The objective of this audit was to evaluate whether selected Australian Government agencies were effectively managing security risks arising from the use of contractors. To address this objective, the audit evaluated relevant policies and practices in the audited agencies against a series of minimum requirements in the management of security issues in procurement and contracting activity. These minimum requirements were developed from the guidance and standards contained in the PSM and also from the ANAO's previous protective security audits.

The audit focused on two broad types of contracting arrangements: contracting of security functions; and contracting of any service or business function that requires, or which has the potential to require, contractors to access sensitive or security classified information.

The following Australian Government agencies were involved in this audit:

• Australian Customs Service (Customs);
• Commonwealth Superannuation Administration (ComSuper);
• Department of Finance and Administration (Finance); and
• Department of Foreign Affairs and Trade (DFAT).

In addition, the Attorney-General's Department, which is responsible for the maintenance of the PSM and for providing advice on contemporary protective security policies and practices, was consulted during the audit.

The audit objective was to form an opinion on the adequacy of a select group of Australian Government agencies' management of Internet security, including following-up on agencies' implementation of recommendations from the ANAO's 2001 audit. The agencies audited were Australian Customs Service (ACS), Australian Federal Police (AFP), Australian Radiation Protection and Nuclear Safety Agency (ARPANSA), Department of Employment and Workplace Relations (DEWR), Department of Industry, Tourism and Resources (DITR) and Medicare Australia. Factors considered in selecting agencies were agency size based on funding levels, whether the agency was included in ANAO's 2001 audit (ACS, ARPANSA, and DEWR), whether the agency's ICT was managed in-house or outsourced, and the nature of the agency's website (that is, general or restricted access).

The objective of the audit was to assess the progress of the M113 Upgrade Project (Defence Project: Land 106), including progress in the development of operational capability resulting from the introduction of the upgraded vehicles into service. The high-level audit criteria used to assess the project’s progress and Defence’s effectiveness in administering the M113 Upgrade Project were:

• the degree to which the schedule for the production and delivery of upgraded M113 vehicles to Defence had been recovered in accordance with Defence’s response to the 2008–09 audit report and contractual requirements, as negotiated over the life of the contract;
• Defence’s measurement and allocation of the total cost of the upgrade project; and
• the development of capability arising from the upgrade project.

The audit examined agency approaches to the management of intellectual property under its control, and identified themes common to the management of all types of intellectual property. The audit objective was to:

(i) form an opinion on whether Commonwealth agencies have systems in place to efficiently, effectively and ethically manage their intellectual property assets; and

(ii) identify areas for better practice in intellectual property management by those agencies.

The objective of the audit was to examine Defence's management of leases that have resulted from property sale and leaseback transactions. Leases subject to review were for a period of ten or more years and included the following six properties: the Defence Plazas in Sydney and Melbourne; the Hydrographic Office Wollongong; DNSDC Moorebank; Campbell Park Offices in Canberra; and ADC Weston Creek in Canberra. The audit examined the process for identifying the properties for sale and leaseback and the sale approval process. The audit sought to determine the basis on which the properties were proposed for sale and leaseback and the financial impact for the Government. The audit also reviewed the lease terms and conditions to determine whether they protect the Government's interests, and examined Defence's management of commitments arising from the leases.

The primary objective of the audit was to assess whether the Department of Communications, Information Technology and the Arts (DCITA) and the Department of Transport and Regional Services (DOTARS) were administering a number of grant programs that are designed to enhance telecommunications infrastructure and services in regional, rural and remote areas of Australia according to better practice. The audit was also aimed at determining whether DCITA had implemented the recommendations of an earlier audit of Networking the Nation.

The audit objective was to assess Health's administration of primary care funding, with a focus on the administrative practices of the Primary Care Division and Health's State and Territory Offices. In forming an opinion on the audit objective, the ANAO reviewed 41 agreements, with a combined value of $252 million. The ANAO also reviewed relevant documentation and files, interviewed programme officers and met with a number of stakeholders. The audit comments on a range of issues, including the utility of funding agreements, monitoring, payments, and support for administrators.

The objective of the audit was to evaluate the policies and practices of selected organisations to determine whether they had established sound arrangements for, and maintained effective control over, the administration of security incidents and investigations.

The objective of the audit was to assess whether the property management function, including the management of leases, was being performed efficiently and was providing an effective level of support for the delivery of the organisation's services (outputs). The audit evaluated property management policies and practices across the following dimensions:

• planning and control;
• business processes and practices; and
• information and performance management.

Within each of these areas, a series of desirable proceses and controls (described as the evaluation criteria) were developed to assist in the assessment of each organisation's performance.

The objective of the audit was to assess the effectiveness of DIT’s and Centrelink’s¹ administration of TFES.

^[1] From 1 July 2011, Centrelink became a master program within DHS.