The ANAO on Tue 24.6.2014, released its report No 50 of 2013-14 Cyber Attacks: Securing Agencies’ ICT Systems. Agencies included in the audit included the ATO, ABS, Customs, and the Australian Financial Security Authority.
The report found the agencies subject to audit had established internal information security frameworks, implemented controls designed to safeguard the enterprise ICT environment from external cyber attack, and had stipulated change management processes to authorise the implementation of security patches for applications and operating systems. The ATO agreed with the ANAO’s overall assessment and agreed with its recommendations. The report made 3 recommendations.
[LTN 119, 24/6/14]