Reports and publications

Browse our range of reports and publications including performance and financial statement audit reports, assurance review reports, information reports and annual reports.

View reports and publications

Insights

The aim of audit insights is to communicate lessons from our audit work to make it easier for people working within the Australian public sector to apply those lessons.

View ANAO Insights

Work program

The ANAO work program outlines potential and in-progress work across financial statement and performance audit.

View the work program

Careers

Our staff add value to public sector effectiveness and the independent assurance of public sector administration and accountability, applying our professional and technical leadership to have a real impact on real issues.

View Careers

About us

The Australian National Audit Office (ANAO) is a specialist public sector practice providing a range of audit and assurance services to the Parliament and Commonwealth entities.

About Us

An Audit Committee Chairs Forum was held on Friday 12 July 2024. The text on this page is the communique from the forum.

Auditor-General’s Update

This is a summary of the key points from the Auditor-General’s presentation. A copy of the speaking notes is available on this page.

Overview

  • The ANAO’s Corporate Plan 2024–25 and Annual Audit Work Program 2024–25 (AAWP) were published on 8 July 2024.
  • The AAWP includes a continuation of audits of entities’ compliance with essential frameworks, integrity and ethics, and audits of programs focused on key areas of government activity such as climate change and the environment,  Defence capability and NDIS
  • The ANAO has commenced a program of performance audits that assess compliance with key areas of the proper use of resources under the Public Governance, Performance and Accountability Act 2013 including compliance with credit card requirements; gifts, benefits and hospitality; and management of conflicts of interest.
  • The AAWP also reflects the developments in sustainability and climate related disclosures. Sustainability reporting has developed globally, primarily in the private sector. As the auditor of Australian government entities, the ANAO is considering its readiness to implement a sustainability assurance regime and how this will impact our overall audit program.

Financial statements – interim report

  • The Interim Report on Key Financial Controls of Major Entities for 2023–24 was tabled on 20 June 2024.
  • A key issue identified in the end of year report for 2022–23 was the decline in timeliness of tabling entity annual reports. Thirty-four per cent of annual reports were tabled on or after the date of the entity's supplementary budget estimates hearings. This represents an eight per cent decrease in timeliness of annual reports being tabled in the Parliament compared with 2021–22.
  • The results of the ANAO’s financial statements audits over the recent term indicate that financial reporting is a mature and embedded function in entities, supported by largely appropriate processes and financial frameworks.
  • IT controls remain an area of concern. Key areas where there is room for improvement in internal controls, guidance or capability include:
    • entity safeguards for preventing cyber security risks;
    • robustness of IT controls and change management policies;
    • assurance over software projects; and
    • closing out internal audit recommendations.

Performance statements audit work

  • The ANAO continues to build its program of work in auditing performance statements with 14 entities audited in 2023–24. In the 2024–25 financial year the number of entities in our performance statements audit program will increase to 21.
  • Audit Committees have an important role in reviewing entity performance measures and performance reports.

Corporate activities

  • The ANAO has developed a new public sector engagement strategy to better drive its engagement with the sector. The strategy has a focus on how the ANAO’s lessons and insights from its work can be better communicated and disseminated.
  • The ANAO has also developed a digital strategy which is about thinking digitally first, not only automating current manual processes or attempting to retrofit automation.

ANAO Impact

  • The ANAO’s purpose is to support accountability and transparency in the Australian Government sector through independent reporting to the Parliament, and thereby contribute to improved public sector performance. The ANAO’s audit work has directly led to system level improvements and changes in the public sector. Recent examples of impact of the ANAO’s work include:
    • Legislation being introduced to deal with a matter raised in ANAO’s performance audit Auditor-General Report No.10 2022–23 Expansion of Telehealth Services identifying a legal risk of the  assignment of benefits for the bulk-billing of telehealth services;
    • Legislation being introduced to give the Tax Commissioner discretion to not apply refunds or credits to debts on hold – a matter raised in our financial statements audit work;
    • Amendments to the Commonwealth Procurement Rules in response to a recommendation made in Auditor-General Report No.19 2022–23 Procurement Complaints Handling and changes to the Commonwealth Grant Rules and Guidelines, and the Commonwealth Contracting Suite picking up integrity, probity and ethics matters ANAO drew to the attention of the JCPAA in ANAO’s submissions to JCPAA inquiries.

ANAO Updates

Developments in sustainability reporting

  • The first stage of sustainability reporting under the Australian Government policy is the introduction of mandatory climate-related disclosures in the annual reports of entities subject to the Corporations Act 2001 (Corporations Act). Under the policy:
    • the Department of the Treasury is leading the Corporate Climate-related Financial Disclosure (CCFD) policy roll-out for companies reporting under the Corporations Act; and
    • the Department of Finance (Finance) is leading the Commonwealth Climate Disclosure (CCD) policy roll-out for Commonwealth entities and Commonwealth companies not captured by the thresholds set out in the proposed amendments to the Corporations Act.
  • The Net Zero in Government Operations Strategy was released in November 2023 and describes the approach for implementing the commitment to achieve net zero in government operations by 2030.
  • Finance issued CCD Pilot Guidance on 27 March 2024 for disclosure of a limited range of climate risk management activities for all departments of state in 2023-24. Finance has also consulted on the full CCD reporting framework, which will be based on the Australian Accounting Standards Board standard, tailored for the public sector. The ANAO has contributed to Finance’s consultation on the reporting framework.
  • To support the implementation of this work, the ANAO has been working with the Department of Finance to develop an assurance and verification regime for sustainability reporting in the public sector.
  • As the auditor of Australian government entities, the ANAO is considering its readiness to implement a sustainability assurance regime and how this will impact our overall audit program. This includes:
    • Audit mandate
    • Resources required to undertake the assurance function
    • Staff capability
    • Specialist expertise
    • Sector readiness
    • Market readiness

Performance statements update

  • The ANAO’s program of performance statements continues to be a learning process for both the ANAO and entities.
  • In performance statement the idea of ‘meaningful’ is broad and there is a wide variety of metrics and measures for entity performance information. Throughout this program, the ANAO’s methodology continues to mature.
  • Key outcomes for entity performance statements include:
    • Good quality performance information that is complete and provides meaningful information regarding an entity’s performance in achieving its purpose.
    • The ability of the Parliament to use and assess entity performance information to see if it is achieving its purpose.
    • The integration of an entity’s Corporate Plan and performance statements as tools to run entity business well.
  • The ANAO has observed a higher level of senior management engagement in the audit process and interest in performance statements and associated metrics.
  • The ANAO has identified the following aspects as key risks in the audit of performance statements:
    • Capability – internal and external;
    • Entities seek to comply with the minimum requirements and not the spirit and intent of the PGPA Act; and
    • Entity audit fatigue.
  • The ANAO will continue to work with entities as the performance statement audit program grows. There are several opportunities for performance statements which the ANAO is exploring, including:
    • ‘Right-touch’ approach to methodology. Does everything have to be audited in the same way every year? How does the approach to reasonable assurance of the statements as a whole differ to individual performance metrics? The ANAO’s Expert Advisory Panel is assisting with these and other considerations.
    • Working more closely with the Office for Impact Analysis and the Australian Centre for Evaluation. These entities are working across the public sector and the ANAO wants to ensure there is a consistent approach, particularly regarding the development of program logics in entities performance information.

Financial statement audit update – Interim Report on Key Financial Controls of Major Entities

  • The Interim Report on Key Financial Controls of Major Entities for 2023‑24 was published on 20 June 2024.
  • A total of 93 findings were reported to the 27 entities included in the Interim Report. This included 3 significant, 26 moderate findings and 64 minor findings, which is an increase from previous interim audits.
  • The ANAO’s analysis indicates that 78 per cent of audit findings (72 findings) reported at the 2023-24 interim phase were findings unresolved from prior audits. The range of findings identified spanned from 2020-21 to 2022-23. 
  • The ANAO continues to find issues relating to the IT control environment. 65 per cent of all findings relate to the IT control environment, an increase from 63 per cent in 2022-23. In the Interim report, there were three significant findings relating to IT controls including:
    • Timely removal of user access;
    • Change management; and
    • IT governance.
  • The Interim Report also included a piece on audit committees and assessments for effectiveness. Most of these assessments are self-assessments. Entities could enhance the effectiveness of their review of audit committee performance by adopting a formal process of independently reviewing the performance of audit committees that more comprehensively considers the matters identified in the guidance issued by Finance.
  • The interim Report also highlighted issues relating to the implementation of internal audit recommendations.
    • While entities largely had processes to track, monitor and implement recommendations in policy our analysis noted delays in implementing recommendations. 69 per cent of internal audit recommendations from 2020 to 2024 were addressed past their agreed due date. The average delay in closing recommendations during this period was just over three months, but extended over quite a range.
    • Unaddressed or delayed recommendations could point to potential for unmitigated business or financial risks or gaps in controls.
    • Accountable Authorities, with advice from their audit committees, could review and strengthen governance processes and oversight for implementation of internal audit recommendations to ensure recommendations/risks are addressed in agreed timeframes.
  • The ANAO examined entities’ delivery of computer software. In the 2022­–23 end of year report we analysed the increase in the write-downs and impairment of computer software which over the five-year period from 2018–19 to 2022–23 totalled $789.1 million.
  • The ANAO found that:
    • Twenty-five of the 27 entities had established a project management framework or policy;
    • Thirteen entities did not provide reports to their audit committees on software projects; and
    • All entities have adopted one or more of the eight project assurance processes examples advised by the Digital Transformation Agency (DTA). One assurance process, internal audit, was adopted by the majority of entities.

Performance audit update

  • The ANAO’s performance audit work has had an increased focus on ethics, culture and integrity in the public sector.  
    • The ANAO has observed that meeting mandatory requirements is not sufficient to ensure compliance with the high expectations set out in principles-based legislation and frameworks.
    • The ANAO recently tabled an audit of the Australian Public Service Commission’s Administration of Integrity Functions. General lessons from this audit identified the importance of agencies focusing on good governance including stewarding in the APS, risk management and records management. It also showed that the enterprise risk registers are a key tool of effective corporate governance and require active review and adjustment as necessary.
  • In 2023–24 the ANAO tabled four performance audits which assessed the effectiveness of entities management of corporate credits.
    • The misuse of corporate credit cards, whether deliberate or not, has the potential for financial losses to the Commonwealth and reputation damage to individual government entities, as well as the public sector. The robustness of controls to detect and prevent misuse of credit cards and action taken on non-compliance can be indicative of an entity’s culture and integrity.
    • Entities need to establish policies and procedures which consider their operating context and risk and develop a pro-integrity cultural supporting credit card compliance.
  • In 2023­–24 there was also a focus on compliance with gifts, benefits and hospitality requirements. The policies and risk management procedures for gifts, benefits, and hospitality should not be considered in isolation and play an important role in key entity business such as procurement, recruitment, and delegated decision making.
  • ANAO performance audits regularly assess grants administration in Australian Government entities and often find that entities are not meeting CGRG requirements.
    • For 14 performance audits of grants administration that the ANAO conducted between July 2019 to February 2024, 50% were found to be either not effective or partly effective, and none were found be fully effective.
    • An ‘Audit Lessons’ product on Grants administration was published on 28 June 2024. This lesson’s product is targeted at those responsible for administering or overseeing grants programs.

Cyber security and data governance

  • The ANAO has published a performance audit on the Management of Cyber Security Incidents. The key message from this audit for entities includes the importance of governance arrangements, risk management, and performance and impact assessments.
  • As outlined in the Interim Report, there has been an increase in IT audit findings. Weaknesses in IT governance arrangements can lead to timeliness issues in resolving IT and general audit findings and can have implications for the strategic planning and positive risk culture and posture of entities. The ANAO found that only five out of 27 entities have self-reported full compliance with the requirements of the Protective Security Policy Framework.
  • 36 entities have advised the ANAO that they have adopted some form of emerging technology. 27 of these entities adopted AI, and 15 did not create policies to support use of AI.
  • The lack of governance frameworks for managing the use of emerging technologies could increase risks to entities.

Department of the Treasury

Developments in climate disclosures

  • Treasury presented an overview of the proposed new requirements for the disclosure of material climate-related risks and opportunities by large businesses and financial institutions currently before Parliament.
  • Treasury Laws Amendment (Financial Market Infrastructure and Other Measures) Bill 2024 amends the Corporations Act 2001 (Cth) and builds on the existing annual financial reporting obligations.
  • Subject to passage, reporting requirements for Australia’s largest companies as well as entities above the publication threshold of National Greenhouse and Energy Reporting scheme disclosure requirements will commence from 1 January 2025, with others phased in over time.

Department of Finance

Financial reporting update

  • Consistent with last financial year, audit cleared financial statements are due to be submitted to the Department of Finance (Finance) by 15 August 2024 for material entities and 30 August 2024 for small entities. These submissions support the preparation of the Australian Government’s Final Budget Outcome and Consolidated Financial Statements (CFS).
  • The supplementary reporting pack (SRP) is due back to Finance by 19 August 2024 for material entities and 30 August 2024 for small entities.
  • From a 2023–24 reporting perspective, there are no significant accounting standard changes.
  • To support entities to uplift capability across the accounting and finance profession, in 2023-24 Finance has run a quarterly training campaign, continued the accounting and financial management stream graduate recruitment and is planning a second annual Australian Public Service Accounting and Finance Conference.

Speaking Notes for Acting Auditor-General

Introductory comments

  • Good morning and thank you to those joining us in person and online today.

Organisational change

  • I would like to begin by acknowledging the retirement of the former Auditor‑General for Australia, Mr Grant Hehir and thank him for his service and leadership of the ANAO throughout his tenure.  Of note, his commitment to the ANAO’s relationship with the Parliament and through that, the implementation of performance statement auditing – to bring transparency to the Parliament.
  • I feel honoured to be in the position of Acting Auditor-General for Australia and lead a talented and highly capable team within the ANAO. As a result of acting arrangements you’ll see some familiar faces in different roles.

Overview of forum topics

  • Today is an opportunity for you to hear about what is happening in the sector and at the ANAO, including key findings from our audit reports that may assist you in your roles as audit committee chairs. Following my remarks, you will hear presentations on:
    • Developments in climate disclosures by Hannah Skewes, from the Department of the Treasury;
    • Developments in sustainability reporting by Jane Meade;
    • Performance statements audit update by George Sotiropoulos;
    • ANAO insights on cyber security and data governance by Xiaoyan Lu;
    • Key themes emerging from performance audits by Michelle Page; and
    • Key themes from financial statements audits by Lesa Craswell.
  • A copy of the presentations from today and a communique will be published on the ANAO’s website.
  • Today I will be speaking about the two aspects of the ANAO’s purpose which is ‘to support accountability and transparency in the Australian Government sector through independent reporting to the Parliament, and thereby contribute to improved public sector performance’. First, I will discuss key aspects of the ANAO’s audit work, key changes and findings, and second, I will discuss our approach to influencing good public administration.

What’s happening in the audit space :

AAWP
  • The 2024 –25 Annual Audit Work Program (AAWP) has been published and is available on the ANAO’s website. The AAWP continues to focus on core public sector activities. The program includes a continuation of audits of entities' compliance with essential frameworks, integrity and ethics, and audits of programs focused on climate change and the environment.
  • Under the Public Governance, Performance and Accountability Act 2013 (PGPA Act), an accountable authority of an Australian Government entity has a duty to establish and maintain appropriate systems of risk oversight and management and internal control, including measures to ensure that officials comply with the Finance Law. Non-compliance with Finance Law, including for basic governance processes, has the potential for financial losses or reputational damage to entities and can be indicative of an entity’s culture and integrity.
  • In an environment of mixed trust in the public sector, audit committees play a pivotal role in the assurance and compliance activities of Commonwealth entities. It is essential that audit committees play a role in ensuring that entities get these basics right.
  • The ANAO has commenced a rolling program of performance audits that assess compliance with key areas of the proper use of resources under the PGPA Act. Topics that we have undertaken or that we have underway are compliance with credit card requirements; gifts, benefits and hospitality; and management of conflicts of interest.
  • Our focus on compliance in this area is in response to the issues identified in recent audit reports, the Royal Commission into Misconduct in the Banking, Superannuation and Financial Services Industry, the Royal Commission into Robodebt, and the concerns of the Parliament.  They can tell the Parliament about the “tone at the top”.  I note that Senate Estimates committees have, across portfolios, pursued lines of questioning with respect to gifts and hospitality in at least the last 3 sessions.  It is clearly an area of Parliamentary interest.
  • The JCPAA in its recent Report No. 504: Inquiry into Procurement at Services Australia and the NDIA has recommended :
  • Recommendation 4 : The Committee recommends that the Department of Finance and the Digital Transformation Agency take appropriate action to understand the extent to which inappropriate cultivation of Commonwealth officials may be occurring as a result of hospitality and gifts by major ICT vendors.
  • Recommendation 5 : The Committee recommends that the Australian National Audit Office consider the evidence and issues raised in this inquiry and consider further audits in relation to gifts and hospitality issues in the public sector to identify practices of concern, raise awareness, and help to build ethical cultures that operate with probity. This may include exercising its powers to obtain information from private sector entities that contract to the Commonwealth, in relation to gifts and hospitality provided to public officials.
  • We have included further audits focused on compliance in the AAWP - they are generally shorter, sharper audits which provide greater audit coverage of the sector by providing a mix of audits in size and scale and can be conducted across a wider variety of entities, and they give an insight into the control frameworks within entities and across the pubic sector.
  • Recently the ANAO tabled an audit of the APSC’s Administration of Integrity Functions using our ethics methodology. This was an audit looking at the system level and we will continue our program of audits into the implementation of ethical frameworks by entities in the 2024-25 audit cycle. We’re scoping an audit into a department of state to assess ethical frameworks at present.
  • Our focus on ethics and integrity will continue – I note the JCPAA in its report no. 502 The never ending quest for the golden thread recommended :
  • Recommendation 1 : The Committee recommends the Department of Finance issues guidance that makes clear to public officials that if they breach finance law, suggesting there was no malice or personal gain is not sufficient to fulfil their obligation under the Public Governance, Performance and Accountability Act 2013 to act honestly, in good faith, and for a proper purpose.
  • And further –
  • Recommendation 5 : The Committee recommends the PGPA Act Framework be amended to introduce a requirement for entities to develop and maintain an overarching Integrity Framework that brings together:
  • the relevant legislative, regulatory and policy frameworks through which the agency functions
  • assessments of major integrity risks
  • statement of the desired culture as it applies to officers demonstrating probity and acting ethically as they carry out their responsibilities
  • assurance mechanisms of sufficient substance and scope, appropriate to the size of the entity and its risks, for accountable authorities to be confident officers are acting according to the letter and the intent of the frameworks
  • robust accountability arrangements.
    Accountable Authorities must report on their Framework, including culture, in their annual report and state they have evidence officers in their agency are acting with probity.
  • Implementation of these recommendations, and those the ANAO makes at an entity level may have an impact on your work in assessing the controls in place to achieve integrity.
  • Note that the ANAO has an internal integrity framework and for the first-time last year we published our integrity report on our website. Our Integrity Framework provides an overarching structure to the ANAO’s integrity control system, supporting our institution’s integrity. The framework serves to assist in ethical decision making and risk, fraud and misconduct management. Our integrity report includes integrity-related matters that occurred during the year and identifies emerging trends and areas where the ANAO may have vulnerabilities and risks to integrity or elements of the Integrity Framework that require strengthening. The report also highlights areas where new controls have been implemented in the ANAO Integrity Framework during the year.
Preparation for climate change disclosures and auditing of them
  • The other newer element of the AAWP relates to climate change disclosures and sustainability reporting. Sustainability reporting has developed globally, primarily in the private sector, on the basis that sustainability factors are becoming a mainstream part of investment decision-making.
  • The Australian Government has determined that the first stage of sustainability reporting in Australia is climate-related reporting.
  • As the financial auditor of Australian government entities, the ANAO is considering its readiness to implement a sustainability assurance regime and how this will impact our overall audit program.
  • Questions of mandate and impact of workload will need to be thoughtfully considered in the ANAO.  Readiness for reporting will be a key issue for entities – and based on our experience in auditing performance statements, ensuring good methodology and evidence to support the reporting required.

Financial statements – interim report

  • The Interim Report on Key Financial Controls of Major Entities for 2023‑24 was tabled in the Parliament on 20 June and is now available on our website.
  • A key issue identified in the end of year report for 2022–23 was the decline in timeliness of tabling entity annual reports. I thought it would be timely to mention this now, given you are all entering into reporting season.
  • Annual reports that are not tabled in a timely manner before budget supplementary estimates hearings decrease the opportunity for the Parliament to scrutinise an entity’s performance. Finance's RMGs and PM&C’s tabling guidance require that annual reports are tabled before estimates hearings.
  • In our 2022–23 end of year report on financial statements we identified that thirty-four per cent of annual reports were tabled on or after the date of the entity's supplementary budget estimates hearings. This represents an eight per cent decrease in timeliness of annual reports being tabled in the Parliament compared with 2021–22.
  • This is a key risk for the integrity of the APS which must serve the government, the Parliament and the public.
  • The results of the ANAO’s financial statements audits over the recent term indicate that financial reporting is a mature and embedded function in entities, supported by largely appropriate processes and financial frameworks.
  • Our latest interim report identifies that IT controls remain an area of concern. I would encourage Audit Committees to look at this closely, asking for plain language reporting on IT controls to enable you as a committee to provide assurance to the Accountable Authority on this matter.  
  • Key areas where there is room for improvement in internal controls, guidance or capability include:
    • entity safeguards for preventing cyber security risks;
    • robustness of IT controls and change management policies;
    • assurance over software projects; and
    • closing out internal audit recommendations.
  • We have also continued our interest in the establishment and function of audit committees. In the interim report we found that most evaluations were informed by self‑assessments conducted by committee members, and that the majority of assessments did not cover the suggested focus areas in guidance in the RMG. The effectiveness of reviews of audit committee performance could be enhanced by adopting a formal process of independently reviewing the performance of audit committees that more comprehensively considers the matters identified in the guidance issued by Finance.
  • I would also like to discuss findings regarding entities’ internal audit and the role of audit committees:
    • our interim report analyses entity processes for the implementation of internal audit recommendations. While entities largely had processes to track, monitor and implement recommendations, our analysis noted delays in implementing recommendations. 69 per cent of internal audit recommendations from 2020 to 2024 were addressed past their agreed due date. The average delay in closing recommendations during this period was just over three months, but extended over quite a range.
    • unaddressed or delayed recommendations could point to potential for unmitigated business or financial risks or gaps in controls.
    • Audit committees could assist Accountable Authorities by providing them with advice on how their governance processes could be reviewed and strengthened.
    • Audit committees can also bring structure and oversight to the implementation of internal audit recommendations to ensure recommendations and the risks those recommendations are seeking to mitigate are addressed in agreed timeframes.

Performance statements audit work

  • The ANAO continues to build its program of work in auditing performance statements with 14 entities audited in 2023–24. In the 2024–25 financial year, we will, at the request of the Finance Minister increase the number of entities in our performance statements audit program to 21.
  • While the ANAO’s audit of performance statements is still reasonably new, the requirements for performance statements and meaningful reporting on performance information in the PGPA Act have been in place for over 10 years. The banter is still that it’s something new. Embedding a focus on performance information and reporting as a basic tenet of public administration and not a new activity should lead to better outcomes.
  • Through our program of performance statements audits we have seen unintended consequences from entities in the preparation of performance statements, perhaps driven by the focus we bring through auditing. For example, performance statements frequently have a large number of caveats which can detract from providing a meaningful picture of the entity’s performance. It is worth stepping back and considering each entity’s overall set of performance statements to consider whether they are actually telling a clear picture of how the entity has performed in the last year. Hoping that some entities can come up with useful ways to put their caveats in place without detracting from the performance story.
  • The Deputy Chair of the JCPAA has a way of cutting through by asking entities the question “what does good look like” – helps you step back from a performance statement and consider whether the reporting is meaningful.
  • Audit Committees have an important role in reviewing entity performance measures and performance reports. I encourage you all to think about “what does good like?” for your entities.

Corporate activities

  • The ANAO’s corporate plan has been published on the ANAO’s website and in it you will see some shifts in our focus.
  • As we have previously highlighted, the ANAO is committed to finding ways to provide practical support and guidance to entities and better communicate our audit findings. We have developed a new public sector engagement strategy which has a focus on how we can get our lessons and insights out into the sector.
  • Insights, Lessons and Opinions based on our audit work are the product set.  But, we need to get better at pushing them out to the right people, including audit committees.
  • We have developed a digital strategy - thinking digitally first and not just automating current manual processes or attempting to retrofit automation to emerging issues. This will be a key space to watch as we are aware, for example, that entities have millions of data points that feed into things like the new sustainability reporting requirements. To audit this space, we must think ‘digital first’, and how we can audit such data digitally.
  • On the issue of artificial intelligence, the ANAO will enter this space with the scepticism you would all expect from auditors. Our key considerations for AI are how to audit it and how to use it ourselves.
  • For entity use of AI we would expect robust governance frameworks for the use of AI and methods to ensure controls are in place, in a similar manner to other issues of cyber security. We have a performance audit underway in this space on the ATO’s adoption of automation and artificial intelligence.
  • Parliament is interested in the use of AI, its governance and its guard-rails.  There are 2 inquiries in course – one in the Senate, and one as part of the JCPAA’s inquiry into financial statements.
  • It’s worth reminding people that there is a Better Practice Guide – Automated Decision-making - issued by the Commonwealth Ombudsman (by way of an update) in January 2024
  • Lastly, we’re now, like the entities you support, going through a financial statements and performance statements audit. At which point all the numbers will be in.  We have hit our performance audit target of 45 for 2023-24, after a mammoth effort in the last few months.
  • I thought it was worth reflecting on the impacts our audit work has had :
    • Legislation has been introduced to deal with an issue raised in our performance audit of telehealth – the assignment of claims in the telehealth environment
    • Legislation is being introduced to give the Tax Commissioner a discretion to not apply refunds or credits to debts on hold – a matter raised in our financial statements audit work
    • Through our submissions to the JCPAA resulting in recommendations, we’ve seen amendments and changes to the CPRs and CGRGs, and the Commonwealth Contracting Suite.
    • As you know we observe improvements within entities while we are conducting audits and include them in an appendix in our performance audit reports. And we see improvements through the following up of recommendations – Treasury has indicated for example that it is updating its Gifts, Benefits and Hospitality policy following our audit.

Closing comment

  • Before I finish today, I would like to take the opportunity to seek your feedback on the format of this forum. We have been running this forum for several years now and we are eager to make these forums as valuable and engaging as possible.
  • We are experimenting with ideas, and one idea for our end of year event is to have more of a roundtable type discussion on areas of public sector risk. If you have any ideas please come and speak with me or the ANAO’s External Relations team who are sitting at the back of the room today.
  • I would like once again to thank the talented team of ANAO senior leaders who you will hear from throughout today’s program and I trust you will find it to be a valuable session. 
Related documents
ACC Forum 12 July 2024 presentation slides (PDF)