The overall objective of this audit was to assess the management of the physical protection of Australian missions and staff overseas. The high-level criteria for the audit are set out at Appendix 1 of the report.

The Australian Diplomatic Communications Network was developed to provide a secure communication and automation capability for domestic offices and overseas posts. The audit focussed on project management of the ADCNET project, and in particular:

• how effectively the ADCNET project was managed;
• how effectively project risks were managed; and
• the extent to which project management processes have established whether ADCNET meets the specifications set by, and the expectations held by, DFAT, as well as any lessons to be learnt for this and other future projects.

The audit's main objectives were to:

• examine the guidance on the use of confidentiality clauses in contracts and agencies' use of such clauses;
• develop criteria to assist agencies in determining what information in a contract is confidential; and
• assess the effectiveness of the existing accountability and disclosure arrangements for Commonwealth contracts.

The main objectives of the audit were to assess the management and administration of protective security across Commonwealth agencies and to identify, recommend and report better practice in security management. Particular attention was paid to:

• compliance with Government policy, standards and guidelines;
• the role of management in protective security; and
• the operation of security systems and practices.

The audit criteria and procedures to assess the management and administration of the individual organisations examined were largely based on the overall control framework of an organisation and the guidance provided in the current Commonwealth Protective Security Manual.

The purpose of this follow-up audit was to report on action taken by the Department of Social Security and Centrelink in addressing the recommendations of Audit Report No.23 1993-94 Protection of Confidential Client Information from Unauthorised Disclosure. The objectives were to:

• ascertain the extent to which the recommendations of the original audit have been implemented;
• identify other changes made in relation to data confidentiality within the Social Security portfolio since 1993;
• assess the impact of the changes made; and
• identify any scope for further improvement.

The objective of this audit was to assess the systems put in place by Centrelink to protect data privacy. The audit reviewed the adequacy of the policies, procedures and the administrative framework associated with data privacy, and the computer systems that are used to store and disseminate data. The ANAO also examined compliance with legislative requirements.

The primary objective of the audit was to assess the economy, efficiency and effectiveness of DoTRD's implementation of Annex 17 in the Australian aviation environment. The ANAO concluded that DoTRD has established a regulatory regime which ensures Australia's compliance with the standards embodied in Annex 17. However, there are areas where Australia's aviation security regime can be strengthened even further including; developing a more robust approach to risk management, developing a longer-term perspective to DoTRD's planning structure, development of proactive alliances with aviation regulators in neighbouring countries in the Asia-Pacific region, further improvement of the airport audit process, development and implementation of an evaluation strategy, development of a formal transparent approach to enforcement.

Mr P.J. Barrett (AM) - Auditor-General for Australia, presented at the 2nd Annual New Directions in Australian Auditing Accounting Standards Conference

Mr P.J. Barrett (AM) - Auditor-General for Australia, presented at the IIR Conference 'Risks in Outsourcing in the Public Sector'

The report summarises the audit and other related activities of the ANAO in the period January to June 2002. Key issues arising from performance audits tabled in this period are summarised. Appendix 1 of the Activity Report provides a short summary of each of the audits tabled between 1 January 2002 and 30 June 2002.