Audit: Australia Post told to improve cyber security practices | iTnews

Audit: Australia Post told to improve cyber security practices | iTnews

Australian Information Security Audit Report July 4 2019

Auditor says risk aren’t being managed “effectively”.

Reported in: iTnews

One of the reasons for this result was that despite having a fit for purpose cyber security risk management framework, the government-owned corporation had “not met the requirements of its framework”. Specifically Australia Post has “not effectively managed cyber security risks”, having not undertaken a “detailed security risk management assessment” on the two systems for two years.

“Australia Post has not met the requirements for ICT controls in its framework, having not implemented all specified key controls, and as a result has rated the overall cyber risk as significantly above its defined tolerance level,” the Australian National Audit Office (ANAO) said.

Details are contained in the  ANAO audit of cyber resilience published on the 4 July 2019

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

View my Flipboard Magazine.

Click on the image for more

Dad's Password
Shares
Share This