Government Weak on IT Security: WA Auditor General

New audit report finds 60% of WA govt agencies fail to meet IT security benchmarks

Tim Lohman (Computerworld)
16 April, 2009 17:26
Comments

The WA Office of the Auditor General has slammed the privacy practices of government agencies saying that in many, fundamental weaknesses in all of the key areas of information security are present.

The announcement follows the tabling in parliament of the Auditor General’s Information Systems Audit Report today.

The report consists of two parts, IS Compliance Audit, and General Computer and Application Controls Audits, both of which found serious concerns over the management of privacy and security.

Auditor General Colin Murphy said the results of the IS Compliance Audit section revealed fundamental weaknesses in all of the key areas of information security.

Specifically, the report found that three out of the five agencies lacked IT security policies, and none of the agencies consistently applied simple administrative controls such as police checks or confidentiality agreements for staff dealing with personal or sensitive information.

Also, none of the agencies had adequate controls over the transfer of personal and sensitive information to portable USB devices such as thumb drives which can be easily lost or stolen.

The results of the General Computer and Application Controls Audits section of the report, which reviewed 65 agencies and benchmarked 41 against accepted good practice for IS management, found that nearly 60 per cent of agencies failed to meet the benchmark. Some 46 per cent of agencies had not established effective controls for change management and 33 percent had not established effective controls for management of physical security. “By failing to address fundamental control weaknesses, agencies leave themselves vulnerable to computer system failures, unauthorised access to information, loss of information and fraudulent activity,” Murphy said in a statement.

“I expect agencies across government to take note of the findings and recommendations of this report.”

The report can be viewed here

Bookmark this page
Share this article
- facebook
- slashdot
- digg
- Reddit
- stumbleupon
- linkedin
- twitter
Got more on this story? Email CIO
Follow CIO on twitter

More about: Auditor General

References show all

Comments

Post new comment

Share
Share this article
- google+
- facebook facebook
- slashdot slashdot
- digg digg
- Reddit Reddit
- stumbleupon stumbleupon
- linkedin linkedin
- twitter twitter
print
email
Bookmark

Related Coverage

Related Whitepapers

Latest Stories

Community Comments

"I recently came across your blog and have been reading along. I ..."

Australia's first 4G smartphone is the HTC Velocity 4G
"I am crazy about this blog. I have visit so lots of ..."

Social networking, ignorance, and apathy
"Thanks in favor of sharing such a pleasant thinking, paragraph is nice, ..."

China's Alibaba sees big growth with AliExpress site
"I have a bully boss who even has a tshirt that says ..."

10 Tips for Dealing with a Bully Boss
"Good to know about the How to design a successful RACI project ..."

How to design a successful RACI project plan

Tags: audit, data breach, government, security, WA

Latest Blog Posts

Whitepapers

Becoming a Social Business
As global business accelerates ever faster and companies work to quickly respond to customer demands, competitive threats and rapidly evolving trends, the richness and efficiency of social collaboration plays a key role in enabling future success. The challenge then is finding the best approach. Read on.

Learn more »
Essar Group - Essar Group executives enjoy printing on the move
Essar Group’s senior management are constantly on the road. So it’s not surprising that the company has become a heavy user of mobile computing solutions to enable them to get their job done. The mobility and productivity of executives; enable them to easily print documents from any company location to any company printer using their smartphone. Read more.

Learn more »
Business Process Management, Service-Oriented Architecture, and Web 2.0: Business Transformation or Train Wreck?
As a result of more and more organisations adopting new technologies and business practices surrounding BPM, SOA, and Web 2.0, fundamental changes have arisen in the way IT and business stakeholders work together. Make this into an opportunity - read on.

Learn more »

All whitepapers

Most Read
Most Commented

Get exclusive access to Invitation only events CIO, reports & analysis.

Latest Jobs

Zones

Featured Whitepapers

Think print, Think security - Plugging the printer security gap

The widespread use of networked printers and multifunction peripherals (MFPs) which scan, print, fax, copy and email has increased productivity in the production of all types of business output. However, ...

Recent comments

"I recently came across your blog and have been reading along. I ..."
Australia's first 4G smartphone is the HTC Velocity 4G
"I am crazy about this blog. I have visit so lots of ..."
Social networking, ignorance, and apathy
"Thanks in favor of sharing such a pleasant thinking, paragraph is nice, ..."
China's Alibaba sees big growth with AliExpress site
"I have a bully boss who even has a tshirt that says ..."
10 Tips for Dealing with a Bully Boss
"Good to know about the How to design a successful RACI project ..."
How to design a successful RACI project plan

Follow CIO

Market Place

Cyber Security Summit 2012 | 1-3 August | Save $150 using promo code CSO | Check out agenda today

Gartner Security & Risk Management Summit, 16-17 July 2012, Sydney

Latest Jobs

Subscribe to CIO

Critical. Authoritative. Strategic. CIO magazine addresses the issues vital to the success of IT and business executives. Solutions-oriented editorial provides a greater understanding of the role IT plays in achieving corporate goals. Subscribe to the print edition today.

Download OPML file for import with all IDG RSS feeds

CSO Online Data Security Briefing

Government Weak on IT Security: WA Auditor General

Comments

Post new comment

Building trusted relationships

Planning your IT career

Taking the risk out of diversity

5 open source help desk apps to watch

How to create a clear project plan

IT service management going social

BYOD security: How to protect your business on the move

5 open source billing systems to watch

Face Time - Interview with John Brennan and Robert DiStefano

All Systems Down

IT service management going social

Australia's first 4G smartphone is the HTC Velocity 4G

Survey: Over 97 per cent of enterprise tablet users got an iPad in Q1

HP Business Efficiency - Money Payback Guarantee Resource Centre

The Australian Cloud

Think print, Think security - Plugging the printer security gap

The Pathways ICT Leadership Development Program Brochure and Curriculum 2012