Public sector entities rely on information technology (IT) systems (computer hardware and programs) to support business operations and processes.
This report is in its third year and builds on last year’s Financial Systems Controls Report: Information Technology 2014–15.
In this report we provide a high-level overview of the strength of IT controls used by a number of public sector entities to protect their financial information.
We analyse the themes and weaknesses in controls that we uncover during our financial audits of these entities. We also summarise our findings on two areas of focus – wireless security and strategies to mitigate targeted cyber intrusions.
Our analysis is based on our audit of IT controls at 52 entities, whose financial years ended either on 31 December 2015 or 30 June 2016.
The report has two recommendations for the Department of Premier & Cabinet and eight broader recommendations for public sector entities.