Audit: NSW govt blasted for failing councils on cyber security | iTnews

Audit: NSW govt blasted for failing councils on cyber security | iTnews

Australian Audit Report October 09 2020

New South Wales government blasted for failing councils on cyber security.

Audit “complete lack” of support for IT security.

Audit Office of NSW Report: Report on Local Government 2019
Reported in: NSW govt blasted for failing councils on cyber security | iTnews
More reports from iTnews

Local Government NSW (LGNSW) has criticised the state government for failing to provide councils with adequate support to address increasing cyber security threats.

Councils should:

  • ensure key IT policies are formalised and regularly reviewed to ensure emerging risks are considered and policies are reflective of changes to the IT environment
  • ensure IT risks are identified and appropriately managed
  • improve user access management processes to ensure that information systems are secure and that there are adequate controls for making changes to information systems
  • implement at least the basic governance and internal controls to manage risks associated with cyber security.

The submission cited a recent audit that found 80 percent of councils were without a cyber security policy or framework, while 76 percent had not delivered cyber security training to all staff.

The Office of Local Government is now working with Cyber Security NSW to develop a standardised cyber security policy for all 128 councils by July 2021, which LGNSW supports.

The peak body has also called on the government to provide “standardised cyber security training” to ensure council IT systems are protected from inappropriate access and misuse.

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.


  1. Audit: Dozens of NSW councils still without basic cyber security controls, audit finds | iTnews - Australian Information Security Awareness and Advisory - […] While the result is an improvement on last year, when 80 percent of councils were found to have no…

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

View my Flipboard Magazine.

Click on the image for more

Dad's Password
Share This