Public sector entities hold vast amounts of information, some of which is highly sensitive. Entities must understand their information, classify it correctly, and have appropriate controls to secure it.

Inadequate protection of information can lead to sensitive information being exposed. This may have significant implications for people’s safety, and result in reputational damage and revenue loss.

Who we plan to audit
  • Department of Education

  • selected public sector entities.

Other entities who may form part of this audit include:

  • Department of Customer Services, Open Data and Small and Family Business

  • Department of Justice (as the department responsible for administering the Public Records Act 2023).

Audit Objective

In this audit, we will examine how effectively public sector entities maintain confidentiality, integrity, and availability of their information. We will also assess how entities classify, store, report, and retain information.

Area of focus
Public service
Parliamentary Committee
Justice, Integrity and Community Safety Committee
Planned
Anticipated tabling: to be advised