Browse our range of reports and publications including performance and financial statement audit reports, assurance review reports, information reports and annual reports.
The objective of the audit was to assess the effectiveness of the management of cyber risks by the Department of the Treasury, National Archives of Australia and Geoscience Australia.
Please direct enquiries through our contact page.
The objective of this audit was to assess the effectiveness of the selected entities’ implementation of arrangements for managing cyber security incidents in accordance with the Protective Security Policy Framework (PSPF) and relevant ASD Cyber Security Guidelines.
Please direct enquiries through our contact page.
The objective of the audit was to assess the effectiveness of cyber security risk mitigation strategies implemented by selected non-corporate Commonwealth entities to meet mandatory requirements under the Protective Security Policy Framework, and the support provided by the responsible cyber policy and operational entities.
Please direct enquiries through our contact page.
This edition of Audit Insights is targeted at Australian Government officials who have responsibility for the implementation of cyber security controls or strategy for government systems. The aim is to communicate lessons from our audit work to make it easier for people working within the Australian public sector to apply those lessons. It is drawn from audit reports tabled in 2019–20, 2020–21 and 2022–23 into management of cyber security risks.
Please direct enquiries through our contact page.
The objective of this audit was to examine the effectiveness of selected non-corporate Commonwealth entities' arrangements for managing cyber security risks within their procurements and specific contracted providers under the Protective Security Policy Framework (PSPF).
Please direct enquiries through our contact page.
The objective of this audit was to assess the effectiveness of the management of cyber security risks by three government business enterprises or corporate Commonwealth entities. The entities selected for audit are ASC Pty Ltd, the Australian Postal Corporation and the Reserve Bank of Australia.
Please direct enquiries through our contact page.
Mr Mr Ian McPhee - Auditor-General for Australia, presentation to the Global Working Group of Auditors-General
The audit objective was to assess selected agencies’ compliance with the four mandatory ICT security strategies and related controls in the Australian Government Information Security Manual.
David Gray, Executive Director - Phone (02) 6203 7377
The audit objective was to assess selected entities’ compliance with the four mandatory ICT security strategies in the Australian Government Information Security Manual (ISM).
Please direct enquiries relating to reports through our contact page.
This edition of audit insights covers audit reports tabled in Parliament during the fourth quarter of 2017–18 with a focus on the key learnings relating to cyber resilience. Cyber security is an increasing risk across government and one that requires attention by Accountable Authorities.
Please direct enquiries through our contact page.