Appendices - Department of Business - Northern Territory Government

More documents

Recommendations

Info

APPENDICESAPPENDIX IIAudit Audit Outcome or Recommendation Summary ActionGovernment Accounting System (GAS)Controls Audit 2008–09NT Fleet Interim Financial Statement Audit2009–10NT Fleet IT Controls ReviewSystem of internal control in respect of the centralmaintenance of the Government Accounting Systemwas found to be satisfactory.The Auditor-General conveyed concerns regardingthe possibility that internal controls were overriddenresulting in duplicate payments for 2008–09. Anassurance that system controls had not beenoverridden and duplicate payments were not aproblem in 2009–10 was requested.Residual values or projected prices of heavy vehiclesand machinery recorded in the Fleet BusinessSystem (FBS) may require review.It is possible to delete accounts payable and accountsreceivable journal entries recorded in FBS.Regular review of Fleet Business System (FBS)datasets should be undertaken.Access to the FBS DB2 production databaseshould be reviewed.User maintenance procedures for the FBSshould be improved.Business Continuity Plan policy and processare yet to be finalised.A letter of assurance was provided to the Auditor-General outlining that internal controls were notsystemically overridden and duplicate payments werenot an issue in 2009–10.Procedures are in place to assess valuations duringnormal servicing. Material differences between writtendown value and projected sale price are correctedin BBS through an adjustment in depreciation andreflected in future lease payments.Incorrect journals cannot be reversed in FBSrequiring them to be deleted before being re-entered.Only the external programmer is able to deletejournals on request and the process is auditable.Fleet Business Systems datasets will be reviewedand those no longer required will be removed.A timetable has been developed for the SystemAdministrator to review FBS datasets and useraccess on a quarterly basis.A user access approval form will be developed toimprove RACF procedures for FBS user access.In consultation with DBE and Fujitsu, IT continuityplans will be developed for administrative support andrestoration of NT Fleet systems and user facilities.Department of Business and Employment Annual Report 2009–10186
appendicesAPPENDIX IIAudit Audit Outcome or Recommendation Summary ActionIT Controls Audit Year ending 30 June 2010Salary Processing Services (PIPS)Compliance 2010The reviewing and interpreting of security logsand events is not formalised and depends onindividual judgment.Security policies were not closely aligned withrecognised standards, policies do not appear to beconsistently reviewed or published on the intranetand compliance management plans do not measurecompliance with security policies and procedures.There is no centralised security managementframework or role within Data Centre Services.Controls over the review and follow up of PIPSexception reports are not always followed up.Controls over the commencement of new employeesand termination of employees could be enhanced.The implementation of a security event managementsystem and the most appropriate means to enhancenetwork security management will be investigated.ICT Security Policies and Standards were reviewedand a rolling upgrade and maintenance programwill commence. Security policies and standards willcontinue to be communicated to service providersand agencies and published on the intranet.A central security manager will be established tofocus on security management activities.The control guide will be reviewed and amendedto manage the exception report process better,especially for nil reports.Compliance with procedures will be reiteratedto staff and a protocol to access records notheld by DBE will be developed in conjunctionwith the Auditor-General’s Office.Department of Business and Employment Annual Report 2009–10187
Page 1 and 2: AppendicesDepartment of Business an
Page 3 and 4: appendicesAPPENDIX IService Cost Me
Page 5: appendicesAPPENDIX IIAudit Audit Ou
Page 9 and 10: appendicesAPPENDIX IVSelf-Insurance
Page 11 and 12: appendicesNORTHERN TERRITORY RESEAR
Page 13 and 14: appendicesAPPENDIX ViLorna Nungala
Page 15 and 16: appendicesAPPENDIX VIIBusiness Grow
Page 17 and 18: appendicesAPPENDIX VIITrade Support
Page 19 and 20: appendicesAPPENDIX VIIIIndustry Ass
Page 21: appendicesAPPENDIX IXNon-Government

Appendices - Department of Business - Northern Territory Government

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?