The objective of this audit was to evaluate whether selected Australian Government agencies were effectively managing security risks arising from the use of contractors. To address this objective, the audit evaluated relevant policies and practices in the audited agencies against a series of minimum requirements in the management of security issues in procurement and contracting activity. These minimum requirements were developed from the guidance and standards contained in the PSM and also from the ANAO's previous protective security audits.

The audit focused on two broad types of contracting arrangements: contracting of security functions; and contracting of any service or business function that requires, or which has the potential to require, contractors to access sensitive or security classified information.

The following Australian Government agencies were involved in this audit:

• Australian Customs Service (Customs);
• Commonwealth Superannuation Administration (ComSuper);
• Department of Finance and Administration (Finance); and
• Department of Foreign Affairs and Trade (DFAT).

In addition, the Attorney-General's Department, which is responsible for the maintenance of the PSM and for providing advice on contemporary protective security policies and practices, was consulted during the audit.

The objective of the audit was to assess the ATO's administration of the Surcharge. Specifically, the audit sought to: report on the environment into which the Surcharge was introduced, including the legislative intent behind the Surcharge, and the current Surcharge environment; examine and report on aspects of Surcharge governance; assess the systems, processes and controls the ATO uses to: match Member Contributions Statements (MCS) data with income tax return data using Tax File Numbers (TFNs); process Surcharge information; and issue Surcharge liability assessments. assess the mechanisms the ATO uses to assess, classify, manage and rectify existing Surcharge exceptions, and prevent future exceptions from occurring; and examine the mechanisms and strategies the ATO uses to provide assurance that members and holders of contributions are complying with their Surcharge obligations.

The objective of the audit was to assess the ATO's administration of the LMR. Specifically, the audit sought to: examine and report on aspects of LMR governance; assess the systems, processes and controls used by the ATO to capture and process LMR data reported by providers; examine the mechanisms and strategies the ATO uses to gain assurance that providers are complying with LMR legislation; and assess the mechanisms and strategies the ATO uses to promote awareness of, and enable access to, the LMR.

The follow-up audit assessed the extent to which the Australian Taxation Office (ATO), Department of Health and Ageing (Health), and Medicare Australia had implemented the six recommendations from Audit Report No.47 2001–02, Administration of the 30 Per Cent Private Health Insurance Rebate. The audit also looked at: the implementation of some of the major suggestions for improvement in the original audit; and the current validity of some of the positive major findings from that audit. The audit found that the ATO, Health and Medicare Australia have acted upon the recommendations contained in Audit Report No.47 2001–02 and, overall, the administration of the Rebate is currently being undertaken effectively.

The objective of the audit was to assess the effectiveness of FaHCSIA's management of the Australian Government's responsibilities under the NPARSD. In this respect the ANAO considered whether:

• planning processes enabled effective establishment of the remote service delivery model;
• implementation of the key elements of the remote service delivery model effectively addressed the quality and timing requirements of the NPARSD; and
• performance measurement systems were developed to enable the parties to the agreement to assess whether the NPARSD objectives are being met.

The audit objective was to form an opinion on the effectiveness of the NHMRC's grant administration. To meet this objective the NHMRC was assessed against four criteria:

• the NHMRC's governance arrangements provide appropriate accountability that it is meeting its objectives and obligations to Government (Chapter 2);
• there are strategic and systematic processes for developing and implementing grant programs (Chapter 3);
• the NHMRC manages grants post-award effectively, and complies with legislative requirements and program directives (Chapters 4 and 5); and
• the NHMRC monitors and evaluates its business to demonstrate that outcomes are being met (Chapter 6).

The objective of the audit was to assess the extent to which FaHCSIA, DEEWR and DoHA seek to reduce service delivery risks posed by capacity constraints in Indigenous organisations.

The audit assessed whether Centrelink has effective Business Continuity Management and/or associated risk management procedures and plans in place that: minimise the likelihood of a significant business outage; and in the event of such an outage, minimise disruption of critical services to customers. The audit also assessed whether Centrelink services satisfy special community demands in times of emergency.

The objective of the audit was to examine the effectiveness of the Department of Health and Ageing’s administration of New Directions. In this respect the ANAO considered whether:

• planning processes were developed to support the program’s objectives and rationale;
• implementation arrangements were clearly defined and aligned to the objectives of the program; and
• robust performance management arrangements had been established and were in use by the department.

The objective of the audit was to examine whether the UP and CPP services provided by the Australian Federal Police Protection Service are being managed effectively. In particular, the audit examined:

• whether the Protection function has been effectively integrated into the AFP, and sound arrangements are in place to strategically plan Protection services and manage risks;
• whether Protection staff have access to appropriate training and guidance; and
• the management arrangements for UP and CPP services.