The objective of the audit was to assess the effectiveness of the management of cyber risks by the Department of the Treasury, National Archives of Australia and Geoscience Australia.

The objective of this audit was to assess the effectiveness of the selected entities’ implementation of arrangements for managing cyber security incidents in accordance with the Protective Security Policy Framework (PSPF) and relevant ASD Cyber Security Guidelines.

The objective of the audit was to assess the effectiveness of cyber security risk mitigation strategies implemented by selected non-corporate Commonwealth entities to meet mandatory requirements under the Protective Security Policy Framework, and the support provided by the responsible cyber policy and operational entities.

This edition of Audit Insights is targeted at Australian Government officials who have responsibility for the implementation of cyber security controls or strategy for government systems. The aim is to communicate lessons from our audit work to make it easier for people working within the Australian public sector to apply those lessons. It is drawn from audit reports tabled in 2019–20, 2020–21 and 2022–23 into management of cyber security risks.

The objective of this audit was to examine the effectiveness of selected non-corporate Commonwealth entities' arrangements for managing cyber security risks within their procurements and specific contracted providers under the Protective Security Policy Framework (PSPF).

The objective of this audit was to assess the effectiveness of the management of cyber security risks by three government business enterprises or corporate Commonwealth entities. The entities selected for audit are ASC Pty Ltd, the Australian Postal Corporation and the Reserve Bank of Australia.

Mr Mr Ian McPhee - Auditor-General for Australia, presentation to the Global Working Group of Auditors-General

The audit objective was to assess selected agencies’ compliance with the four mandatory ICT security strategies and related controls in the Australian Government Information Security Manual.

The audit objective was to assess selected entities’ compliance with the four mandatory ICT security strategies in the Australian Government Information Security Manual (ISM).

This edition of audit insights covers audit reports tabled in Parliament during the fourth quarter of 2017–18 with a focus on the key learnings relating to cyber resilience. Cyber security is an increasing risk across government and one that requires attention by Accountable Authorities.