Physical Security Arrangements in Commonwealth Agencies, No.23 2002-2003 Protective security involves the total concept of information, personnel, physical, information technology and telecommunications security. The Commonwealth's Protective Security policy is outlined in the Protective Security Manual (PSM). It provides specific guidance to agencies on the protection of the Commonwealth's assets, personnel and clients from potential security threats. This audit evaluated the protective security policies and practices of seven Commonwealth agencies to determine whether they had established an appropriate physical security control framework based on the principles outlined in Part E of the Commonwealth's Protective Security Manual. The ANAO also examined whether agencies had considered the risks of, and developed an appropriate policy statement on, the physical security arrangements for employees who work from home.

The objective of the audit was to evaluate the Department's performance in pursuit of selected PBS program objectives and outcomes, including to investigate and evaluate the economy, efficiency, administrative effectiveness and accountability of the management of the listing process as a significant element of the program. This involved a review of the developments in the listing process over recent years including: the establishment of a comprehensive database of major applications for PBS listing between 1991 and 1996, which facilitated a detailed analysis of the time taken to list drugs on the PBS schedule; a technical consultancy into the DHFS' Guidelines to industry for preparation of applications for PBS listing, and into the use of the economic analysis in assessing proposals for PBS listing; and a review of the selection process including the operations of the PBS advisory committees.

The Australian Prudential Regulation Authority (APRA) was established on 1 July 1998 as the prudential regulator of banks and other authorised deposit-taking institutions (ADIs), life insurance companies (including friendly societies), general insurance companies, superannuation funds and retirement savings accounts. ANAO's objectives for this audit were to assess the efficiency and effectiveness of APRA's prudential supervision of banks. Prudential supervision aims to protect depositors by ensuring that financial institutions adopt prudent risk management practices designed to ensure their continuing solvency and liquidity. APRA is a relatively new organisation, established in July 1998 and becoming responsible for prudential supervision of all ADIs from July 1999. ANAO concluded that there are steps APRA can take in a number of areas to improve its supervisory practices, including improving the administration of the ADI supervisory levy; strengthening its risk management approach; and maintaining closer adherence to international standards for prudential supervision issued by the Basle Committee on Banking Supervision. ANAO made five recommendations concerning administration of levies, risk-based supervision and supervision of cross-border banking. APRA agreed, or agreed with qualifications, to all recommendations, as well as agreeing with the overall audit conclusions.

The objective of the audit was to review AUSTEL and the Spectrum Management Agency's approaches to service delivery against recognised good practice and to identify opportunities for the new Australian Communications Authority to adopt the relevant features of these approaches in its service delivery.

Although the audit examined broader aspects of the ATO's administration (such as, tobacco excise governance arrangements, intelligence capability and compliance and investigations activities), we placed particular emphasis on the strategies used by the ATO to address the proliferation of chop-chop (Australian grown tobacco sold illicitly in a chopped up form for $80 to $100 per kilogram. In comparison, 50 grams of legal roll-you-own tobacco costs around $16 i.e. $320 per kilogram) in the Australian markets, as it is an area of major risk to tobacco excise revenue.

The Commonwealth has significant foreign exchange risk exposures including $A8.4 billion of foreign currency transactions with the Reserve Bank of Australia in 1998-99. Under the Financial Management and Accountability Act and its associated Regulations, all agencies are required to assess and, where possible, manage, foreign exchange risk. The audit reviewed four agencies that have substantial foreign currency payment exposures namely:

• the Department of Defence;
• the Australian Agency for International Development;
• the Department of Foreign Affairs and Trade; and
• the Department of Finance and Administration.

The objective of the audit was to identify and assess the efficiency and cost effectiveness of the management of foreign exchange risk across the selected agencies, also to identify opportunities to improve the management of foreign exchange risk, including any associated potential financial savings that could accrue to the Commonwealth.

The audit considered the way organisations in the APS process and use cost information. The specific objective was to form an opinion on whether costing processes and uses were: valid, cost effective, and in accordance with the principles of better practice.

The audit examined the ATO's management of its relationship with tax practitioners (tax agents and the wider group of professionals working on taxation matters for clients). However, our main focus was the ATO's management of its relationship with tax agents because they are the core element of the tax practitioner grouping and their role is fundamental to the effective operation of the tax system. The objective of the audit was to assess how well the ATO manages its relationship with tax practitioners, focussing on selected ATO relationships with tax practitioners, in particular its regulatory relationship with tax agents, its service support relationship with tax agents and its relationship with tax agents and members of the wider tax practitioner group in the professional bodies as key stakeholders in tax administration.

The audit reviewed the implementation of the Whole-of-Government Information Technology Infrastructure Consolidation and Outsourcing Initiative (IT Initiative). The objectives of the audit were to examine the administrative and financial effectiveness of the implementation of the IT Initiative, with the focus being on the first four tenders conducted. Accordingly, the audit assessed:

• the effectiveness of the overall planning and implementation of the IT Initiative, taking into account the tendering, contracting and monitoring processes undertaken in respect of Cluster 3, DEETYA/EN, ATO and Group 5;
• the extent to which those latter processes have contributed to the achievement of the objectives of the IT Initiative; and
• the extent to which the Commonwealth's interests have been adequately protected within this context.

The audit was conducted in response to a November 2000 resolution of the Senate that the Auditor-General examine all expenditures and entitlements accruing to Parliamentarians in 1999-2000. The objectives of the audit were to:

• provide assurance to the Parliament regarding the administration by Finance, the chamber departments and the portfolio departments of all expenditures and entitlements accruing to Parliamentarians, including Ministers, in 1999-2000;
• assess the administrative and control structures governing expenditures and entitlements accruing to Parliamentarians and Ministers in 1999-2000; and
• identify opportunities to improve the current framework.