The objective of this audit was to examine the effectiveness of selected non-corporate Commonwealth entities' arrangements for managing cyber security risks within their procurements and specific contracted providers under the Protective Security Policy Framework (PSPF).

This cross-portfolio audit reviewed the management of Internet security across ten Commonwealth agencies, with the objective of forming an opinion on the adequacy of Internet security management within the selected agencies. The audit pursued two strands - a review of the management systems employed within agencies including the adequacy of risk assessments, security policies and plans, day to day management and business continuity planning in connection with the agencies' Internet presence, and physical testing of the security arrangements of selected Internet sites. Staff from the Defence Signals Directorate were appointed under the Auditor-General Act 1997 to perform the site testing.

Mr P.J. Barrett (AM) - Auditor-General for Australia, presented at the National Public Sector Accountants Conference, Adelaide

Mr P.J. Barrett (AM) - Auditor-General for Australia, presented at the Institute of Internal Auditors Australia. South Pacific and Asia Conference SOPAC 2001, Melbourne

The audit objective was to assess whether Services Australia appropriately managed risks to operating the current welfare payment system and appropriately prepared to transition to the future system.

Mr P.J. Barrett (AM) - Auditor-General for Australia, presented at the InfoHRM Conference, Gold Coast

The objective of the audit was to assess the effectiveness of OPO's management of the overseas owned estate. In particular, the audit examined whether:

• sound arrangements are in place to effectively plan and oversight the management of the overseas estate;
• OPO effectively manages owned property on a day-to-day basis;
• the condition of the overseas owned estate is adequately maintained by structured and systematic repair and maintenance arrangements; and
• OPO has appropriate information to facilitate the effective management of the owned estate, and appropriately consults with stakeholders.

Mr Ian McPhee - Auditor-General for Australia, presented at the CPA Australia - CFO Public Sector Lunch

The objectives of the audit were to determine whether agencies have implemented appropriate risk management strategies for the new banking arrangements, which came into operation on 1 July 1999 and whether cash funds are being managed in accordance with the appropriate legislation, the Commonwealth's agency banking guidance and generally accepted accounting practices. The scope of the audit was restricted to the departmental cash funds management and focused on risk management processes and management accounting controls adopted in the forecasting of cash flows, operation of bank accounts and placement of funds. The audit examined seven agencies, which are not named in the report.

The audit examined aspects of financial management in the Health Insurance Commission (HIC). The audit objective was to examine the effectiveness of the HIC's internal control structures, as well as its financial management framework and processes, in order to form an opinion on their ability to support HIC Commissioners and managers to make informed decisions on the efficient and effective use of Commonwealth resources.