Public sector entities hold vast amounts of information, some of which is highly sensitive. Entities must understand their information, classify it correctly, and have appropriate controls to secure it.
Inadequate protection of information can lead to sensitive information being exposed. This may have significant implications for people’s safety, and result in reputational damage and revenue loss.
Who we plan to audit
Department of Education
selected public sector entities.
Other entities who may form part of this audit include:
Department of Customer Services, Open Data and Small and Family Business
Department of Justice (as the department responsible for administering the Public Records Act 2023).
In this audit, we will examine how effectively public sector entities maintain confidentiality, integrity, and availability of their information. We will also assess how entities classify, store, report, and retain information.