1. Context

Read more about 1. Context

The Framework sets out minimum requirements and guidance for individual agencies to manage their own risks. It also sets out the arrangements for agencies to manage risks they share with others, including SSRs.

The Framework describes SSRs and agency roles and responsibilities for coordinating their responses. It sets out the roles and responsibilities for 2 cross-agency coordinating groups ‒ the Risk Committee and the Secretaries' Board.

What we found

Read more about What we found

This section summarises our key findings. The numbered sections detail our complete findings, including supporting evidence.

When reaching our conclusions, we consulted with the audited agencies and considered their views. The agencies’ full responses are in Appendix A.

Our recommendations

Read more about Our recommendations

We made 5 recommendations to address 3 issues. The relevant agencies have accepted our recommendations in full or in principle.

Appendix C: Audit scope and method

Read more about Appendix C: Audit scope and method

Download a PDF copy of Appendix C: Audit scope and method.

Appendix B: Abbreviations, acronyms and glossary

Read more about Appendix B: Abbreviations, acronyms and glossary

Download a PDF copy of Appendix B: Abbreviations, acronyms and glossary.

Appendix A: Submissions and comments

Read more about Appendix A: Submissions and comments

Download a PDF copy of Appendix A: Submissions and comments.

2. Detecting and responding to fraud and corruption

Read more about 2. Detecting and responding to fraud and corruption

All departments have processes for investigating and reporting fraud and corruption incidents when they have been alerted to them by individuals.

Most departments test their procurement data to look for procurement and financial errors. However, only 2 departments use data analytics tests that specifically focus on proactively detecting fraud and corruption risks.

1. Preventing fraud and corruption

Read more about 1. Preventing fraud and corruption

All departments have controls to prevent, detect and investigate fraud and corruption during the procurement process. Examples of these controls include running fraud and corruption training for new employees and having internal processes to report procurement and integrity matters to senior management.

However, departments are at different stages in making sure their controls work as they intended them to. In particular, not all departments make sure that: