Reports and publications

Browse our range of reports and publications including performance and financial statement audit reports, assurance review reports, information reports and annual reports.

View reports and publications

Insights

The aim of audit insights is to communicate lessons from our audit work to make it easier for people working within the Australian public sector to apply those lessons.

View ANAO Insights

Work program

The ANAO work program outlines potential and in-progress work across financial statement and performance audit.

View the work program

Careers

Our staff add value to public sector effectiveness and the independent assurance of public sector administration and accountability, applying our professional and technical leadership to have a real impact on real issues.

View Careers

About us

The Australian National Audit Office (ANAO) is a specialist public sector practice providing a range of audit and assurance services to the Parliament and Commonwealth entities.

About Us

The Auditor-General responded on 11 December 2015 to correspondence from Senator the Hon Doug Cameron on 30 October 2015 regarding systems and processes within the Department of Human Services (DHS) that go to the security of citizens' identity.

Auditor-General's response

11 December 2015

Senator the Hon Doug Cameron
Shadow Minister for Human Services
Senator for New South Wales
PO Box 322
SPRINGWOOD NSW 2777

Dear Senator Cameron

Security of citizens’ identity within the Department of Human Services

Thank you for your letter dated 30 October 2015 seeking an ANAO audit into the systems and processes within the Department of Human Services (DHS) that go to the security of citizens’ identity.

Your correspondence notes that the department has advised it is currently investigating a significant number of allegations of identity theft. DHS has confirmed directly with the ANAO that a joint departmental/NSW Police investigation (known as Strike Force Board) has been underway since September 2015, under a Joint Agency Agreement. This investigation is examining the theft of patients ‘ records from a number of medical practices in NSW, which may have resulted in the alleged offenders using unlawfully obtained medical details to make fraudulent Medicare claims.

Separately, on the issue of the exposure of current DHS systems to unauthorised access, you may be interested to note that the ANAO’s past testing has shown that these systems have limited direct links to the internet. In addition, as part of our regular auditing of the department’s financial statements, the ANAO’s testing has indicated that the department has appropriate logical security controls in place to limit both internal and external access to appropriate and authorised users.

On this basis and given the ANAO’s resourcing levels and other performance audit priorities, I do not propose to initiate an audit of these matters at this time. The ANAO’s annual audit of DHS’ financial statements will continue to include regular review and testing of the department’s logical security arrangements, with any relevant findings noted in both the ANAO’s interim and final reports of the whole of government financial statements. The ANAO is also planning a performance audit of the myGov service platform, which will examine aspects of the DHS control environment. For example, DHS has advised the ANAO of changes, since April 2015, to the controls associated with the process for linking Medicare on-line accounts to myGov as well as changes to claiming limits. The department has further advised that additional changes are being considered.

I trust this information has been of assistance.

Yours sincerely

Grant Hehir
Auditor-General for Australia

Correspondence from Senator the Hon Doug Cameron

Related documents
Correspondence from Senator the Hon Doug Cameron (PDF)
A-G response to Senator the Hon Doug Cameron (PDF)