Select Page

Audit: Australia Post told to improve cyber security practices | iTnews

Posted by | Jul 4, 2019 | , , , , | 0 |

Audit: Australia Post told to improve cyber security practices | iTnews

Australian Information Security Audit Report July 4 2019

Auditor says risk aren’t being managed “effectively”.

Reported in: iTnews

One of the reasons for this result was that despite having a fit for purpose cyber security risk management framework, the government-owned corporation had “not met the requirements of its framework”. Specifically Australia Post has “not effectively managed cyber security risks”, having not undertaken a “detailed security risk management assessment” on the two systems for two years.

“Australia Post has not met the requirements for ICT controls in its framework, having not implemented all specified key controls, and as a result has rated the overall cyber risk as significantly above its defined tolerance level,” the Australian National Audit Office (ANAO) said.

Details are contained in the  ANAO audit of cyber resilience published on the 4 July 2019

Source: Australia Post told to improve cyber security practices

Audit Report: ANAO Cyber Resilience of Government Business Enterprises and Corporate Commonwealth Entities published on the 4 July 2019

Rate:

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Related Posts

Incident: NSW court website involved in major data breach, 9,000 documents downloaded | ABC News (Australia)

Incident: NSW court website involved in major data breach, 9,000 documents downloaded | ABC News (Australia)

March 26, 2025

Australia Post Christmas parcel scam: What to look out for | news.com.au

Australia Post Christmas parcel scam: What to look out for | news.com.au

December 13, 2017

Incident: Vic councils’ after-hours call answering service breached – iTnews

Incident: Vic councils’ after-hours call answering service breached – iTnews

April 22, 2024

Incident: Queensland Police Service apologises to gun owners over mass data breach in Moreton region | ABC News (Australia)

Incident: Queensland Police Service apologises to gun owners over mass data breach in Moreton region | ABC News (Australia)

January 14, 2021

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Please follow the Source link to the original article to support the content owner. We only provide a brief summary with metadata to assist in categorisation.

More Australian News

Watchdog slams Health NZ and portal provider over dark web data leak
Watchdog slams Health NZ and portal provider over dark web data leak

NZ news The Privacy Commissioner found both entities failed to implement reasonable security safeguards to protect 100,000 patients. Watchdog slams … [...]

Film festival hack leaves thousands fearing identity theft
Film festival hack leaves thousands fearing identity theft

Melbourne’s most popular annual film festival has suffered a security incident impacting the personal information of nearly 27,000 filmgoers. On … [...]

How boards can manage AI risk without slowing innovation - AICD
How boards can manage AI risk without slowing innovation - AICD

Effective use of AI is contingent on maintaining a stable balance between planning, governance and cybersecurity. Boards are right to push hard on AI … [...]

Australia, Japan team up on cyber talks
Australia, Japan team up on cyber talks

Australia and Japan have accelerated their existing defence partnership through recent collaborative efforts surrounding cyber command, control and … [...]

Exclusive: Aussie workplace catering firm Hampr suffers alleged 360k record data breach
Exclusive: Aussie workplace catering firm Hampr suffers alleged 360k record data breach

The same hacker who allegedly compromised the Melbourne International Film Festival has posted customer records from a catering firm that serves … [...]

Scammer targets $900k WA land sale in overseas fraud attempt
Scammer targets $900k WA land sale in overseas fraud attempt

A scammer’s attempt to sell a $900,000 vacant plot of land they did not own has failed, after suspicious emails put multiple West Australian … [...]

Australian Cyber Aware - As It Was 2605 - May 2026
Australian Cyber Aware - As It Was 2605 - May 2026

This monthly review provides a curated summary of Australian and New Zealand cyber, privacy, and information security developments identified during … [...]

Exclusive: VSP Solutions responding to Stormous ransomware attack
Exclusive: VSP Solutions responding to Stormous ransomware attack

Aussie video security firm VSP Solutions says it has contained the incident after hackers claimed to have stolen and published 40 gigabytes of … [...]

Hacked! Melbourne International Film Festival responding to cyber incidents
Hacked! Melbourne International Film Festival responding to cyber incidents

MIFF releases statement after hacker claims to have breached the details of more than 340,000 customers. • Mon, 01 Jun 2026 • Security *]:clear-none … [...]

Damning report finds Manage My Health cyber attack was ‘largely preventable' | Stuff.co.nz
Damning report finds Manage My Health cyber attack was ‘largely preventable' | Stuff.co.nz

The Ministry of Health admits that a cyber attack that exposed highly sensitive patient information should never have happened. An independent review has found major gaps in security controls, weak [...]

Australia’s New ADM Transparency Obligation: OAIC Signals a Broad Reading Ahead of December 2026
Australia’s New ADM Transparency Obligation: OAIC Signals a Broad Reading Ahead of December 2026

On 18 May 2026, the Office of the Australian Information Commissioner (OAIC) released its Issues Paper on the new automated decision-making (ADM) … [...]

APRA and ASIC are clear that controls must keep pace with AI
APRA and ASIC are clear that controls must keep pace with AI

Australian Prudential Regulation Authority’s (APRA) call for a step change in managing AI risk is not fundamentally new. It reflects the familiar … [...]

Shares
Share This

Discover more from Australian Cyber Aware

Subscribe now to keep reading and get access to the full archive.

Continue reading