By Sue Bushell

The Australian National Audit Office (ANAO) has given General Government Sector (GGS) agencies a cautious tick, finding that over the last 12 months agencies have noticeably improved their management of business continuity risks and IT systems.

The ANAO also says the majority of agencies have adequately addressed the areas of IT governance, security, system delivery, and Financial Management Information System (FMIS) and Human Resources Management Information System (HRMIS) application systems in 2006-07.

However, The Auditor-General's Annual Report 2006-2007 notes the ANAO has identified a range of control-related issues requiring attention by agency management, after its annual audits of governance of financial management responsibilities and internal controls, including IT systems.

All agencies have established key elements of control environments which provide a sound basis for effective financial management, and audit committees continue to positively influence the effectiveness of agencies' control environment, particularly in the areas of risk assessment, legislative compliance and financial system controls.

They also all have fraud control plans in place, although a small number of agencies needed to improve aspects of their fraud control arrangements.

"Overall there has been noticeable improvement in the management of business continuity risks," the report says.

However the report finds there is room for improvement in the areas of appropriations management' revenue and receivables' cash management' purchases and payables' human resource management processes' and asset management, although controls over business and accounting processes have been generally effective.

The ANAO rates its financial statement audit findings according to a risk scale, with audit findings which pose a significant business or financial risk, or financial reporting risk, to the entity and which must be addressed as a matter of urgency rated as 'A' findings. Findings that pose a moderate business or financial risk, or financial reporting risk, are rated as 'B' findings.

"Most agencies had areas of their control environment that required attention, although our interim audits found that there had been an overall improvement in agencies' financial and related controls. This has resulted in a reduction in the number of 'A' and 'B' findings compared with 2005-06," the report says.

There were three agencies with 'A' category audit findings in both 2006-07 and 2005-06; while the total number of 'A' category issues (excluding the Defence and Defence Materiel Organisation) was two in 2006-07 compared to nine in 2005-06. Meanwhile the report indicates that over the course of the year the ANAO issued 242 audit opinions of which 87 percent were issued within two days of signing the financial statements, and made 192 recommendations in its performance audit reports directed at improving agency performance and accountability.

"These recommendations were well received overall, with 99 percent agreed or agreed with qualification," the report says.