Public sector entities hold vast amounts of information, some of which is highly sensitive. Entities must understand their information, classify it correctly, and have appropriate controls to secure it.
Inadequate protection of information can lead to sensitive information being exposed. This may have significant implications for people’s safety, and result in reputational damage and revenue loss.
Who we plan to audit
- Department of Justice (as the department responsible for administering the Public Records Act 2023)
- Department of Customer Services, Open Data and Small and Family Business
- selected public sector entities.
Audit Objective
In this audit, we will examine how effectively public sector entities maintain confidentiality, integrity, and availability of their information. We will assess how entities classify, store, report, and retain information.
Area of focus
Public service
Parliamentary Committee
Local Government, Small Business and Customer Service Committee