Annual Report 2018–19

Tabled: 29 August 2019

2 Increasing our relevance


Our objectives

Our directions What success looks like


Be more relevant by delivering credible and authoritative reports and advice about things that matter and will make a difference

Modernise our auditing methods

Explore our full mandate

Take a longer-term perspective

Our audit program effort is targeted across efficiency, effectiveness, economy and compliance

The benefits realised by the public sector show an increased return on investment from our audit work

To strengthen accountability, transparency and integrity in the public sector we have to ensure that our reports and advice are relevant and timely. We are ensuring our audit program covers our full mandate and balances efficiency, effectiveness, economy and compliance.

A better coordinated mix of audit topics allows us to take a longer view of complex problems and makes our work more valuable. It is also important that we keep our practices up to date. This year we invested in updating our financial audit methodology to reflect the most recent changes to standards and the emergence of data-driven audit approaches.

2.1 Acquitting our 2018–19 work program

Performance audit

This year we tabled 27 performance audit reports in parliament. Eighteen of these were listed in our Annual Plan 2018–19, including one follow-up audit, and nine were from our Annual Plan 2017–18.

Four audits were not tabled during the year as planned. Two audits were delayed due to resourcing issues and/or challenges in accessing and analysing data (Cenitex: Meeting Customer Needs for ICT Shared Services and Enrolment Processes at Technical and Further Education Institutes). One audit, Managing Registered Sex Offenders, has run late and the remaining audit, Market-led Proposals, was intentionally extended. Once we began analysing the relevant data it became clear that more time was needed to complete a meaningful audit. All four of these audits are scheduled to table in the first half of 2019–20.

2018–19 performance audit reports tabled: by sector

CA.PNG Central Agencies and Whole of Government
Contract Management Capability in DHHS: Service Agreements* (report 11,
September 2018)
Security of Government Buildings (report 21,
May 2019)
State Purchase Contracts* (report 12,
September 2018)
Education.PNG Education
Professional Learning for School Teachers* (report 15,
February 2019)
School Compliance with Victoria's Child Safe Standards (report 31,
June 2019)
School Councils in Government Schools* (report 3,
July 2018)
Environment.PNG Environment and Planning
Follow Up of Oversight and Accountability of Committees of Management (report 7,
September 2018)
Managing the Environmental Impacts of Domestic Wastewater (report 10,
September 2019)
Managing the Municipal and Industrial Landfill Levy* (report 2,
July 2018)
Recovering and Reprocessing Resources from Waste (report 27,
June 2019)
Security of Water Infrastructure Control Systems ($) (report 22,
May 2019)
Health.PNG Health and Human Services
Access to Mental Health Services* (report 16,
March 2019)
Child and Youth Mental Health (report 26,
June 2019)
Managing Private Medical Practice in Public Hospitals (report 30,
June 2019)
Managing Rehabilitation Services in Youth Detention* (report 4,
August 2019)
Security of Patients' Hospital Data (report 23,
May 2019)
Transport.PNG Infrastructure and Transport
Compliance with the Asset Management Accountability Framework (report 20,
May 2019)
Melbourne Metro Tunnel Project—Phase 1: Early Works ($) (report 28,
June 2019)
Justice.PNG Justice and Community Safety
Crime Data* (report 6,
September 2018)
Police Management of Property and Exhibits (report 5,
September 2018)
LG.PNG Local Government and Economic Development
Delivering Local Government Services (report 8,
September 2018)
Fraud and Corruption Control—Local Government (report 29,
June 2019)
Local Government Assets: Asset Management and Compliance (report 19,
May 2019)
Local Government Insurance Risks* (report 1,
July 2018)
Outcomes of Investing in Regional Victoria (report 17,
May 2019)
Reporting on Local Government Performance (report 18,
May 2019)
Security and Privacy of Surveillance Technologies in Public Places (report 9,
September 2018)

Key: * indicates audits from our Annual Plan 2017–18. ($) indicates follow-the-dollar audits.

We cancelled one audit from our 2018–19 Annual Plan, on sharing information to address family violence. We will continue to monitor risk in relation to the family violence information sharing scheme through our planned 2019–20 audit Managing Support and Safety Hubs and the legislated independent review of the Family Violence Information Sharing Scheme by Monash University. The terms of reference for this review mirrored our planned audit and we judged that it would not be the best use of resources to duplicate the work.

Financial audit

In 2018–19, we issued 532 audit opinions on the financial statements of public sector agencies. We also issued 110 audit opinions on the performance statements of local councils, water agencies and technical and further education institutes.

We tabled four parliamentary reports on the results of our financial audits. In previous years we have produced six reports, but due to the 2018 state election and early closure of parliament, we included a summary of our results for the water and public hospital sectors in our Auditor-General's Report on the Annual Financial Report of the State of Victoria: 2017–18.

2018–19 reports tabled on the results of financial audits

Auditor-General's Report on the Annual Financial Report of the
State of Victoria: 2017–18
(report 13, October 2018)
Results of 2017–18 Audits: Local Government (report 14, December 2018)
Results of 2018 Audits: Technical and Further Education Institutes (report 25, May 2019)
Results of 2018 Audits: Universities (report 24, May 2019)

2.2 Improving our performance and the benefits of our work

Balancing our performance audit program

To maximise the value we provide to parliament, the public sector, and the community, we focus our resources on the areas where we can have most impact. It is important that we explore our full mandate of economy, efficiency, effectiveness and compliance audits.

Our Annual Plan 2019–20 is our third annual plan that sets out three years of planned audits, a well-received approach. It makes our short and medium-term goals and priorities clear to our stakeholders. We dedicated more time and resources to understanding the environmental context at the start of the annual planning process, which has improved the scope and selection of our audit topics. We increased engagement across the year with our stakeholders at an informal level, which has meant we have needed fewer formal consultations.

We use a rigorous assessment process to choose our topics and aim to balance predictability and responsiveness. Recently, we sought to rebalance our performance audit program with more targeted reviews focusing on efficiency, such as Delivering Local Government Services and Enrolment Processes at Technical and Further Education Institutes. We have also focused on issues of current public concern, such as fraud and corruption, cybersecurity and sexual harassment.

Our data analytics team developed new annual planning dashboards, shown below, which aided our planning process this year. These visual dashboards helped us better align our work program with our planning objectives by linking publicly available datasets from different sources and integrating variables such as risk and materiality, resource requirements, audit agencies and audit types. This provides us with better information to drive our decision-making for a more relevant work program.

Image is an example of our dashboards

Tracking our performance audit recommendations

Every year we do a follow-up survey to determine if agencies are acting on our audit recommendations. We issued the 2018 survey to 74 agencies, seeking feedback on 53 audits with 503 recommendations, from 2014–15 through to 2016–17. We received completed surveys from 58 agencies (78 per cent), addressing 441 recommendations (88 per cent of all recommendations), none of which had been rejected by agencies.


98% of responses Star.PNGindicated that overall the audit added value to their organisation or the sector.
This is an improvement of 5% on the previous year.

Agencies advised that Target.PNG96% of audit recommendations are focused on the root cause of the issue. Where agencies felt they were not well focused it was due to recommendations being either too narrow and not considering the organisation as a whole, or being too broad and not applicable to the individual agency.
This is an improvement of 9% on the previous year.

66% of the 441 Microscope.PNGrecommendations had been implemented in the past year. This is an improvement of 10% on the previous year. A further 22% of recommendations are more than half way towards full implementation.

On average, agencies tGraph.PNGook 205 days (or 6.8 months) to implement a recommendation. This was an improvement of more than a year from our 2017 results (1 year, 8 month average).

For 8% of recommendationsComputer.PNG, agencies changed their intended actions. This was commonly because a broader review of the system was underway or because ICT upgrades had made the agreed actions obsolete.
In the previous year this was 15%.

28% of agencies said there Map.PNGwere constraints on their ability to fully realise the value of the recommendation. Common issues included a lack of available funding and resources, increasing workloads and competing demands.
This is in line with our results from last year.

Modernising our financial audit methodology

One of our major projects this year was to review and update our financial auditing methodology. It had become outdated and needed refreshing.

Some of the auditing standards used as a basis for our previous methodology were not created with the public sector in mind. This resulted in some unnecessary procedures and effort.

Our updated methodology addresses these issues. It is more streamlined, allowing our auditors to be more effective and efficient. It is better focused on key risks and uses decision aids to help auditors best target their audit program. We also integrated data analytics into the planning procedures.

The new process has four stages: engage, plan, implement and conclude (EPIC). Staff were trained in November 2018 and May 2019. The new methodology is already being piloted in selected audits. Early feedback suggests that auditors find it more efficient.

Our next step is finding the best audit software to complement the new methodology. We are currently evaluating options. In the coming year, we will select and begin to implement new, modern audit software to support our new audit approach.

Developing our financial audit dashboards

This year we developed the first version of our financial audit dashboard. Dashboards are valuable audit tools. As well as freeing staff up from manual data collection and analysis, it can help them pinpoint areas of concern and focus on the right things.

This innovative and ambitious approach, often known as audit data analytics, allows us to automate the collection and analysis of massive amounts of data for auditors. When complete, it will streamline a range of manual audit tasks.

This year we began systemically collecting financial data from 35 of our larger audit clients for the dashboard. Contributing agencies can provide data in almost any format, through a secure IT portal. We then transform their data into a common format for analysis and check it for completeness

This approach allows us to be more thorough. Traditional auditing methods rely on transaction sampling for analysis. With our new approach, we can quickly process and analyse 100 per cent of our clients' financial records. Another benefit of this innovative approach is that it allows us to run many tests against the data for signs of potential fraud or errors. These can yield insights into unusual patterns of financial transaction activity to bring to management's attention for follow-up.

A data analytics capability needs a large amount of computer processing power and storage. Recent improvements in our IT approach will enable a secure and scalable data analytics environment. This includes strengthening our data security and protecting access to our dashboards.

Image is an example of our dashboards

Back to Top