In mid-November 2021, the NSW Independent Commission Against Corruption (the ICAC) made public the report on its investigation into the sourcing of software systems for the Western Sydney Institute of TAFE (WSI). This investigation concerned allegations that the WSI Finance Manager and another Finance Officer accepted payments totalling approximately $449,000. The Finance Manager also accepted […]
Prudential Standard CPS 234, which outlines the information security requirements that APRA regulated organisations must comply with, is a mandatory regulation issued by APRA to ensure that your organisation’s information assets remain safe and secure from breaches. In order to increase the rigour of compliance of CPS 234, Boards of regulated entities are required to […]
Workplace investigations of alleged misconduct can absorb a significant amount of resources and potentially contribute to industrial relations problems and staff morale issues. A well-conducted, independent investigation of alleged workplace misconduct can greatly assist in effectively and fairly resolving a complaint and mitigating these organisational and employee impacts. But a badly conducted or poorly documented […]
How would you describe your company’s organisational risk culture? Before you answer… Cast your mind over recent publicly prominent investigations that have raised organisational risk management failings, with ever-increasing scrutiny of organisational risk culture. Imagine for a moment a research department seeking to be the first to deliver new technologies. What if, in the race […]
In a month where billionaire entrepreneurs are reaching for the stars (or at least the edge of space), we thought it was timely to share our research and recent experiences about the audit topics that are trending in the Local Government audit universe. Councils are probably aware that the NSW Audit Office has recently published […]
The Australian Cyber Security Centre (ACSC) has updated its Essential Eight (8) Maturity Model in July 2021 to counter the sophistication of different levels of adversaries rather than just being aligned to the intent of a mitigation strategy. The ACSC asserts that the maturity model is focused on "Windows-based internet-connected networks", and while it could […]
Current challenges for CFOs Most Chief Financial Officers are under time pressure – having to do more with less. Not only does the CFO have to ensure the controls over transaction processing are in place and the reporting ticks over like clockwork, but he/she also has to provide financial insight and significantly contribute to the […]
The buzz term of recent years in local government has been ‘smart cities’ – a pretty exciting concept for those people working at the heart of delivery services in our communities. Billions of connected devices instantly translate our physical world into the digital realm by capturing and analysing data about our surroundings in real time. […]
Cash transactions are slowly dwindling in Australia. The Reserve Bank’s 2019 Consumer Payments Survey found that only 32% of in-person transactions are conducted in cash, with the fall in small transactions (i.e. under ten dollars) particularly pronounced given “tap and go” technologies. The percentage of cash transactions has decreased even further over the past year, […]
Privacy Awareness Week is a global campaign that highlights the importance of maintaining privacy and raises awareness for public sector agencies about how to protect the personal information of the people they serve. Respecting privacy is important because it can be highly personal. We are all different, and everyone has different ideas about their privacy. […]
Amongst all the doom and uncertainty associated with Covid-19, there was one tangible benefit that emerged for most organisations. That was that they were compelled to review the currency and efficacy of their Business Continuity Management (BCM) framework and implement (in real-time) their Business Continuity Plan (BCP).
Pen tests are frequently mentioned in the media, yet when they are reported, their results are never released. That keeps the results confidential and secure – and ensure hackers can’t decompile them for their own further nefarious uses. However, for the external viewer, there is always an element of mystery and IT technical complexity surrounding these tests.
Our Clients
