Public sector entities hold vast amounts of information, some of which is highly sensitive. Entities must understand their information, classify it correctly, and have appropriate controls to secure it.
The ramifications of not protecting information can be significant. Poor practice can lead to sensitive information being exposed. It can jeopardise a person’s safety, have reputational risks, and result in significant revenue loss.
Audit Objective
This audit will examine how effectively public sector entities maintain confidentiality, integrity, and availability of their information, including their data. We will assess how entities classify, store, report, and retain information.
Who we might audit
- Department of Justice (as the department responsible for administering the Public Records Act 2002)
- Department of Customer Services, Open Data and Small and Family Business
- selected public sector entities.
Area of focus
Governance of government
Parliamentary Committee
Justice, Integrity and Community Safety Committee