A cyber-attack is defined as a deliberate act through cyber space to manipulate, disrupt, deny, degrade, or destroy computers, networks, or the information they contain. In Australia, the responsibility for managing and preventing cyber security threats lies with the federal, state and territory governments. As government delivers more and more services online, the risk of cyber security attacks increases. The Queensland Government has established a cyber security unit with a whole-of-government focus to combat potential threats.

The 2017 Threat Report by the Australian Cyber Security Centre states that cybercrime remains a pervasive threat to Australia’s economic prosperity with growing criminal expertise in targeting specific businesses. It also states that cybercrime will continue to be an attractive option for criminals. According to this report, between July 2016 and June 2017, the Australian Signals Directorate responded to 671 cyber security incidents that were considered serious enough to warrant operational responses. Cyber security is an evolving risk and departments need to be vigilant in assessing and addressing it.

Audit Objective

This audit will assess whether agencies effectively manage their cyber security risks.

Who we might audit

The Queensland Government Cyber Security Unit within the Queensland Government Chief Information Office. We will also select a sample of public sector agencies, to be advised.

Parliamentary Committee
Transport and Public Works Committee
Audit status
1 October 2019