Given the importance of customer feedback to Centrelink's business, the ANAO considered it timely to conduct a series of performance audits relating to Centrelink's customer feedback systems, particularly in relation to its delivery of the services then provided on behalf of FaCS. The overarching objective of this series of ANAO performance audits of Centrelink's customer feedback systems was to assess whether Centrelink has effective processes and systems for gathering, measuring, reporting and responding effectively to customer feedback, including in relation to customer satisfaction with Centrelink services and processes.

The report summarises the audit and other related activities of the ANAO in the period June to December 2000. It provides a consolidated report of the ANAO's integrated audit products tabled during the period. Key issues examined in the ANAO's performance audit activity in the period were:

• risk management in a corporate governance framework;
• outsourcing and asset sales;
• contract management;
• service delivery;
• data management/management information systems; and
• legislative implementation.

The report also summarised the results of a report summarising the final results of the audits of the financial statements of Commonwealth entities; and dealt with issues regarding financial management issues, controls and processes arising from the financial audit activities conducted during the period.

The objective of the audit was to assess the efficiency, effectiveness and accountability of data management by government agencies. The audit focused mainly on data collected by departments and agencies from non-departmental organisations and institutions.

The audit objective was to form an opinion on the adequacy of a select group of Australian Government agencies' management of Internet security, including following-up on agencies' implementation of recommendations from the ANAO's 2001 audit. The agencies audited were Australian Customs Service (ACS), Australian Federal Police (AFP), Australian Radiation Protection and Nuclear Safety Agency (ARPANSA), Department of Employment and Workplace Relations (DEWR), Department of Industry, Tourism and Resources (DITR) and Medicare Australia. Factors considered in selecting agencies were agency size based on funding levels, whether the agency was included in ANAO's 2001 audit (ACS, ARPANSA, and DEWR), whether the agency's ICT was managed in-house or outsourced, and the nature of the agency's website (that is, general or restricted access).

The objective of the audit was to assess the framework and systems that DHAC has in place to prevent, control, monitor, detect and investigate fraud. The ANAO concluded that DHAC had taken appropriate steps to protect Commonwealth resources under its administration from fraudulent misappropriation by developing a sound fraud control framework, the effectiveness of which is illustrated by the relatively low incidence of reported fraud in the department over the last few years. The framework also includes key elements for preventing and dealing with fraud in line with the Commonwealth's Fraud Control Policy.

The overall objective of the audit was to assess AusAID's management of commercial contracts to deliver Australia's overseas aid program. To this end, the audit examined whether:

• there are sound supporting structures for contract management;
• AusAid effectively manages risks;
• contracts clearly define deliverables;
• services are delivered and payments are made in accordance with the contract;
• there are appropriate arrangements to manage contractor performance;
• strategies appropriately assess and allocate risk between AusAid and contractors; and
• contracts deliver the desired aid outcomes.

The Audit Activity Report: January to June 2003 summarises the activity and outputs of the Australian National Audit Office for the second half of the 2002-03 reporting year. The Report outlines the key findings of performance and financial control audits, and summarises audits tabled and better practice guides published during January to June 2003.

Mr P.J. Barrett (AM) - Auditor-General for Australia, presented at the IIR Conference 'Risks in Outsourcing in the Public Sector'

The overall objective of the audit was to determine whether Health's management and operation of selected IT systems:

• met industry better practice;
• met quality and service delivery parameters set by Health and, if applicable, by the Government; and
• operate effectively, efficiently and economically.

The audit applied selected processes from CobiT (Control Objectives for Information and Related Technology) to assist with the assessment of key aspects of Health's management and operation of IT. The audit builds on ANAO's earlier IT audits using CobiT.

The objective of this audit was to assess the systems put in place by Centrelink to protect data privacy. The audit reviewed the adequacy of the policies, procedures and the administrative framework associated with data privacy, and the computer systems that are used to store and disseminate data. The ANAO also examined compliance with legislative requirements.