Select Page

Audit: None of NSW’s lead cluster agencies have implemented all Essential Eight controls | ZDNet

Audit: None of NSW’s lead cluster agencies have implemented all Essential Eight controls | ZDNet

Australian Audit Failure November 01 2021

None of New South Wales lead cluster agencies have implemented all Essential Eight controls

Premier and Cabinet, Communities and Justice, Customer Service, Education, Planning, Regional NSW, Health, Treasury, and Transport

Audit Office of New South Wales Report: Compliance with the NSW Cyber Security Policy
Reported in: None of NSW’s lead cluster agencies have implemented all Essential Eight controls | ZDNet

Read more reports from Audit Office of New South Wales and other Audit Reports

E8 NSW Agencies

The cybersecurity policy for New South Wales government agencies is not sufficiently robust which is a cause for “significant concern”, according to the state’s auditor-general Margaret Crawford.

  • None of New South Wales lead cluster agencies have implemented all Essential Eight controls
  • No participating agency has implemented all of the Essential 8 controls at level one or above
  • The agencies have also failed to reach even level one maturity for at least three of the Essential Eight strategies

“Key elements to strengthen cybersecurity governance, controls, and culture are not sufficiently robust and not consistently applied. There has been insufficient progress to improve cyber security safeguards across NSW government agencies,” the auditor-general wrote in a compliance report about the state’s cybersecurity capabilities.

Crawford warned that overstating the effectiveness of an agency’s cybersecurity capabilities could undermine the ability to address cyber risks and ultimately expose them to cyber attacks.

 

About The Author

Steven Kirby

I provide independent and practical consultancy services through raising awareness and fostering the energy for change that delivers improved business management of information security governance, risk and compliance.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More Australian News

Weekly Australian News and Monthly Incident Review Emails

No advertisements, marketing, sales, or unsolicited emails. Your email address is ONLY used to send the publications listed above.

* indicates required


Shares
Share This