IT brain drain hurting infosec in NSW planning agencies

By

Critical financial data "at risk", auditors find.

The NSW Audit Office keeps uncovering the same IT deficiencies within the state’s planning and environment portfolio, and has complained that agencies don't have the IT resources to fix them.

IT brain drain hurting infosec in NSW planning agencies

Acting auditor-general Tony Whitfield handed down his annual performance review into the cluster of NSW agencies - which includes the Department of Planning and Environment, the Office of Environment and Heritage, the Office of Local Government and various national park and heritage governance committees - today.

The majority of the 17 IT weaknesses the report uncovered are repeat offences, such as lax administration of user privileges, weak passwords and poor security around critical financial systems.

The situation is bad enough for the audit office to conclude that “the integrity and security of financial data in financial systems is at risk”.

The cluster took in revenue of $4.2 billion in the 12 months to 30 June 2015, and manages an asset portfolio worth roughly $12 billion.

Sign up to the iTnews newsletter to keep on top of breaking news

However, Whitfield and his team are not confident the portfolio is in a position to fix its troubles due to IT under-resourcing and an over-reliance on specific individuals within the many organisations bundled together into the cluster.

“IT resourcing constraints contributed to the high number of repeat IT issues,” the report stated.

“Many agencies are dependent on the expertise of a small IT team, or one person, to manage the financial systems.”

The auditors called on the portfolio’s top executives to put in place strategies to ensure agencies aren’t left high and dry by IT brain drain when experienced staff inevitably retire or move to another workplace, taking sometimes unique knowledge of systems and processes at the agency with them.

It wants to see staff cross-trained in multiple IT capabilities and formal processes put in place to centrally record IT information and transfer knowledge to other workers.

“Appropriate IT knowledge management processes equip staff with sufficient, accurate information to perform their roles, effectively manage IT risks and work in a resilient environment that adapts to change,” the report stated.

Got a news tip for our journalists? Share it with us anonymously here.
Copyright © iTnews.com.au . All rights reserved.
Tags:
auditor generalgovernmentnsw governmenttraining & development

Sponsored Whitepapers

See everything. Do more.
See everything. Do more.
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Lindentech Secures Digital Identity with Zero Trust and Microsoft Entra
Diamond IT Delivers GRC Transformation with Microsoft Purview
Diamond IT Delivers GRC Transformation with Microsoft Purview
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Linktech Powers Energy Trader’s Essential Eight Compliance in Just Eight Weeks
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy
Byte Delivers Future-Ready IT: Transforming Endpoint Security and Productivity with a Cloud-First Strategy

Events

Most Read Articles

Transport for NSW restructures tech division

Transport for NSW restructures tech division
Transport for NSW is under new tech leadership

Transport for NSW is under new tech leadership
Coles Group CTO, CDO to leave in early 2025

Coles Group CTO, CDO to leave in early 2025
Turnbull's Digital Transformation Office to cost $95m

Turnbull's Digital Transformation Office to cost $95m

techpartner.news logo
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Dave Stevens on Brennan's evolution and the need for Aussie tech unity
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
Sydney's ITKnocks on contact centre AI and the slow death of the IVR
"It's an exciting time to be part of the health and aged care sector"
"It's an exciting time to be part of the health and aged care sector"
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Insicon founder Matt Miller on the coming 'tsunami' of compliance and educating boards about cyber security
Orro claims Australia first with managed digital asset discovery service
Orro claims Australia first with managed digital asset discovery service

Log In

  |  Forgot your password?