Auditor-General's Department South Australia Logo
Report 16 of 2021 (Published 26 October 2021)

Cloud computing in SA Government

We performed a high‐level review of seven agencies to understand the level and maturity of their cloud computing governance processes. We also looked at the extent of services and data that these

agencies have moved to a cloud computing environment, the type of cloud service models used and the associated costs.

We found that the level of governance over cloud computing exercised by most of the agencies we reviewed could be improved in the following areas:

  • some agencies do not perform risk assessments or relate with their ICT service team before engaging cloud computing service providers
  • most agencies were not performing annual independent assessments of their cloud computing service provider arrangements
  • some agencies had not developed or finalised cloud computing service level agreements for all established service provider engagements
  • some agencies had not developed or finalised cloud computing policies and procedures to support their current arrangements.

Click to open this report or right click and 'Save link as' to download

Report 15 of 2021 (Published 26 October 2021)

State finances and related matters

The 2021-22 State Budget was tabled in Parliament in June 2021. This Report provides our observations on the State’s public finances based on our review of the Budget. This involved:

  • reviewing the Budget against the SA Government’s stated fiscal strategy
  • analysing new budget measures and initiatives
  • examining Budget estimates and forecasts
  • analysing major assets and liabilities
  • analysing South Australia’s key fiscal measures compared to other Australian states
  • reviewing credit rating agency reports on South Australia.

Click to open this report or right click and 'Save link as' to download

Report 14 of 2021 (Published 12 October 2021)

Report on the Operations of the Auditor-General's Department for the year ended 30 June 2021

This Annual Report provides information on the Auditor-General’s Department’s activities and performance in 2020-21.

Click to open this report or right click and 'Save link as' to download

Report 13 of 2021 (Published on 12 October 2021)

COVID-SAfe Check-In review

This is a report on the controls applied to manage people’s contact details captured through the
COVID‐SAfe Check‐In app for contact tracing purposes. This covered both the Department of Premier and Cabinet and the Department for Health and Wellbeing’s data management, protection and disposal arrangements.

Overall, I concluded that reasonable controls were applied to protect people’s contact details obtained through the COVID-SAfe Check-In app.

The key findings and positive observations supporting my opinion are summarised in section 1.3 of the Report.

Click to open this report or right click and 'Save link as' to download

 
 
 
 
 
 
 
 
 
 
 
Report 12 of 2021 (Published on 12 October 2021)

Annual Report of the Auditor-General for the year ended 30 June 2021

This Report has four parts:

Part A – Executive summary contains the opinions the Auditor-General is required to give under section 36 of the Public Finance and Audit Act 1987.  It summarises the main matters from our annual audits of public sector agencies.  This includes significant financial outcomes, events and control matters communicated to agencies and small-scale specific reviews.  Part A also identifies any examinations we have conducted under section 32 of the Act.

Part B – Controls opinion explains the Auditor-General's controls opinion responsibilities and our approach to issuing this year's opinion.  It also comments on any significant control matters we identified in conducting our controls opinion audit program.

Part C – Agency audit reports summarises the outcomes of the audits of the agencies included in the Annual Report.  This includes a snapshot of each agency's key financial information and whether the financial statement opinion is modified or unmodified.  There is also commentary on any significant issues of administration, financial management and controls.  The financial statements of the agencies included in this report are published on this website (see link below).

Financial statements for the agencies we audit that are not included in this report will be published on this website progressively, as soon as reasonably practicable after we complete each audit.

Part D – Managing climate change in South Australia is an overview of aspects of climate change management in South Australia, including recommendations based on the observations I have made.

Report 11 of 2021 - (Published on 24 August 2021)

Examination of management of the Community Wastewater Management Systems Program

This is a report on the arrangements established by the Local Government Association of South Australia to manage the Community Wastewater Management Systems Program.

For the three‐and-a half-year period we examined, we concluded that overall, the Local Government Association of South Australia had not effectively managed the Community Wastewater Management Systems Program in a manner that demonstrated the purpose and objectives of the funding were met. 

Click to open this report or right click and 'Save link as' to download

 
 
 
 
 
 
 
 
 
 
 
Report 10 of 2021 - (Published on 8 June 2021)

ICT vulnerability management in South Australian public sector entities

This is a report on the results of a high-level review we conducted of 10 public sector entities to understand the level and maturity of their penetration testing and vulnerability scanning.  The review involved confirming the types of public facing ICT environments maintained by each entity, the number and frequency of testing and scanning reviews performed in the last three years, the resources used to perform these reviews and the level of remediation.

We found the entities we reviewed did not always effectively manage the penetration testing and vulnerability scanning of their public facing environments.

We also found that the level of penetration testing and vulnerability scanning conducted by most of these entities in the last three years was limited and ad hoc. We identified several environments holding sensitive information that were not tested or scanned.

While penetration testing and vulnerability scanning performed by these entities increased in the last 12 months, they need to further strengthen their overall management of vulnerability management security controls.

Click to open this report or right click and 'Save link as' to download

 
 
 
 
 
 
 
 
 
 
 
Report 9 of 2021 - (Published on 25 May 2021)

Probity of the processes for the heavy rail service contract

As explained in section 3 of this report, the objective of the examination was to conclude on the effectiveness of the procurement process for heavy rail passenger transport services for metropolitan Adelaide. To do this we assessed:

  • the probity of the process leading up to the awarding of the service contract for the provision of heavy rail passenger transport services in metropolitan Adelaide
  • whether the service contract met the requirements of the Passenger Transport Act 1994.

The conclusions are outlined in section 1.2 of the Report.

Click to open this report or right click and 'Save link as' to download

 
 
 
 
 
 
 
 
 
 
 
Report 8 of 2021 - (Published on 30 March 2021)

State finances and related matters

The 2020-21 State Budget was tabled in Parliament in November 2020. This Report provides our observations on the State’s public finances based on our review of the Budget. This involved:

  • reviewing the Budget against the SA Government’s stated fiscal strategy
  • analysing new budget measures and initiatives
  • examining the actual results for the past year, Budget estimates and forecasts
  • analysing major assets and liabilities
  • analysing South Australia’s key fiscal measures compared to other Australian states
  • reviewing credit rating agency reports on South Australia.

Our analysis is based on data provided in the 2020-21 Budget Papers supplemented with representations and information provided by Department of Treasury and Finance. The 2020‑21

Budget notes that the COVID-19 pandemic could substantially impact budget revenues and expenses and that forecasting financial outcomes in the present economic environment is particularly difficult.

Click to open this report or right click and 'Save link as' to download

 
 
 
 
 
 
 
 
 
 
 
Report 7 of 2021 - (Published on 30 March 2021)

Consolidated Financial Report review

The 2019-20 Consolidated Financial Report was published in February 2021 and it reports the SA Government’s actual financial performance and position for the year.

The review of the Consolidated Financial Report did not identify any material misstatements or control deficiencies. We did identify some opportunities to improve the way financial information is collected, validated and consolidated in preparing the Consolidated Financial Report.

Click to open this report or right click and 'Save link as' to download

 
 
 
 
 
 
 
 
Report 6 of 2021 - (Published on 16 March 2021)

Update to the annual report for the year ended 30 June 2020

This report summarises the audit outcomes for the 103 agencies I audited for 2019-20 that were not included in the Annual Report to Parliament in September 2020.

The report gives particular focus on agencies with:

  • a modified Independent Auditor’s Report
  • significant matters raised through the audit
  • other matters that, in my opinion, need to be brought to the attention of the Parliament and the SA Government.

Click to open this report or right click and 'Save link as' to download

 
 
 
 
Report 5 of 2021 (Published on 2 March 2021)

Adelaide Oval redevelopment for the designated period 1 July 2020 to 31 December 2020

This Report addresses the Auditor-General’s obligation to report on the Adelaide Oval Hotel development.

The review focussed on:

  • assessing the public accounts used to make loan funds available to AOSMA for the hotel development
  • whether loan funds were used for purposes allowed for under the loan agreement
  • arrangements put in place by AOSMA to manage hotel construction activity
  • the processes established by SAFA to manage the loan arrangement and ensure the obligations of AOSMA and the State are met.

Download

Report 4 of 2021 (Published on 16 February 2021)

Passenger transport service contracts - Heavy rail

The Auditor-General is required to examine the contract for providing heavy rail passenger transport services in metropolitan Adelaide and report on the probity of the process leading to a service contract being awarded.

This report provides an update on the status of his review and the circumstances impacting it.

Download

Report 3 of 2021 (Published on 2 February 2021)

Examination of cyber security - Port Augusta City Council

We examined the arrangements established by the Port Augusta City Council to manage cyber security.

We concluded that for the period December 2019 to March 2020, important internal control elements to mitigate cyber security and technology risks within the Council were not operating effectively.

Download

Report 2 of 2021 (Published on 2 February 2021)

Examination of cyber security - City of Prospect

We examined the arrangements established by the City of Prospect to manage cyber security.

For the period that we examined we concluded that important internal control elements to mitigate cyber security and technology risks within the City of Prospect were not operating effectively. We do acknowledge that the City of Prospect has a small IT team and budgetary constraints and that it implemented some controls over its core Enterprise Resource Planning and records management systems.

The City of Prospect responded positively to our recommendations and had already commenced some improvement activities prior to our examination. It continued those improvement activities during and after our examination.

Download

Report 1 of 2021 (Published on 2 February 2021)

Examination of cyber security - City of Port Adelaide Enfield

We examined the arrangements established by the Port Augusta City Council to manage cyber security.

We concluded that for the period December 2019 to March 2020, important internal control elements to mitigate cyber security and technology risks within the Council were not operating effectively.

Download