Report
Internal controls and governance 2025: procurement and technology
Publisher
Governance
Quality management
Government procurement
Public sector
State and territory government departments
Cyber security
Information technology
Artificial Intelligence (AI)
New South Wales
Resources
| Attachment | Size |
|---|---|
| Internal controls and governance 2025 | 4.6 MB |
| Internal controls and governance 2025: report snapshot | 131.46 KB |
Description
Internal controls and governance help agencies achieve their outcomes by supporting effective operations, reliable financial reporting and legal compliance. This report provides insights from the financial audits of 26 major New South Wales (NSW) public sector agencies, focusing on the effectiveness of their internal controls and governance. It presents observations across key elements of these frameworks.
The report recommends that agencies strengthen controls and processes across three key areas: procurement frameworks, adoption of artificial intelligence and cyber security controls.
Key findings
- Internal control findings have decreased.
- IT controls need to improve. Five high-risk findings were reported, all related to ineffective IT controls.
- Deficiencies in procurement practices. Agency procurement practices show deficiencies in policy alignment, capability and oversight.
- Agencies can better integrate artificial intelligence (AI) into their existing governance and strategy arrangements.
- Cyber security control deficiencies expose supply chains to vulnerabilities and undermine investment effectiveness.
- 33% of reported audit issues were repeat findings.
- 29% of agencies that have implemented AI have a supporting strategy in place.
Publication Details
Copyright:
Audit Office of New South Wales 2025
Access Rights Type:
open
Post date:
30 Oct 2025
