2. Implementing fraud controls
Conclusion
Councils do not always follow processes for staff or councillors to declare conflicts of interest, use eligibility criteria to select recipients, document decision-making or evaluate the outcomes of their grant programs. This means that they are not consistently using fraud controls when delivering grants, which undermines the transparency and fairness of their programs.
Councils’ guidance to staff and councillors who administer grants is insufficient.
1. Audit context
The law requires, and communities expect, councils to deliver grant programs with integrity and accountability.
A person or entity that fraudulently gets an unjust advantage over other applicants undermines the fairness of a grant program. Fraud controls help councils prevent, detect and respond to fraud-related risks.
This chapter provides essential background information about:
Appendix C. Scope of this audit
Who we audited | What the audit cost |
---|---|
DELWP, DET, DHHS (DFFH and DH), DJCS, DJPR, DoT, DPC, DTF and Cenitex | The cost of this audit was $800 000. |
What we assessed
This audit used the following lines of inquiry and criteria:
Appendix D. Departments’ BIAs, BCPs and exercising
BIAs prior to COVID-19
Figure D1 outlines our assessment of departments’ BIAs prior to COVID-19.
FIGURE D1: Our assessment of departments’ BIAs prior to COVID-19
Appendix B. Acronyms and abbreviations
Acronyms | |
---|---|
BCM | business continuity management |
BCP | business continuity plan |
BIA | business impact analysis |
DEDJTR | Department of Economic Development, Jobs, Transport and Resources |
DELWP |
3. Response to COVID-19
Conclusion
Departments responded quickly and flexibly to COVID-19 and continue to do so. Departments’ BCM processes, structures and strategies have helped them quickly set up teams, make decisions and communicate to staff.
However, departments were not sufficiently prepared for a complex disruption. This meant they had to invest resources into developing documents, streamlining processes, upgrading technology and transitioning to remote working during the early stages of the pandemic.
2. Preparedness for a disruption
Conclusion
The VPS was not adequately prepared for the COVID-19 pandemic.
The VPS had limited central oversight and leadership on business continuity. This meant that it was not able to harness lessons learnt across all departments, and departments did not have a clear understanding of whole of government business continuity priorities in a large-scale disruption.