NSW Audit Office Report on Local Government

March 17, 2020

The NSW Audit Office 2019 audit report on the NSW local government sector contains unqualified audit opinions on the 2018–19 financial statements of 134 councils and 11 joint organisations.

The opinion for one council was disclaimed and three audits are yet to be completed.

What did the audit examine?

In addition to forming an opinion on councils’ financial statements, the audits examined the following risk areas:

  • Credit card management
  • Fraud controls
  • Gifts and benefits
  • Cyber security
  • Landfill rehabilitation

What did the audit find?

The report notes “pleasing indicators of the gradual strengthening of governance and financial oversight of the sector” but recommends improvements in the following areas:

  • preparing for new accounting standards
  • strengthening controls over information technology and cyber security management
  • asset management practices

What can we learn?

Irrespective of whether you’re in local government, state government, the private or not-for-profit sector, see how your own organisation stacks up against the Audit Office’s recommendations:

Strengthen the quality and timeliness of financial reporting

  • Allocate sufficient time and resources to the financial reporting process
  • Have appropriate systems, processes and resources to implement the new accounting standards

Improve governance and internal controls

  • Ensure audit recommendations are addressed in a timely manner. High risk issues need to be prioritised and repeat issues from prior years resolved
  • Have an audit, risk and improvement committee
  • Have an internal audit function to support a risk and compliance culture
  • Have a legislative compliance framework to capture and monitor compliance with key laws and regulations
  • Continue improving fraud control systems
  • Have adequate processes and controls to ensure compliance with a gifts and benefits policy and Code of Conduct

Strengthen IT controls and cyber security management

  • Ensure key IT policies are formalised and regularly reviewed to ensure emerging risks are considered and policies are reflective of changes to the IT environment
  • Ensure IT risks are identified and appropriately managed
  • Improve user access management processes to ensure that information systems are secure and that there are adequate controls for making changes to information systems
  • Implement at least the basic governance and internal controls to manage risks associated with cyber security

Improve asset management practices

  • Regularly update asset registers, reconcile asset registers with asset management systems and have suitable controls in place to ensure the integrity of manual spreadsheets
  • Start the asset valuation process earlier and ensure there is a clear plan to ensure valuations are managed and documented appropriately
  • Periodically reconcile asset registers to the Crown Land Information Database (CLID) and investigate any discrepancies in a timely manner
  • Review the methodology and assumptions in how they account for landfill sites

A copy of the full report can be found here.

Our Clients

Top