The corporate plan is the ANAO’s primary planning document — it outlines our purpose; the dynamic environment in which we operate; our commitment to building capability; and the priorities, activities and performance measures by which we will be held to account.

The plan highlights our desire to engage positively and transparently in delivering audit and support services to the Parliament. In addition, the plan details our approach to risk management, which is critical to successfully meeting our responsibilities in providing professional and independent audits to the Parliament.

The corporate plan is complemented by the annual audit work program, which reflects the ANAO’s audit strategy for the coming year.

The objective of the audit was to assess the effectiveness of ASIO’s arrangements for providing timely and soundly based security assessments of individuals to client agencies.

The audit objective was to assess the effectiveness of physical security arrangements in selected Australian Government agencies, including whether applicable Australian Government requirements are being met.

The objective of the audit was to assess the effectiveness of the management of risks arising from the use of PSDs in selected Australian Government agencies. The PSDs included within the scope of this audit were: USB flash drives; CDs and DVDs; external hard drives; laptop computers and smartphones.

The audit objective was to assess the effectiveness of the Department of Defence’s arrangements for monitoring and reporting explosive ordnance and weapons security incidents.

The audit objective was to assess selected agencies’ compliance with the four mandatory ICT security strategies and related controls in the Australian Government Information Security Manual.

The audit objective was to form an opinion on the adequacy of a select group of Australian Government agencies' management of Internet security, including following-up on agencies' implementation of recommendations from the ANAO's 2001 audit. The agencies audited were Australian Customs Service (ACS), Australian Federal Police (AFP), Australian Radiation Protection and Nuclear Safety Agency (ARPANSA), Department of Employment and Workplace Relations (DEWR), Department of Industry, Tourism and Resources (DITR) and Medicare Australia. Factors considered in selecting agencies were agency size based on funding levels, whether the agency was included in ANAO's 2001 audit (ACS, ARPANSA, and DEWR), whether the agency's ICT was managed in-house or outsourced, and the nature of the agency's website (that is, general or restricted access).

The objective of the audit was to assess the effectiveness of Australian Government agencies' management and implementation of measures to protect and secure their electronic information, in accordance with Australian Government protective security requirements.

The objective of the audit was to assess the effectiveness of security awareness and training arrangements at selected Australian Government organisations, including whether they addressed selected security issues from the PSM.

The objective of the audit was to assess the adequacy and effectiveness of the AEC’s implementation of the recommendation made in ANAO Audit Report No. 28 2009–10 relating to the transport and storage of completed ballot papers.