Local governments collect large volumes of sensitive data to deliver essential services to their communities.
As information and cyber security threats continue to evolve, it is important to take a proactive approach to security and the implementation of controls to protect valuable information and systems.
The Auditor General assessed 45 local governments, tabling the Information Systems Audit Report 2022 – Local Government Entities in Parliament on 28 June 2022. This was further to the Cyber Security in Local Government performance audit report which was tabled on 24 November 2021.
The audit report includes case studies which highlight how weak controls can potentially result in system breaches, loss of sensitive and confidential information, and financial loss. The six key areas raised are:
The extent of the matters identified in the report suggests all local governments need to review their processes, policies and guidelines against these key areas.
All local governments need to ensure they have policies and procedures that address ‘guiding principles’ of the better practice principles to manage cyber security risks the Auditor General provided in Appendix 1 of the Cyber Security in Local Government report.
Do not submit enquiries with this form.