1. Audit context

Cyber attacks

Impact of cyber attacks

Public sector agencies are constantly at risk of cyber attacks.

Microsoft reports and analyses 43 trillion threat signals for its cloud computing products every day.

Cyber attacks can:

What we found

This section summarises our key findings. Sections 2 and 3 detail our complete findings, including supporting evidence.

In this report we do not specify which findings relate to which agency given the sensitive nature of the weaknesses we observed. But we have given each audited agency a detailed report about their own control deficiencies. 

When reaching our conclusions, we consulted with the audited agencies and considered their views. The agencies’ full responses are in Appendix A.

Our recommendations

We made 7 recommendations to address 3 key findings. The relevant agencies have accepted the recommendations in full or in principle or with qualifications. While our recommendations are directed to audited agencies, we expect all Victorian public sector agencies to implement them where appropriate.

2. The scheme

Conclusion

The scheme has partly achieved its objectives and generated economic value for the state. It has kept container freight traffic on rail but has not achieved any significant shift of freight from road to rail. 

The department’s publicly reported data on freight containers moved by rail under the scheme shows a decline against targets in recent years. 

The department’s assurance processes over publicly reported data on the scheme and related expenditure need improvement.