Australian Audit Report November 25 2020

Major NSW govt agencies still without disaster recovery plans for all systems

Auditor finds at least seven agencies missing plans.

Audit Office of NSW Report: Internal controls and
governance 2020
Reported in: Major NSW govt agencies still without disaster recovery plans for all systems | iTnews
More reports from iTnews

A handful of the NSW government’s largest agencies are still without disaster recovery plans for all their IT systems and infrastructure, the state’s auditor-general has found:

• The audit assessed 40 of the largest agencies in the NSW public sector – which are responsible for the state’s most critical IT systems and around 85 percent of all expenditure – prior to the pandemic.
• While most agencies were found to have disaster recovery plans in place for “some or all of their critical IT systems” during 2019, 19 percent are still without such plans for all key IT systems.
• As the 40 largest agencies in the state, the audit notes that this means “there is no plan in place to recover some key IT systems and infrastructure that support critical agency functions”.
• The audit also found 43 percent of agencies had “not developed and tested their disaster recovery plans” during 2019.
• A further 23 percent of agencies were also found not to have conducted a business impact analysis (BIA), while 20 percent of those that had were only performing it on an ad-hoc basis.