to demonstrate that outcomes are being met (Chapter 6).

Mr P.J. Barrett (AM) - Auditor-General for Australia, presented at the Challenges and Opportunities Seminar, Conducted by the Department of Finance, Canberra

An Assurance and Control Assessment audit of recordkeeping was undertaken across four Commonwealth organisations to assess whether their recordkeeping policies, systems and processes accord with requirements under the Archives Act 1983, with relevant government policies, and with accepted standards and recordkeeping principles; and to identify better practices and recommend improvements. The audit addressed both electronic and traditional records.

The objective of this audit was to provide a strategic review on the progress of the Tax Office's implementation of the Change Program.
 
To achieve this, the ANAO examined:

• the planning for, and governance of, the Change Program, particularly in relation to the management of risk and the assurance framework established by the Tax Office, and its management of contractual arrangements for the project;
• implementation issues associated with Releases 1 and 2 of the Change Program, and more specifically in relation to Release 3, the first use of the new ICP system to process FBT returns; and
• the funding of the Change Program, including measurement and attribution of the costs of the project and consideration of any benefits realisation to date.

The objectives of the audit were to provide assurance that Artbank was effectively meeting its charter of: acquiring art by contemporary artists; expanding the number of public places that Artbank's collection is rented and displayed; and managing its collection and rental scheme. The audit also examined Artbank's governance arrangements, and its programmes for marketing, client development, performance management, budgeting, debt management and also sought client feedback on Artbank's operations via a survey.

The objective of the audit was to assess the effectiveness of the design and management of the National Solar Schools Program (NSSP), including demonstrated progress towards achieving the program's objectives.

The objective of this audit was to examine Australia's preparedness to respond to a human influenza pandemic and an outbreak of avian influenza in domestic poultry. The audit assessed:

• the whole of government arrangements for an influenza pandemic;
• action taken by DAFF to implement the recommendations from Exercise Eleusis, which tested the response arrangements for avian influenza;
• DoHA's planning for, and execution of, Exercise Cumpston, which tested the preparedness and response to an influenza pandemic; and
• the establishment, management and deployment arrangements of the National Medical Stockpile.

The objective of the audit was to assess whether the Strategic Projects component of the Regional and Local Community Infrastructure Program has been effectively designed and administered.

The audit objectives were to assess the effectiveness of:

• selected agencies’ administration in developing advertising campaigns and implementing key processes against the requirements of the Australian Government’s campaign advertising framework, and other key legal and administrative requirements; and
• the ongoing administration of the campaign advertising framework.

The objective of the audit was to assess the coordination of Australian Government assistance to Solomon Islands through RAMSI, including the establishment of objectives and an outcomes monitoring framework. In particular, the audit examined arrangements for: coordination between Australian Government agencies; strategic planning and risk management; measuring the effectiveness of RAMSI; and reporting to RAMSI's Australian stakeholders.

The objective of the audit was to assess whether selected Commonwealth organisations had utilised better practice principles when establishing the role, and managing the use of their internal audit groups. In order to evaluate internal audit, the Australian National Audit Office (ANAO) first considered the status and accountabilities of internal audit within the overall governance framework of the organisations audited, in particular its accountabilities to the audit committee.

The audit objective was to determine whether Australian Government agencies were implementing appropriate policies and processes to identify and manage conflicts of interest.

The objective of the audit was to assess the administrative effectiveness of FaHCSIA's management of the GBM initiative, and the extent to which the initiative has contributed to improvements in community engagement and government coordination in the Northern Territory.

The audit focused on FaHCSIA's management of the GBM initiative under the NTER. The audit scope did not include additional functions assigned to some GBMs in the Northern Territory under the National Partnership Agreement on Remote Service Delivery (the National Partnership Agreement), or to Australian Government staff with similar roles and functions supporting the implementation of the National Partnership Agreement in Queensland and Western Australia.

The objective of the audit was to assess the effectiveness of the Department of Agriculture, Fisheries and Forestry’s administration of the Northern Australia Quarantine Strategy. The ANAO examined whether the department had established effective:

• administrative and governance arrangements to support NAQS;
• processes for identifying biosecurity risks and conducting scientific activities to address identified risks;
• arrangements for managing the quarantine aspects of Torres Strait border movements; and
• public awareness activities that reflect identified biosecurity risks and support the program’s objectives.

This report complements the Interim Report on Key Financial Controls of Major Entities financial statement audit report published in May 2023. It provides a summary of the final results of the audits of the Consolidated Financial Statements for the Australian Government and the financial statements of 243 Australian Government entities for the period ended 30 June 2023.

The audit reviewed the operations of the Civil Aviation Authority (CASA), which has prime responsibility for regulating aviation safety in Australia. The audit objectives were to assess the efficiency and effectiveness of the management systems and procedures used by CASA to ensure compliance with regulatory controls by Air Operator's Certificate holders operating passenger-carrying aircraft within High Capacity Regular Public Transport; Low Capacity Regular Public Transport and charter industry sectors; and Certificate of Approval holders. Aviation safety compliance includes entry control, surveillance and enforcement.

Quality in the delivery of the ANAO’s audit services is critical in supporting the integrity of our audit reports and maintaining the confidence of the Parliament and public sector entities. The ANAO Corporate Plan 2023–24 is the ANAO’s primary planning document. It outlines our purpose; the dynamic environment in which we operate; our commitment to building capability; and the priorities, activities and performance measures by which we will be held to account. This quality management framework and plan complements the corporate plan. It describes the ANAO’s system of quality management and reflects the ANAO’s responses to quality risks for the coming year.

The ANAO Quality Management Framework is the ANAO’s established system of quality management to provide the Auditor-General with reasonable assurance that the ANAO complies with the ANAO Auditing Standards and applicable legal and regulatory requirements, and reports issued by the ANAO are appropriate in the circumstances.

The quality management framework and plan component of this document identifies the ANAO’s quality objectives and key responses to address identified quality risks and to provide the Auditor-General with confidence that those responses are implemented and operating effectively.

The ANAO reports on the audit quality indicators that measure the ANAO’s performance against target benchmarks in the annual audit quality report published on the ANAO website. The audit quality report also provides transparency with respect to the implementation and operation of the responses to address quality risks for each component of the ANAO’s system of quality management.

The objective of the audit was to assess the development of Defence’s oversight and management of its portfolio of ICT investments and projects. In particular, the audit examined Defence’s:

• governance, strategic processes and decision-making structures that set out, prioritise and coordinate the integrated ICT reform portfolio and programs;
• ICT risk management and capacity to identify and plan to achieve the benefits of its SRP ICT stream reforms (including methodologies to measure the realisation of savings and non-savings benefits);
• level of portfolio and program management maturity; and
• the impact of improvement efforts on Defence’s ability to deliver the ICT services capacity required to support the SRP.

Mr P.J. Barrett (AM) - Auditor-General for Australia, presented at the Institute of Internal Auditors Australia. South Pacific and Asia Conference SOPAC 2001, Melbourne

The objective of this audit was to assess the administration of internal fraud control arrangements in the ATO and to identify areas with potential for improvement as well as identified better practice. To achieve this objective the ANAO focussed on five key areas. These were:

• the application of the ATO's corporate governance processes to the internal fraud control activities;
• the prevention of internal fraud within the ATO;
• the related use of information technology to minimise fraud risks;
• the detection of internal fraud within the ATO; and
• ATO fraud investigation procedures and practices.

The audit reviewed the efficiency and effectiveness of the Department of Health and Ageing's (Health's) planning and conduct of the review undertaken to determine the recommendation to the Government on whether or not to exercise the extension option available to the Commonwealth under the Plasma Fractionation Agreement with CSL Limited. The audit was undertaken in response to a recommendation of the Joint Committee of Public Accounts and Audit.

Quality in the delivery of the ANAO’s audit services is critical in supporting the integrity of our audit reports and maintaining the confidence of the Parliament and public sector entities. The ANAO Corporate Plan 2025–26 is the ANAO's primary planning document. It outlines our purpose; the dynamic environment in which we operate; our commitment to building capability; and the activities and performance measures by which we will be held to account.

This Quality Management Framework and Plan complements the Corporate Plan. It describes the ANAO’s system of quality management and reflects the ANAO's responses to quality risks for the coming year.

The ANAO Quality Management Framework is the ANAO’s established system of quality management to provide the Auditor-General with reasonable assurance that the ANAO complies with the ANAO Auditing Standards and applicable legal and regulatory requirements, and reports issued by the ANAO are appropriate in the circumstances.

The Quality Management Strategy and Plan component of this document identifies the ANAO’s quality objectives and key responses to address identified quality risks and to provide the Auditor-General with confidence that those responses are implemented and operating effectively.

The ANAO reports on the audit quality indicators that measure the ANAO’s performance against target benchmarks in the annual Audit Quality Report published on the ANAO website. The Audit Quality Report also provides transparency with respect to the implementation and operation of the responses to address quality risks for each component of the ANAO’s system of quality management.

New transactional banking arrangements for FMA agencies came into effect on 1 July 1999. The audit reviewed selected agencies' implementation and ongoing management of contractual banking arrangements; agencies' tendering for the procurement of banking services; and identified practises that have improved administrative arrangements. The audit examined Finance's role in planning and implementing the new arrangements as well as implementation in the Australian Customs Service (Customs) the Department of Transport and Regional Services (DTRS), the Department of Education, Science and Training (DEST), and the Department of Immigration and Multicultural and Indigenous Affairs (DIMIA).

The objective of the audit was to assess the ATO's administration of the LMR. Specifically, the audit sought to: examine and report on aspects of LMR governance; assess the systems, processes and controls used by the ATO to capture and process LMR data reported by providers; examine the mechanisms and strategies the ATO uses to gain assurance that providers are complying with LMR legislation; and assess the mechanisms and strategies the ATO uses to promote awareness of, and enable access to, the LMR.

The audit objectives were:

• to assess the effectiveness of the revised certification process in promoting compliance of government advertising campaigns (campaigns) with the March 2010 Guidelines on Information and Advertising Campaigns by Australian Government Departments and Agencies (2010 Guidelines);
• to assess the effectiveness of agency administration in developing campaigns and implementing key processes against the requirements of the campaign advertising framework;
• to assess the effectiveness of Finance’s administration of the campaign advertising framework; and
• to assess the effect on campaigns of an exemption from the 2010 Guidelines.

Quality in the delivery of the ANAO’s audit services is critical in supporting the integrity of our audit reports and maintaining the confidence of the Parliament and public sector entities. The ANAO Corporate Plan 2024–25 is the ANAO's primary planning document. It outlines our purpose; the dynamic environment in which we operate; our commitment to building capability; and the activities and performance measures by which we will be held to account. This Quality Management Framework and Plan complements the Corporate Plan. It describes the ANAO’s system of quality management and reflects the ANAO's responses to quality risks for the coming year.

The ANAO Quality Management Framework is the ANAO’s established system of quality management to provide the Auditor-General with reasonable assurance that the ANAO complies with the ANAO Auditing Standards and applicable legal and regulatory requirements, and reports issued by the ANAO are appropriate in the circumstances.

The Quality Management Strategy and Plan component of this document identifies the ANAO’s quality objectives and key responses to address identified quality risks and to provide the Auditor-General with confidence that those responses are implemented and operating effectively.

The ANAO reports on the audit quality indicators that measure the ANAO’s performance against target benchmarks in the annual Audit Quality Report published on the ANAO website. The Audit Quality Report also provides transparency with respect to the implementation and operation of the responses to address quality risks for each component of the ANAO’s system of quality management.

The main objectives of the audit were to assess the management and administration of protective security across Commonwealth agencies and to identify, recommend and report better practice in security management. Particular attention was paid to:

• compliance with Government policy, standards and guidelines;
• the role of management in protective security; and
• the operation of security systems and practices.

The audit criteria and procedures to assess the management and administration of the individual organisations examined were largely based on the overall control framework of an organisation and the guidance provided in the current Commonwealth Protective Security Manual.

The objective of this audit was to assess whether the OneSKY tender was conducted so as to provide value with public resources and achieve required timeframes for the effective replacement of the existing air traffic management platforms.

This report complements the interim phase report published in August 2016, and provides a summary of the final results of the audits of the Consolidated Financial Statements for the Australian Government and the financial statements of Australian Government entities.

The examined the $1 billion Federation Fund program, which was established by the Government to mark the Centenary of Federation. The objectives of the examination were to assess the:

• extent to which the administration of the FCHP program complied with better practice in the assessment of applications, especially in relation to the transparency and rigour of the decision-making process;
• equity of the geographic spread of grants to States and electorates; and
• process for the announcement of the results of grant applications.

The objective of the audit, in examining the construction of the CIIDC, was to assess:

• the adequacy of the planning and delivery processes for the project;
• the value-for-money achieved in the delivery of the project, including with regard to the suitability of the centre for its intended purpose; and
• the extent to which the Public Works Committee Act.

The report objective is to provide the Auditor-General’s independent assurance over the status of 30 selected Major Projects, as reflected in the Statement by the Chief Executive Officer Defence Materiel Organisation (DMO), and the Project Data Summary Sheets prepared by the DMO, in accordance with the Guidelines endorsed by the Joint Committee of Public Accounts and Audit.

The Shadow Minister for Health and Ageing, Mr Stephen Smith, wrote to the Auditor-General on 11 March 2002 formally requesting an investigation into certain matters in relation to the 'Co-Location of National General Practice Organisations', a message detailed in the Health Portfolio Additional Estimates Statements 2001-02. The Federal President of the Australian Medical Association (AMA) Limited wrote to the Auditor-General on 11 March 2002, requesting a comprehensive audit of funding decisions by the Minister for Health and Ageing. The Australian National Audit Office has undertaken a preliminary examination of relevant papers relating to the 'GP House' matter. The preliminary examination focussed on whether or not due process was followed in making the decision to transfer funds between Outcomes. The preliminary examination also considered the procedures adopted by the Department of Health and Aged Care in developing the funding proposal, the advisory role played by the Department of Finance and Administration and specific advice provided by both departments to their Ministers. The examination further considered the disclosure of the related budget measure.

The audit objective was to assess the effectiveness of the department's administration of general recurrent grants paid to the States and Territories for government schools. To achieve this, the ANAO assessed whether the department:

• paid the correct amount of general recurrent grants to the States and Territories;
• effectively managed the agreements with the States and Territories; and
• monitored progress towards achieving the National Goals for Schooling in the Twenty-First Century.

The audit objective was to examine the effectiveness of the department's establishment of the P21 element of the BER program. The focus of the audit was on: the establishment of administrative arrangements for BER P21 in accordance with government policy; the assessment and approval of funding allocations; and the arrangements to monitor and report BER P21 progress and achievement of broader program outcomes. An examination of individual BER P21 projects was outside the scope of the audit.

The audit objective was to assess the effectiveness of the Department of the Prime Minister and Cabinet’s administration of the IA framework to enable well-informed and transparent Australian Government decision-making.

The audit objective was to assess the effectiveness of the Department of Health and Ageing's administration of health workforce initiatives in rural and remote Australia.

The objective of the audit was to assess the effectiveness of Defence’s monitoring of the implementation of ANAO and internal audit recommendations. The audit also examined a sample of ANAO and internal audit recommendations—reported as being complete by Defence—to assess the extent to which these recommendations had been implemented by Defence.

The objective of this audit was to determine the extent to which selected agencies have implemented the two recommendations of the previous audit; and the appropriateness of advice provided by Finance and the ATO. To address this audit objective, the audit assessed:

• the roles of Finance and the ATO in clarifying: the interaction of the PB and SG Act; the ongoing role of the PB Act; and mechanisms to monitor Australian Government organisations' compliance with the PB Act;
• the extent to which Finance and the ATO have provided guidance and other support to assist Australian Government organisations manage and meet statutory superannuation obligations for eligible contractors; and
• whether Australian Government organisations have managed and met statutory superannuation obligations for contractors in past and current contracts.

The objective of the audit was to examine the effectiveness of the Department of Agriculture, Fisheries and Forestry’s administration of the Tasmanian Forests Intergovernmental Agreement Contractors Voluntary Exit Grants Program.

The objective of the audit was to assess the adequacy and effectiveness of the BCM practices and procedures within the Tax Office in preparing for, or responding to, disruptions to ‘business as usual' operations.

The audit objective was to assess the effectiveness of DoHA’s administration in supporting the creation and development of health infrastructure from the HHF, including DoHA’s support for the Health Minister and the HHF Advisory Board.

The objectives of this audit were to assess, with respect to guarantees, indemnities and letters of comfort:

• changes in the size and nature of the Commonwealth's reported exposure since 30 June 1995;
• the extent of improvement in agencies' management and monitoring of the Commonwealth's exposure to these instruments;
• the approach of agencies to effective risk management and control of Commonwealth exposures to these instruments; and
• whether current reporting practices provide a sufficiently comprehensive coverage for public accountability purposes, at both the agency and whole of government levels.