The objectives of this audit were to:

• examine the effectiveness of ASIC's processes for receiving reports of suspected breaches of the Corporations Act; and
• assess the efficiency with which statutory reports are referred and investigated by ASIC.

The audit commenced in February 2006. ANAO undertook an assessment of ASIC's processes for receiving and referring for investigation statutory reports. ANAO also undertook a detailed examination of a random sample of 416 statutory reports received by ASIC in the period 2002–03 to 2004–05.

The audit scope did not extend to the role of the Commonwealth Director of Public Prosecutions in prosecuting offences referred to it by ASIC.

This audit would continue the ANAO’s series of audits on cybersecurity.

The scope would include comparing the entities’ cybersecurity frameworks and controls against the controls required under the Protective Security Policy Framework (Policy 2 — Management structures and responsibilities, Policy 4 — Security maturity monitoring, and Policy 10 — Safeguarding information from cyber threats) and the Australian Signals Directorate’s Essential Eight Maturity Model.

The audit reviewed Commonwealth National Parks involving total assets of $105 million with net operating costs of $41.77 million. Nineteen Commonwealth reserves are declared comprising six terrestrial national parks, one botanic garden and twelve marine parks and reserves totalling some 23 million hectares across Australia, its external territories and Commonwealth marine areas. The objective of the audit was to examine and report on the adequacy of the planning, management and reporting systems which support the Director of National Parks in the achievement of required functions under relevant legislation and agreed outputs and outcomes.

This cross-portfolio audit reviewed the management of Internet security across ten Commonwealth agencies, with the objective of forming an opinion on the adequacy of Internet security management within the selected agencies. The audit pursued two strands - a review of the management systems employed within agencies including the adequacy of risk assessments, security policies and plans, day to day management and business continuity planning in connection with the agencies' Internet presence, and physical testing of the security arrangements of selected Internet sites. Staff from the Defence Signals Directorate were appointed under the Auditor-General Act 1997 to perform the site testing.

The audit objective was to assess the effectiveness of the implementation and administration of the AASC program by the ASC. The extent to which the ASC is able to determine that the program is achieving its objectives was also examined. Particular emphasis was given to the following areas:

• the implementation and the ongoing management of program; and
• the selection of sites and administration of grants funded under the program.

The elements of the Building a Healthy, Active Australia package undertaken by other agencies were not included in the scope of this audit.

The audit objective was to assess selected agencies’ compliance with the four mandatory ICT security strategies and related controls in the Australian Government Information Security Manual.

The objective of the audit was to assess the effectiveness of Australian Government agencies' management and implementation of measures to protect and secure their electronic information, in accordance with Australian Government protective security requirements.

The objectives of this audit were to:

• examine whether the appointment of CMAX Communications Pty Ltd as a provider of communications support and advice for the 2020 Summit was consistent with the Commonwealth procurement framework and sound principles of public administration; and
• assess the effectiveness of the administration of the CMAX Communications contract by PM&C.

The objective of the performance audit was to report to Parliament our assessment as to how well the ATO manages and uses the AIIR data in taxation administration. The ANAO considered the following four key areas in addressing the audit objective. 1. Governance arrangements within the ATO, focussing on whole of ATO and whole-of-government aspects of the AIIR data, as distinct from solely business line applications. 2. Receipt of AIIR data and how well the ATO facilitates the collection of complete and valid AIIR data from investment bodies 3. Management of AIIR data through the construction by the ATO of valid entity records by using the AIIR data in conjunction with existing ATO client identification master files. 4: Use of the AIIR data on a systematic basis to inform active compliance activities.