The investigation is complete. The findings are clear. Your organisation – established to care for vulnerable individuals – has failed to prevent an incident of misconduct. Now comes the harder question: what next?
The investigation is complete. The findings are clear. Your organisation – established to care for vulnerable individuals – has failed to prevent an incident of misconduct. Now comes the harder question: what next?
From 17 November 2025, the revised Commonwealth Procurement Rules (CPRs) have reshaped how Australian Government entities approach procurement, particularly through panels like the Management Advisory Services (MAS) panel.
The changes place particular focus on engaging Australian-owned small and medium enterprises (SMEs), giving them priority in lower-value work and embedding stronger ethical considerations into value-for-money assessments.
Not-for-profit (NFP) organisations hold extremely sensitive data about donors, vulnerable beneficiaries, volunteers, and staff, yet often operate with limited IT resources and expertise.
Not having the right cybersecurity controls in place can lead to financial loss and/or reputational damage; the time it can take to fix a problem is time better spent working on and in your business.
The October 2025 Quarterly Risk Compass identifies four critical audit priorities—AI governance frameworks, major project delivery scrutiny, procurement ethics and value-for-money, and citizen-centric service delivery—that are reshaping internal audit focus across government and organizational sectors.
NFPs in aged care and disability support face existential reputation risks that can unravel years of community trust within days, making proactive misconduct prevention and transparency systems not just compliance overhead but essential strategic infrastructure for protecting their mission.
NFP Board Directors often arrive with passion and good intentions but lack governance experience, leading to either hands-off oversight that misses operational risks or hands-on involvement that obscures strategic threats—both resulting in Boards asking "why didn't we know sooner?" when preventable crises emerge.
The convergence of digital and physical infrastructure means the security of our national assets is more than just a matter of protection—it's a foundation for community resilience, public trust, and uninterrupted government services. For Federal, State, and Local government entities, safeguarding critical infrastructure—including water supply, energy networks, transport systems, public facilities, and sensitive data—is essential. These assets underpin daily life, economic stability, and the well-being of every Australian.
A serious allegation of workplace misconduct lands on your desk at 9am on a Monday. A staff member claims their supervisor has been falsifying client records. Another team member heard about it and the story is spreading. The accused is demanding to know who made the complaint. Your Board wants answers, and you're realising you've never dealt with a situation like this before.
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) has recently released its Annual Cyber Threat Report 2024–2025 which provides insights into the cybersecurity and cybercriminal landscape in Australia. While most organisations are undertaking a range of good activities for Cyber Awareness month the report is a timely reminder of the need to be cyber safe every day of every month.