Commonwealth Department of Family and Community Services
Home | Newsroom | Contact FaHSCIA
FaCS making a difference
Annual Report homeSecretary's introductionTable of contentsUser guideAccessibilityAcronymsGlossary

 Annual Report 2001–02 

   Home       Contents         User's guide         PDF library   

Management and accountability     PDF (376kb)

Corporate governance | Enabling our people | Environmental management | External scrutiny | Financial management | Information strategies and technology management | < Internal controls > | Ministerial and parliamentary services | Partnerships for people | Right payments to the right people | Social Security Appeals Tribunal |

Internal controls

Internal audit | Risk management | Protective security | Management of ethical standards

In this section of the report, FaCS, Child Support Agency (CSA) and CRS Australia report on their risk management and ethical standards.

Internal audit

FaCS—internal audit

FaCS completed its third full year of internal audits and finalised 22 reports, including a backlog of outstanding audits from previous years. A panel of audit firms provided resources for conducting the audits.

Finalised audits examined:

  • selection of providers—Stronger Family and Communities Strategy
  • tendering and contract management (two audits were finalised)
  • protection and confidentiality of information
  • administered versus departmental funds
  • Chief Executive’s instructions
  • analysis and review of banking services and devolved banking (two audits were finalised)
  • business contingency planning
  • implementation of national client call management in the Child Support Agency
  • asset management in CRS Australia
  • business processes and case management in CRS Australia (two audits were finalised)
  • departmentally provided communications
  • physical security (spot audit)
  • management procedures for delayed legislation
  • management of funding to non-government organisations
  • security controls review of the financial management information system (two audits were finalised)
  • registry security
  • outputs required by departmental legislation and compliance with cabinet directives.

Other major activities included:

  • monitoring the implementation of recommendations from the Australian National Audit Office (ANAO), relevant Centrelink internal audits and FaCS internal audits
  • development and implementation of a new audit monitoring database to improve the process for following up audit recommendations.

In general, recent audit findings have indicated that the department’s processes continue to improve.

Child Support Agency—internal audit

Finalised audits examined:

  • tendering and contracting
  • the Child Support Agency’s Telephony Management Project
  • Chief Executive Instructions
  • devolved banking.

CRS Australia—internal audit

Audits examined:

  • service delivery business processes
  • contract management (final report pending)
  • use of government credit cards (final report pending).

BACK TO TOP

Risk management

FaCS—risk management

Integrated risk management approaches effectively manage potential opportunities and adverse consequences at all levels.

Achievements included:

  • beginning work to further develop the business continuity planning framework for FaCS, building on work conducted as part of the Y2K business continuity effort. The new framework will be implemented in early 2003
  • participating in two Comcover benchmarking risk management surveys (October 2001 and May 2002)
  • conducting a strategic risk assessment with the Executive Board in light of the new three-year FaCS Strategic Statement
  • integrating risk management within a new online business planning process.

Child Support Agency—risk management

The Child Support Agency conducts a rigorous risk assessment as part of the annual business planning cycle. The risk assessment is undertaken using the Australian Public Service (APS) Guidelines for Managing Risk and takes account of FaCS’s strategic risks and CSA’s strategic direction. The annual business plan outlines key business risks, their potential impact and strategies to address the risks.

The risk assessment for 2001–02 identified the following categories: staff support and management, technological infrastructure, client service, corporate governance and stakeholder management.

CRS Australia—risk management

CRS Australia’s corporate and business planning framework integrates risk assessment, treatment and monitoring as core planning activities. CRS Australia recognises it cannot eliminate risk; in many cases, costs would outweigh benefits.

Achievements included:

  • upgrading risk management policies, guidelines and toolkits available on the CRS Australia intranet site
  • participating in the May 2002 Comcover benchmarking risk management survey
  • implementing a manager’s self-audit package to enhance internal controls over a range of business and administrative functions.

BACK TO TOP

Protective security

FaCS—protective security

FaCS is updating its 2000–01 Security Action Plan with information obtained from a fraud/security risk assessment completed by all branches and offices.

Policy was developed and implemented to ensure FaCS’s information and assets are kept secure in accordance with Commonwealth guidelines. A staff awareness campaign supporting this policy was implemented.

During 2001–02, FaCS had no significant security incidents.

Child Support Agency—protective security

The Child Support Agency reached a new agreement with the Australian Taxation Office, with CSA assuming a more direct role in security management and implementation.

The Child Support Agency’s new security incident reporting procedures were operational for the full year. The first internal quality audit of the process was completed, resulting in some recommendations for further improvement. The audit indicates that staff are now generally more aware of the benefits of incident reporting and accuracy has improved.

CRS Australia—protective security

CRS Australia’s protective security framework is based on detailed risk assessments, as required by the Commonwealth Fraud Control Guidelines and the Protective Security Manual. Achievements included:

  • upgrading protective security policies, guidelines and toolkits available on the CRS Australia intranet site
  • completing combined fraud and protective security risk assessments
  • developing a protective security action plan for 2001–02.

BACK TO TOP

Management of ethical standards

FaCS—management of ethical standards

FaCS ensures staff observe the Australian Public Service Code of Conduct and takes appropriate action if it is determined that a breach has occurred. FaCS staff are aware that breaches of the code will be taken seriously and may result in disciplinary action.

FaCS ‘core’ completed 27 investigations to determine if a breach of the code had occurred. Of these:

  • nine investigations found no breach had occurred
  • four investigations resulted in counselling for the officers concerned
  • seven investigations resulted in a fine for the officers concerned
  • two officers on transfer from other agencies returned to their own agency before completion of the investigation
  • one officer resigned before completion of the investigation
  • four investigations resulted in termination of employment, one of these being an ongoing FaCS employee and three being external agency contractors.

The 18 breaches of the code resulted from inappropriate use of the Internet.

FaCS’s awareness program reminds staff of their obligations under the department’s Internet access policy and the consequences of inappropriate use of the Internet. The policy is available to all staff electronically. Staff engaged by the department are required to acknowledge receipt of the Australian Public Service Code of Conduct, the APS Values, and the Internet access policy in hardcopy form.

FaCS purchased, and is progressively introducing, new Internet monitoring and blocking software that significantly limits the prospect of employees, either deliberately or inadvertently, accessing material that could be inappropriate for the workplace.

Child Support Agency—management of ethical standards

All existing and new Child Support Agency staff are provided with fraud prevention and awareness training. During 2001–02 this training was conducted in all CSA sites.

Child Support Agency staff are provided with the Australian Public Service Code of Conduct on commencement and the values of this code of conduct form the basis of CSA’s entry level training program.

CRS Australia—management of ethical standards

CRS Australia’s staff are provided with copies of the Australian Public Service Code of Conduct on commencement with CRS Australia and are reminded of their responsibilities as part of the National Corporate Induction. CRS Australia staff are aware that breaches of the code of conduct will be taken seriously and may result in the imposition of sanctions under the Public Service Act 1999.

One investigation was completed, finding that a breach had occurred. A sanction of ‘reassignment of duties’ was imposed.

CRS Australia’s policy on breaches of the code of conduct is published on its intranet and is available to all staff.

BACK TO TOP

PREVIOUS: Information strategies and technology management
NEXT: Ministerial and parliamentary services


Annual Report 2001–02 home | Secretary's introduction | Table of contents | User's guide | Accessibility | Acronyms | Glossary
Copyright & Disclaimer | Privacy policy | Contact us | FaHCSIA home

© Commonwealth of Australia, 2002. This page last updated 17 September 2002.