QAO Audit Update

Challenges for the changing public sector

28 November 2013

80 George St, Brisbane

Agenda

• QAO Update

– Anthony Close, Deputy Auditor-General

• Accountability in a changing public sector

– Michael Keane, Director – Central Agencies

• Delivering services efficiently

– Mayus Nath, Director – IS Risk and Data Analytics

– Andrew Spina, Deputy Director-General – DSITIA

QAO Update

Anthony Close

Deputy Auditor-General

Overview

• Our Public value

– QAO key audit products and services

• Strategic Audit Plan

Our Public Value

Reports to Parliament

Performance Audits

Results of Financial Audits

Strategic Audit Plan

Public Sector Audit

Financial Audits

Certifications

Controls Assurance

Specialist Services

Data Analytics IS Risk Treasury Tax

Corporate Services

Audit Support Information Technology

Finance Human

Resources

Audit Products

Advice to Parliament

Committee Advice

MP Advice

Referrals

Sector Corporate Stakeholder

Management Clients Community Industry Government Professional

Strategic Audit Plan

Strategic Audit Plan

Agriculture, Resources and Environment

22%

Education and Innovation

10%

Finance and Administration

7%

Health and Community

Services 16%

Legal Affairs and

Community Safety

9%

State Development, Infrastructure and Industry

12%

Transport, Housing and

Local Government

18%

#N/A 6%

26% response

rate to our

requests

Strategic Audit Plan

Strategic Audit Plan

Strategic Audit Plan

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

Topic consultation

Assess topics and finalise draft Plan

Consultation on draft Plan

Plan published

For More Information

www.qao.qld.gov.au

– Audits in Progress

– Completed Reports

Accountability in a changing

public sector

Report to Parliament 6: 2013-14

Internal control systems

Michael Keane

Director – Central Agencies

Internal Controls 2012-13 (Report 6: 2013-14)

• CFO certification

• Internal audit

• Audit committees

• Corporate cards

Internal Controls Framework

CFO Certification – Audit findings

• Most departments had robust CFO certification

processes

• Improvements in the following areas:

– Design of the process – top down risk assessment

– Consulting earlier with the Director-General

– Clearly aligning significant financial reporting risks

with relevant account balances and key internal

controls being assessed

Internal audit resourcing against benchmarks

DT

ES

B

DP

C

DA

TS

IMA

DE

WS

D

EH

P

QT

T

DL

G

DS

DIP

DN

PR

SR

DA

FF

DN

RM

D

JA

G

DS

ITIA

D

CS

QP

S

DC

CS

DS

DH

PW

DT

MR

DE

TE

Do

H

0%

25%

50%

75%

100%

125%

150%

175%

200%

IA R

eso

urc

ing

agai

nst

be

nch

mar

ks

Departments

Potential over resourcing of IA

Within benchmark

Potential under resourcing of IA

IA Recommendation status

0

10

20

30

40

50

60

70

80

Not yet due 0 - 90 days 91 - 180 days 181 - 365 days Over 365 days

No

. of

au

dit

re

com

me

nd

atio

ns

Rated as high risk or priority 1 Rated as medium risk or priority 2

Audit Committee - external membership

0

1

2

3

4

5

6

7

8

9

10

No

. of

aud

it c

om

mit

tee

me

mb

ers

Departments

External members Internal members

Card expenditure against supplies and services

34%

18% 16%

12% 12% 11%

8% 7% 6% 5% 5%

4% 3% 3% 3% 3% 2% 2%

0.4% 0.2% 0%

5%

10%

15%

20%

25%

30%

35%

40%

Co

rpo

rate

car

d e

xpen

dit

ure

as

pe

rce

nta

ge o

f su

pp

lies

and

se

rvci

es

Departments

Processing costs for Shared Services

677,096

1,286,393

609,297

- 142,622 142,622

$-

$2

$4

$6

$8

$10

$12

$14

$16

$18

-

200,000

400,000

600,000

800,000

1,000,000

1,200,000

1,400,000

1,600,000

Current state Projected state

Pro

ce

ssin

g c

ost (M

illio

ns )

Nu

mb

er

of tr

an

sa

ctio

ns

Purchase-to-pay transactions more than or equal to $5 000

Purchase-to-pay transactions less than $5 000

Corporate card transactions

Projected Savings of $10.6m

Delivering services efficiently

Report to Parliament 8: 2012-13

Online Service Delivery

Mayus Nath

Director – IS Risk and Data Analytics

Introduction

• Strong and growing demand for online public

sector services

• Expectation on public sector to offer same speed

and responsiveness as private sector

– Efficient and cost effective service delivery

– Channel management for optimal mix with the

customer in mind

Audit objectives

• Are public sector online services available and

accessible?

• Does the public sector have technology

capability and is the information collected

through online services secure?

• Are online services cost-effective?

Agencies examined

1. Brisbane City Council (BCC)

2. Smart Service Queensland (SSQ), Department of

Science, Information Technology, Innovation and the Arts

(DSITIA)

3. Department of Transport and Main Roads

4. Department of Tourism, Major Events, Small Business

and the Commonwealth Games

5. Office of State Revenue, Queensland Treasury and Trade

• All other departments were surveyed to determine the

current level of services each offered online.

Conclusions

• Not meeting increasing customer expectations of

more online service options.

• Lack of strategic leadership, central coordination

and failure to update technology.

– Credit card holder data collected complies with security

standards, but less assurance that other personal

information collected is well protected.

• Most agencies do not record and manage the

cost of delivering services through specific

channels.

Findings

• Status of online service delivery was well short

of expectations

• Service delivery strategies across the public

sector not coordinated and aligned

• Technology capability not sufficient to support

growth of the online channel

• Security of non-financial personal information

not robust in two of the four departments audited

• Cost data not used to inform channel strategies

Recommendations

Service delivery options

1. DSITIA ensures the central channel strategy includes:

– aligning current service delivery options with customer needs,

service characteristics and central priorities

– increasing the number of services available online and moving

customers to the preferred channels

– a benefits realisation plan and migration plan for each

department

– performance indicators to measure the success of the online

channel for satisfying customer needs.

2. Each department develops and implements a channel

strategy consistent with the central strategy.

Recommendations

Technology capability and security of online services

3. All departments document the security design and use

this to identify and mitigate security risks of online

services.

4. All departments and BCC identify cost-effective

technology solutions to expand their online channel and

use authentication services for complex online services.

Recommendations

Cost-effectiveness of online services

5. All departments and BCC collect and use data on cost

and demand to optimise the mix of channels used for

services.

6. DSITIA reviews SSQ’s business model and costs to

ensure the benefits of using a service provider for

departments are realised.

Further information

For copies of Report 8: 2012-13 Online Service Delivery

please refer to: www.qao.qld.gov.au/report-8-:-2012-13

Delivering services efficiently

Themes from the

Auditor-General’s Report 8: 2012-13

Online Service Delivery

Andrew Spina, Deputy Director-General, Government ICT Division, DSITIA

QAO Client Session 28 Nov 2013

Session Topic

How the Government’s One-Stop

Shop program is addressing

some of the key themes in the

AG's Report 8 : 2012-13 Online

service delivery, and how the

agenda of delivering services

efficiently is being progressed.

Overview: Government’s One-Stop Shop The Queensland Government One-Stop Shop Plan 2013-18 provides the direction and future

roadmap for the Queensland Government’s service delivery approach. DSITIA is responsible

for its delivery. The Plan is supported by a program of activities to be rolled-out over the next

5+ years which will deliver visible customer improvements alongside efficiency and whole of

government capability building pieces.

One-Stop Shop

• Government have committed to focusing on online services through the One-Stop Shop program.

• We know that over 90 per cent of enquiries to Queensland Government are basic information

enquiries or simple transactions that customers want to deal with online or at the first point of

contact. Through the One-Stop Shop plan we will make this happen.

• At present there are multiple service delivery access points with inconsistent information – 146

department websites, hundreds of telephone numbers and 16 contact centres and over 300

counters. Through the One-Stop Shop plan we will address this. For the first time we have a full

list of services across government and how they are being delivered and we will use this to

baseline our success.

• We know that 42 per cent of people would prefer to access services online, but there are low

levels of information (40 per cent) and transactions (28 per cent) available online. We are going to

work with you to ramp up online access as a priority.

Our immediate focus

In the next year, our focus is on the availability of online services, while delivering improvements in phone services and

piloting regional service outlets.

One-Stop Shop Governance

The One-Stop Shop Cabinet Submission

outlined the governance structure,

proposed membership and

responsibilities to support the Director-

General (DSITIA), as the accountable

officer, in implementation of the program,

including:

• One-Stop Shop CEO Sponsoring

Group

• Program Board (with multi agency

participation)

• Online service delivery sub committee

& other Workstream/Initiative Boards

• Senior Responsible Officers in each

agency.

One-Stop Shop Projects Project Managers

Project Boards

Agency Senior Responsible Officers Program Director

Service Delivery Network

One-Stop Shop Program Board Executive Sponsors (DSITIA & DPC) Program Board - DDG level

Sponsoring Group DG, DSITIA (Accountable Officer)

CEO Sponsoring Group

How One-Stop Shop is addressing the

Auditor-General Report recommendations?

Recommendation 1:

Development of a Central Channel Strategy.

– A key feature of the One-Stop Shop Plan is a centre-led policy framework

which will provide a set of guidelines, standards and assessment

methodology to ensure a seamless customer experience.

– It will cover: channel strategy at whole-of-government and agency levels;

benefits management and realisation; agency service and channel migration

roadmaps; contestable service delivery models; collaboration and sharing of

tools and capabilities; and customer-centric design and continuous

improvement.

– All agencies will be responsible for ensuring their services are optimised and

co-ordinated in line with the One-Stop Shop policy framework and that

progress is delivered against the service and channel migration roadmap and

benefits are reported via a One-Stop Shop online dashboard.

Recommendation 1 (ii):

Increasing the number of services available online

and moving customers to the preferred channels

for each service.

– The One-Stop Shop seeks to deepen the service content available online

through www.qld.gov.au, and to ensure that information is available to answer

basic enquiries for all services by June 2014. Already agencies are moving

an increasing number of services online. Eg. The Business and Industry

Portal added an additional 153 business and industry services last financial

year and is continuing to grow.

– The One-Stop Shop is also seeking to add 200 new online transactions within

its first two years of implementation and includes an active campaign to

increase online customer migration and uptake.

– The One-Stop Shop Plan also includes piloting new channels such as social

media, mobile apps and click to chat.

Recommendation 2:

Each department develops and implements a channel

strategy consistent with the central strategy.

– Some government departments have already developed their own individual

channel strategies and will need to review these to ensure alignment with the

central channel strategy.

– DSITIA is working with most agencies to support service mapping and

channel migration roadmaps.

– Each agency will be required to have an agreed service and channel

migration roadmap in place by December 2013 to identify and prioritise future

service provision (with particular emphasis on online service opportunities)

which will inform an agency-specific channel strategy.

Recommendation 3:

It is recommended that all departments document the

security design and use this to identify and mitigate security

risks of online services.

– Implementation of this recommendation is undertaken by individual

departments.

– DSITIA commissioned an external security expert to audit the current

security design and practices for www.qld.gov.au and developed an

online security plan and implementation schedule for services.

Recommendation 4:

All departments identify cost-effective technology

solutions to expand their online channel and use

authentication services for complex online services.

– The One-Stop Shop plan includes a schedule of proposed cost-effective

technology solutions to drive online service delivery over the next three to five

years for all agencies to use.

– The One-Stop Shop Plan includes establishment of new whole-of-government

capabilities for customer authentication which will enable customers to apply

for services (ie licences) etc without having to repeatedly provide proof of

name and address. Once customers have registered they can use their

government account across all channels/services.

Recommendation 5:

All departments collect and use data on cost and

demand to optimise the mix of channels used for

services.

– The One-Stop Shop Policy Framework will include channel migration planning

and will be supported by a benefits management and realisation framework.

There will be a strong focus on sourcing and using data on costs and

demand.

Recommendation 6:

Smart Service Queensland's business model and costs

are reviewed to ensure the benefits of using a service

provider for departments are realised.

– Smart Service Queensland’s business model will be considered in the context

of the government’s One-Stop Shop Policy Framework and the government’s

contestable service delivery framework.

Agency Collaboration

• Each agency has nominated a Champion to work with DSITIA to

deliver the One-Stop Shop program.

• All agencies are encouraged to discuss any service issues and

service expansion requirements with us.

• CFO’s and CIO’s are encouraged to spend time with their agency

champion and the One-Stop Shop office to get an understanding of

this new service delivery opportunity.

Contact: Fiona Armstrong

Executive Director, One Stop Shop Strategy and Implementation Office

Fiona.armstrong@dsitia.qld.gov.au